Report #9638 cancel

  • Creation Date: March 13, 2020, 12:45 p.m.
  • Last Update: March 13, 2020, 5:58 p.m.
  • File: crrsr.exe
  • Results:
AVclass
delf
1
VirusTotal
md5
c91b282f2701b40eee8cef7836cb3777
sha1
4f0b5a85a22913bc2ecee6a1d29e5fe3ad63aed0
SCANS (DETECTION RATE = 65.67%)
AVG
result: Win32:Malware-gen
update: 20180323
version: 18.2.3827.0
detected: True check_circle

CMC
update: 20180323
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=89)
update: 20180323
version: 2017.11.15.1
detected: True check_circle

Bkav
update: 20180322
version: 1.3.0.9466
detected: False cancel

K7GW
result: Spyware ( 004aff661 )
update: 20180323
version: 10.42.26597
detected: True check_circle

ALYac
result: Gen:Variant.Delf.52
update: 20180323
version: 1.1.1.5
detected: True check_circle

Avast
result: Win32:Malware-gen
update: 20180323
version: 18.2.3827.0
detected: True check_circle

Avira
result: TR/Symmi.1997312
update: 20180323
version: 8.3.3.6
detected: True check_circle

Baidu
update: 20180323
version: 1.0.0.2
detected: False cancel

Cyren
result: W32/Trojan.UWXE-3896
update: 20180323
version: 5.4.30.7
detected: True check_circle

DrWeb
update: 20180323
version: 7.0.28.2020
detected: False cancel

GData
result: Gen:Variant.Delf.52
update: 20180323
version: A:25.16478B:25.11859
detected: True check_circle

Panda
result: Trj/CI.A
update: 20180323
version: 4.6.4.2
detected: True check_circle

VBA32
result: TrojanDownloader.Banload
update: 20180323
version: 3.12.28.0
detected: True check_circle

VIPRE
result: Trojan.Win32.Generic.pak!cobra
update: 20180323
version: 65472
detected: True check_circle

Zoner
update: 20180323
version: 1.0
detected: False cancel

AVware
result: Trojan.Win32.Generic.pak!cobra
update: 20180323
version: 1.5.0.42
detected: True check_circle

ClamAV
update: 20180323
version: 0.99.2.0
detected: False cancel

Comodo
result: .UnclassifiedMalware
update: 20180323
version: 28732
detected: True check_circle

F-Prot
update: 20180323
version: 4.7.1.166
detected: False cancel

Ikarus
result: Trojan-Spy.Agent
update: 20180323
version: 0.1.5.2
detected: True check_circle

McAfee
result: Artemis!C91B282F2701
update: 20180323
version: 6.0.6.653
detected: True check_circle

Rising
result: Malware.Undefined!8.C (TFE:5:rsbpHx739YN)
update: 20180323
version: 25.0.0.1
detected: True check_circle

Sophos
result: Mal/Generic-S
update: 20180323
version: 4.98.0
detected: True check_circle

Yandex
result: TrojanSpy.Delf!r0BSsyvPNJ4
update: 20180323
version: 5.5.1.3
detected: True check_circle

Zillya
update: 20180323
version: 2.0.0.3519
detected: False cancel

Arcabit
result: Trojan.Delf.52
update: 20180323
version: 1.0.0.831
detected: True check_circle

Cylance
result: Unsafe
update: 20180323
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (moderate confidence)
update: 20180316
version: 2.0.5
detected: True check_circle

Tencent
update: 20180323
version: 1.0.0.1
detected: False cancel

ViRobot
update: 20180323
version: 2014.3.20.0
detected: False cancel

eGambit
update: 20180323
version: v4.3.5
detected: False cancel

Ad-Aware
result: Gen:Variant.Delf.52
update: 20180323
version: 3.0.3.1010
detected: True check_circle

AegisLab
result: Troj.Downloader.W32.Banload!c
update: 20180323
version: 4.2
detected: True check_circle

Emsisoft
result: Gen:Variant.Delf.52 (B)
update: 20180323
version: 4.0.2.899
detected: True check_circle

F-Secure
update: 20180323
version: 11.0.19100.45
detected: False cancel

Fortinet
result: W32/Delf.PVR!tr.spy
update: 20180323
version: 5.4.247.0
detected: True check_circle

Invincea
update: 20180121
version: 6.3.4.26036
detected: False cancel

Jiangmin
update: 20180323
version: 16.0.100
detected: False cancel

Kingsoft
update: 20180323
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20180323
version: 1.0
detected: True check_circle

Symantec
result: Trojan.Gen.2
update: 20180323
version: 1.5.0.0
detected: True check_circle

nProtect
update: 20180323
version: 2018-03-23.02
detected: False cancel

AhnLab-V3
result: Trojan/Win32.Gen.C769136
update: 20180323
version: 3.12.0.20130
detected: True check_circle

Antiy-AVL
result: Trojan/Win32.TSGeneric
update: 20180323
version: 3.0.0.1
detected: True check_circle

Kaspersky
result: Trojan-Downloader.Win32.Banload.cwae
update: 20180323
version: 15.0.1.13
detected: True check_circle

Microsoft
result: TrojanDownloader:Win32/Banload
update: 20180323
version: 1.1.14600.4
detected: True check_circle

Qihoo-360
result: HEUR/QVM05.1.Malware.Gen
update: 20180323
version: 1.0.0.1120
detected: True check_circle

TheHacker
update: 20180319
version: 6.8.0.5.2551
detected: False cancel

ZoneAlarm
result: Trojan-Downloader.Win32.Banload.cwae
update: 20180323
version: 1.0
detected: True check_circle

Cybereason
result: malicious.f2701b
update: 20180225
version: 1.2.27
detected: True check_circle

ESET-NOD32
result: a variant of Win32/Spy.Delf.PTA
update: 20180323
version: 17106
detected: True check_circle

TrendMicro
result: TSPY_BANKER.YYRD
update: 20180323
version: 9.862.0.1074
detected: True check_circle

WhiteArmor
update: 20180223
detected: False cancel

BitDefender
result: Gen:Variant.Delf.52
update: 20180323
version: 7.2
detected: True check_circle

CrowdStrike
result: malicious_confidence_60% (W)
update: 20170201
version: 1.0
detected: True check_circle

K7AntiVirus
result: Spyware ( 004aff661 )
update: 20180323
version: 10.42.26598
detected: True check_circle

SentinelOne
update: 20180225
version: 1.0.15.206
detected: False cancel

Avast-Mobile
update: 20180323
version: 180323-04
detected: False cancel

Malwarebytes
update: 20180323
version: 2.1.1.1115
detected: False cancel

TotalDefense
update: 20180323
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
result: TrojanDownloader.Banload
update: 20180323
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Trojan.Win32.Delf.dhzizi
update: 20180323
version: 1.0.100.22043
detected: True check_circle

MicroWorld-eScan
result: Gen:Variant.Delf.52
update: 20180323
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20180323
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: Artemis!Trojan
update: 20180323
version: v2015
detected: True check_circle

TrendMicro-HouseCall
result: TSPY_BANKER.YYRD
update: 20180323
version: 9.950.0.1006
detected: True check_circle

total
67
sha256
e16d43b390dc615c2475350e2b211c87ca3c1f43f1a45ca9d863c347a909c4b6
scan_id
e16d43b390dc615c2475350e2b211c87ca3c1f43f1a45ca9d863c347a909c4b6-1521829527
resource
c91b282f2701b40eee8cef7836cb3777
positives
44
scan_date
2018-03-23 18:25:27
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll.Config
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\malware.exe.Local
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
13/3/2020 - 16:45:42.903Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
13/3/2020 - 16:45:42.903Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\malware.exe.Local
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-br_59b90943c4d9db88
13/3/2020 - 16:45:42.903Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-br_59b90943c4d9db88
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-br_59b90943c4d9db88
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-br_59b90943c4d9db88\comctl32.dll.mui
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\msado15.dll
13/3/2020 - 16:45:42.903Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\msado15.dll
13/3/2020 - 16:45:42.918Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\MSDART.DLL
13/3/2020 - 16:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\msdart.dll
13/3/2020 - 16:45:42.918Open1480C:\malware.exeC:\Windows\SysWOW64\msdart.dll
13/3/2020 - 16:45:42.934Open1480C:\malware.exeC:\Fwpuclnt.dll
13/3/2020 - 16:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
13/3/2020 - 16:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
13/3/2020 - 16:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\ole32.dll
13/3/2020 - 16:45:42.934Open1480C:\malware.exeC:\Windows\SysWOW64\ole32.dll
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:45:52.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\FileZilla\recentservers.xml
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\pstorec.dll
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Windows\SysWOW64\pstorec.dll
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Windows\SysWOW64\pstorec.dll
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\ATL.DLL
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Windows\SysWOW64\atl.dll
13/3/2020 - 16:45:52.934Open1480C:\malware.exeC:\Windows\SysWOW64\atl.dll
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\$Recycle.Bin
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\$Recycle.Bin
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\$Recycle.Bin
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\$Recycle.Bin
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\$Recycle.Bin\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\$Recycle.Bin\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\$Recycle.Bin\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\$Recycle.Bin\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Arquivos de Programas
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Arquivos de Programas
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Arquivos de Programas
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Arquivos de Programas
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Documents and Settings
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Documents and Settings
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Documents and Settings
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Documents and Settings
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files\DeletedFiles
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files\DeletedFiles
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files\Logs
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files\Logs
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Files\Logs
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Files\Logs
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Malware
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Malware
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\Malware
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\Malware
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\PerfLogs
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\PerfLogs
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\PerfLogs
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\PerfLogs
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\PerfLogs\Admin
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\PerfLogs\Admin
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\PerfLogs\Admin
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\PerfLogs\Admin
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Arquivos Comuns
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Arquivos Comuns
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Arquivos Comuns
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Arquivos Comuns
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ar-SA
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ar-SA
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ar-SA
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ar-SA
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\bg-BG
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\bg-BG
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\bg-BG
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\bg-BG
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\da-DK
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\da-DK
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\da-DK
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\da-DK
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\de-DE
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\de-DE
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\de-DE
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\de-DE
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\el-GR
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\el-GR
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\el-GR
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\el-GR
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Read1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\en-US
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\es-ES
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\es-ES
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\es-ES
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\es-ES
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\et-EE
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\et-EE
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\et-EE
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\et-EE
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fi-FI
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fi-FI
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fi-FI
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fi-FI
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fr-FR
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fr-FR
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fr-FR
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fr-FR
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad
13/3/2020 - 16:45:57.981Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.981Read1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.981Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\he-IL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\he-IL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\he-IL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\he-IL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hr-HR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hr-HR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hr-HR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hr-HR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hu-HU
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hu-HU
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hu-HU
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\hu-HU
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\it-IT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\it-IT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\it-IT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\it-IT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ja-JP
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ja-JP
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ja-JP
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ja-JP
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ko-KR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ko-KR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ko-KR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ko-KR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lt-LT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lt-LT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lt-LT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lt-LT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lv-LV
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lv-LV
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lv-LV
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\lv-LV
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nb-NO
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nb-NO
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nb-NO
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nb-NO
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nl-NL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nl-NL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nl-NL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\nl-NL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pl-PL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pl-PL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pl-PL
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pl-PL
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-BR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-BR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-BR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-BR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-PT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-PT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-PT
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\pt-PT
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ro-RO
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ro-RO
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ro-RO
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ro-RO
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ru-RU
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ru-RU
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ru-RU
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\ru-RU
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sk-SK
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sk-SK
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sk-SK
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sk-SK
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sl-SI
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sl-SI
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sl-SI
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sl-SI
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sv-SE
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sv-SE
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sv-SE
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\sv-SE
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\th-TH
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\th-TH
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\th-TH
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\th-TH
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\tr-TR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\tr-TR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\tr-TR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\tr-TR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\uk-UA
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\uk-UA
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\uk-UA
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\uk-UA
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-CN
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-CN
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-CN
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-CN
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-TW
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-TW
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-TW
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\ink\zh-TW
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\pt-BR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\pt-BR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\pt-BR
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\MSInfo\pt-BR
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Stationery
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv
13/3/2020 - 16:45:57.997Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv
13/3/2020 - 16:45:57.997Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\TextConv\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\Triedit\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\VGX
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\VGX
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\VGX
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Microsoft Shared\VGX
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Services
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Services
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Services
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\Services
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Sistema
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Sistema
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Sistema
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\Sistema
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Read1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\Common Files\System\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\Common Files\System\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\pt-BR
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\pt-BR
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl
13/3/2020 - 16:45:58.12Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.12Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Full
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Memories
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\OldAge
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Performance
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Pets
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Push
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Shatter
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Sports
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Stacking
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Travel
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Read1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Unknown1480C:\malware.exeC:\Program Files\DVD Maker\Shared\DvdStyles\Vignette
13/3/2020 - 16:45:58.28Open1480C:\malware.exeC:\Program Files\Internet Explorer
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Read1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\en-US
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\images
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\images
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\images
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\images
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Read1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\SIGNUP
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\SIGNUP
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Internet Explorer\SIGNUP
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\SIGNUP
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Chess
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Chess
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Chess
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Chess
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Chess\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Chess\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Chess\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Chess\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\FreeCell\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Hearts\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Mahjong\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Minesweeper\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\More Games
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\More Games
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\More Games
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\More Games
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\More Games\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\More Games\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\More Games\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\More Games\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Backgammon\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Checkers\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Multiplayer\Spades\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Purble Place\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\Solitaire\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire\pt-BR
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\Microsoft Games\SpiderSolitaire\pt-BR
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\MSBuild
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\MSBuild
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\MSBuild
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\MSBuild
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft
13/3/2020 - 16:45:58.43Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:58.43Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Read1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:58.122Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:58.122Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.122Read1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:58.184Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.184Read1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Uninstall Information
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Uninstall Information
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Uninstall Information
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Uninstall Information
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Defender
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Defender
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Defender
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Defender
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Defender\pt-BR
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Defender\pt-BR
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Defender\pt-BR
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Defender\pt-BR
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Journal
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Journal
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Journal
13/3/2020 - 16:45:58.231Unknown1480C:\malware.exeC:\Program Files\Windows Journal
13/3/2020 - 16:45:58.231Open1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.231Read1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.278Unknown1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.278Open1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.278Unknown1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.278Unknown1480C:\malware.exeC:\Program Files\Windows Journal\pt-BR
13/3/2020 - 16:45:58.278Open1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.278Read1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Journal\Templates
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Mail\pt-BR
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail\pt-BR
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Mail\pt-BR
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Mail\pt-BR
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Media Player
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Media Player
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Media Player
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Media Player
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Media Player\Icons
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Icons
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Media Player\Icons
13/3/2020 - 16:45:58.325Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Icons
13/3/2020 - 16:45:58.325Open1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.325Read1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.372Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.372Open1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.372Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.372Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Media Renderer
13/3/2020 - 16:45:58.372Open1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.372Read1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Network Sharing
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\Skins
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Skins
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\Skins
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Skins
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\Visualizations
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Visualizations
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Media Player\Visualizations
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Media Player\Visualizations
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories\en-US
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories\en-US
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories\en-US
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories\en-US
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Acessrios
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Acessrios
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Acessrios
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\Acessrios
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\TableTextService
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\TableTextService
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\TableTextService
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\TableTextService
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Portable Devices
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Portable Devices
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Portable Devices
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Portable Devices
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:58.418Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:58.418Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.418Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:58.465Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:58.465Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.465Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.512Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.559Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.606Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:45:58.653Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:45:58.653Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.653Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:45:58.700Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:45:58.700Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.700Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css
13/3/2020 - 16:45:58.747Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css
13/3/2020 - 16:45:58.747Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.747Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\pt-BR
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\pt-BR
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\pt-BR
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\pt-BR
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:45:58.793Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:45:58.793Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.793Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.840Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:45:58.887Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:45:58.887Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.887Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:45:58.934Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:45:58.934Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:58.934Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:58.981Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.28Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.75Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.122Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.168Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.215Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:45:59.262Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.262Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.309Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.309Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.309Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.309Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:45:59.309Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.309Read1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\pt-BR
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\pt-BR
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\pt-BR
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\pt-BR
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\DAO
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\DAO
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\DAO
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\DAO
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.0
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.0
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.0
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.0
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.7
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.7
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.7
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\1.7
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\en-US
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\en-US
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\en-US
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\en-US
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
13/3/2020 - 16:45:59.356Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
13/3/2020 - 16:45:59.356Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.356Read1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\ink\pt-BR
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\pt-BR
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\pt-BR
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\pt-BR
13/3/2020 - 16:45:59.403Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\MSInfo\pt-BR
13/3/2020 - 16:45:59.403Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.403Read1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Stationery
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\VGX
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\VGX
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\VGX
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\microsoft shared\VGX
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\Services
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\Services
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\Services
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\Services
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:59.450Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US
13/3/2020 - 16:45:59.450Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.450Read1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\ado\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Read1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\msadc\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\en-US
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\Ole DB\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Common Files\System\pt-BR
13/3/2020 - 16:45:59.497Unknown1480C:\malware.exeC:\Program Files (x86)\Common Files\System\pt-BR
13/3/2020 - 16:45:59.497Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
13/3/2020 - 16:45:59.559Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
13/3/2020 - 16:45:59.559Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
13/3/2020 - 16:45:59.559Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer
13/3/2020 - 16:45:59.559Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.559Read1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.606Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.606Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.606Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.606Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\en-US
13/3/2020 - 16:45:59.606Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.606Read1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\pt-BR
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\SIGNUP
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\SIGNUP
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\SIGNUP
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Internet Explorer\SIGNUP
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0
13/3/2020 - 16:45:59.653Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.653Read1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList
13/3/2020 - 16:45:59.700Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList
13/3/2020 - 16:45:59.700Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.700Read1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5
13/3/2020 - 16:45:59.747Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.747Read1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Uninstall Information
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Uninstall Information
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Uninstall Information
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Uninstall Information
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Defender
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Defender
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Defender
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Defender
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Defender\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Defender\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Defender\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Defender\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Mail\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Mail\pt-BR
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Mail\pt-BR
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Icons
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Icons
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Icons
13/3/2020 - 16:45:59.793Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Icons
13/3/2020 - 16:45:59.793Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.793Read1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Media Renderer
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Network Sharing
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Network Sharing
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Network Sharing
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Network Sharing
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Skins
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Skins
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Skins
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Skins
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Visualizations
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Visualizations
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Visualizations
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Media Player\Visualizations
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\en-US
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\en-US
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\en-US
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\en-US
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\Accessories\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows NT\TableTextService\en-US
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Photo Viewer\pt-BR
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Portable Devices
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Portable Devices
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Portable Devices
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Portable Devices
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:59.840Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget
13/3/2020 - 16:45:59.840Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.840Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\css
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\pt-BR\js
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:59.903Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget
13/3/2020 - 16:45:59.903Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:59.903Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:59.950Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:45:59.997Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.43Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\css
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\pt-BR\js
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:46:0.90Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget
13/3/2020 - 16:46:0.90Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.90Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\css
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\pt-BR\js
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:46:0.137Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget
13/3/2020 - 16:46:0.137Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.137Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\css
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\pt-BR\js
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:46:0.184Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget
13/3/2020 - 16:46:0.184Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.184Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.231Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\css
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\pt-BR\js
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:46:0.278Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget
13/3/2020 - 16:46:0.278Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.278Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\css
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\pt-BR\js
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:46:0.325Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget
13/3/2020 - 16:46:0.325Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.325Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.372Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.418Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.465Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.512Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.559Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.606Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images
13/3/2020 - 16:46:0.653Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.653Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.700Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.700Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.700Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.700Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI
13/3/2020 - 16:46:0.700Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.700Read1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\css
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\pt-BR\js
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\pt-BR
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\pt-BR
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\pt-BR
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\pt-BR
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\Program Files (x86)\Windows Sidebar\Shared Gadgets
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:0.747Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.747Read1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:0.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.793Read1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:0.840Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:0.840Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.840Read1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:0.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:0.887Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:0.934Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:0.934Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.934Read1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:0.981Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:0.981Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:0.981Read1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.28Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.28Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.28Read1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.75Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.122Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.122Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.122Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.122Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.168Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.168Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.168Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.168Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.215Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.215Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Recovery
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Recovery
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Recovery
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Recovery
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Recovery\cb520dab-4f12-11e8-9b22-525400842a13
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Recovery\cb520dab-4f12-11e8-9b22-525400842a13
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Recovery\cb520dab-4f12-11e8-9b22-525400842a13
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Recovery\cb520dab-4f12-11e8-9b22-525400842a13
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\System Volume Information
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\System Volume Information
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Users
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Users
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Users
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\Users
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Users\All Users
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\Users\All Users
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.231Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.231Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.309Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.325Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.325Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.340Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.418Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.434Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.434Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de impresso
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de impresso
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de impresso
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de impresso
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de rede
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de rede
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de rede
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\Ambiente de rede
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Histrico
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Histrico
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Histrico
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Histrico
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Credentials
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Credentials
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Credentials
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Credentials
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\Feeds para Brasil~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\Feeds para Brasil~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\Feeds para Brasil~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\Feeds para Brasil~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
13/3/2020 - 16:46:1.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
13/3/2020 - 16:46:1.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\842C0V69
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\842C0V69
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\842C0V69
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\842C0V69
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\H6RGS1PK
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\H6RGS1PK
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\H6RGS1PK
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\H6RGS1PK
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\NLW5N2H9
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\NLW5N2H9
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\NLW5N2H9
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\NLW5N2H9
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\PTCH1MQL
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\PTCH1MQL
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\PTCH1MQL
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds Cache\PTCH1MQL
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\GYWGN74Z
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\GYWGN74Z
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\GYWGN74Z
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\GYWGN74Z
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\UMO1MC3Q
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\UMO1MC3Q
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\UMO1MC3Q
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\UMO1MC3Q
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieSiteList
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieSiteList
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieSiteList
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieSiteList
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieUserList
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieUserList
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieUserList
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EmieUserList
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EUPP
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EUPP
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EUPP
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\EUPP
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\IECompatData
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\IECompatData
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\IECompatData
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\IECompatData
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-2845162440
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-2845162440
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-2845162440
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-2845162440
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin9728060290
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin9728060290
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin9728060290
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tiles\pin9728060290
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Media Player\Sync Playlists\pt-BR\000047B7
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\1046
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\1046
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\1046
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\1046
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache\B2419NGQ
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache\B2419NGQ
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache\B2419NGQ
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\AppCache\B2419NGQ
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn\Burn
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn\Burn
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn\Burn
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Burn\Burn
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Explorer
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Explorer
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Explorer
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Explorer
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018050320180504
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018050320180504
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018050320180504
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018050320180504
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ERC
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ERC
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ERC
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ERC
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup\new
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup\new
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup\new
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Backup\new
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Mail\Stationery
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Media\12.0
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar\Gadgets
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar\Gadgets
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar\Gadgets
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows Sidebar\Gadgets
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\Low
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\Low
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\WPDNSE
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\WPDNSE
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\WPDNSE
13/3/2020 - 16:46:1.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\WPDNSE
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\VirtualStore
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\VirtualStore
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\VirtualStore
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\VirtualStore
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\Internet Explorer\Services
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities\{5F13A065-9132-4C6F-A394-1C4D0DE64D1F}
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities\{5F13A065-9132-4C6F-A394-1C4D0DE64D1F}
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities\{5F13A065-9132-4C6F-A394-1C4D0DE64D1F}
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Identities\{5F13A065-9132-4C6F-A394-1C4D0DE64D1F}
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Credentials
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Credentials
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Credentials
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Credentials
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:46:1.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:46:1.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Protect\S-1-5-21-2148495166-3420019059-1286093062-1001
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IEDownloadHistory
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IEDownloadHistory
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IEDownloadHistory
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IEDownloadHistory
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Libraries
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Libraries
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Libraries
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Libraries
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Themes
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Themes
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Themes
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Themes
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Configuraes locais
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Configuraes locais
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Configuraes locais
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Configuraes locais
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Contacts
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Contacts
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Contacts
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Contacts
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Cookies
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Cookies
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Cookies
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Cookies
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Dados de aplicativos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Dados de aplicativos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Dados de aplicativos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Dados de aplicativos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Desktop
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Desktop
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Desktop
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Desktop
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Documents
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Documents
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Meus vdeos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Meus vdeos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Meus vdeos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Meus vdeos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas imagens
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas imagens
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas imagens
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas imagens
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas msicas
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas msicas
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas msicas
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Documents\Minhas msicas
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\DeletedFiles
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\DeletedFiles
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\DeletedFiles
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\DeletedFiles
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\Logs
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\Logs
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\Logs
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Files\Logs
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Malware
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Malware
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Malware
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\Malware
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Downloads\Monitor\Monitor\WindowsKernelCaptureDriver Package
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites\Links
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites\Links
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Favorites\Links for Brasil
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Links
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Links
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Links
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Links
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Menu Iniciar
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Menu Iniciar
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Menu Iniciar
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Menu Iniciar
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Meus documentos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Meus documentos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Meus documentos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Meus documentos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Modelos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Modelos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Modelos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Modelos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Music
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Music
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Music
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Music
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Pictures
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Pictures
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Pictures
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Pictures
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Recent
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Recent
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Recent
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Recent
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Saved Games
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Saved Games
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Saved Games
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Saved Games
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Searches
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Searches
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Searches
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Searches
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\SendTo
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\SendTo
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\SendTo
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\SendTo
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Videos
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Videos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Behemot\Videos
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Behemot\Videos
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Default
13/3/2020 - 16:46:1.590Unknown1480C:\malware.exeC:\Users\Default
13/3/2020 - 16:46:1.590Open1480C:\malware.exeC:\Users\Default
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de impresso
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de impresso
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de impresso
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de impresso
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de rede
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de rede
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de rede
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\Ambiente de rede
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Application Data
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Application Data
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Application Data
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Application Data
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Dados de aplicativos
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Histrico
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Histrico
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Histrico
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Histrico
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\History
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temp
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Temp
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temp
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Local\Temp
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Local\Temporary Internet Files
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Media Center Programs
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.606Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer
13/3/2020 - 16:46:1.606Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.606Read1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Application Data
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Application Data
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Application Data
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Application Data
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Configuraes locais
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Configuraes locais
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Configuraes locais
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Configuraes locais
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Cookies
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Dados de aplicativos
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Dados de aplicativos
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Dados de aplicativos
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Dados de aplicativos
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Desktop
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Desktop
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Desktop
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Desktop
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Meus vdeos
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Meus vdeos
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Meus vdeos
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Meus vdeos
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas imagens
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas imagens
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas imagens
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas imagens
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas msicas
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas msicas
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas msicas
13/3/2020 - 16:46:1.684Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.684Open1480C:\malware.exeC:\Users\Default\Documents\Minhas msicas
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Documents\My Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Downloads
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Downloads
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Downloads
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Downloads
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Favorites
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Favorites
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Favorites
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Favorites
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Links
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Links
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Links
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Links
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Local Settings
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Local Settings
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Local Settings
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Local Settings
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Menu Iniciar
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Menu Iniciar
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Menu Iniciar
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Menu Iniciar
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Meus documentos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Meus documentos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Meus documentos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Meus documentos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Modelos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Modelos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Modelos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Modelos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Music
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Music
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Music
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\My Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\My Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\My Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\My Documents
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\NetHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\NetHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\NetHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\NetHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Pictures
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Pictures
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Pictures
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\PrintHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\PrintHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\PrintHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\PrintHood
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Recent
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Recent
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Recent
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Recent
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Saved Games
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Saved Games
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Saved Games
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Saved Games
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\SendTo
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\SendTo
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\SendTo
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\SendTo
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Start Menu
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Start Menu
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Start Menu
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Start Menu
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Templates
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Templates
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Templates
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Templates
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Videos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default\Videos
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Default\Videos
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default User
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default User
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default User
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Default User
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Public
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Public
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Public
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Public
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Public\Desktop
13/3/2020 - 16:46:1.700Unknown1480C:\malware.exeC:\Users\Public\Desktop
13/3/2020 - 16:46:1.700Open1480C:\malware.exeC:\Users\Public\Desktop
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Meus vdeos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Meus vdeos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Meus vdeos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Meus vdeos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas imagens
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas imagens
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas imagens
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas imagens
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas msicas
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas msicas
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas msicas
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\Minhas msicas
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Documents\My Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Downloads
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Downloads
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Downloads
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Downloads
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Favorites
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Favorites
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Libraries
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Libraries
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Libraries
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Libraries
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Music\Sample Music
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Pictures\Sample Pictures
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Recorded TV
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Recorded TV
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Recorded TV
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Recorded TV
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Recorded TV\Sample Media
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Recorded TV\Sample Media
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Recorded TV\Sample Media
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Recorded TV\Sample Media
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Videos
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Videos
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Videos\Sample Videos
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Videos\Sample Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Public\Videos\Sample Videos
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\Users\Public\Videos\Sample Videos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Todos os Usurios
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\Users\Todos os Usurios
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.778Unknown1480C:\malware.exeC:\ProgramData
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Application Data
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Dados de aplicativos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Desktop
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documentos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Documents
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favorites
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.778Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Favoritos
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Menu Iniciar
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Assistance\Client\1.0\pt-BR_en-US
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\Keys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.793Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.793Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\pt-BR
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\pt-BR
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DeviceSync
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\DRM\Server
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\eHome\logs
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IdentityCRL
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\IlsCache
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Media Player
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\MF
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Connections
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Network\Downloader
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Outbound
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\PublishedData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\StateData
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\RAC\Temp
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.809Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.809Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\User Account Pictures\Default Pictures
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Vault
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\AIT
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Caches
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\DRM\Cache
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\GameExplorer
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.887Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.887Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Ringtones
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Manifest
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Sessions
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Sqm\Upload
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programas
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\Templates
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportArchive
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_17ef534f3f8c542d26cbacf2c3cc6157e70c6c8_cab_0564ae8f
13/3/2020 - 16:46:1.903Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d0c641ef89a8d207056286596bafe75f59844_cab_06c0a289
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_f41138ce89dcf347fa17318e894380b255473673_cab_07cca671
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\LocalCopy
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Quarantine
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Results
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows Defender\Support
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\ActivityLog
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\pt-BR
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\Queue
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.918Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.918Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\pt-BR
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\Windows NT\MSScan
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Microsoft\WwanSvc\Profiles
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Modelos
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Unknown1480C:\malware.exeC:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Start Menu
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\ProgramData\Templates
13/3/2020 - 16:46:1.997Open1480C:\malware.exeC:\Users\Usurio Padro
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Users\Usurio Padro
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Users\Usurio Padro
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Users\Usurio Padro
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\addins
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\addins
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\addins
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\addins
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppCompat
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppCompat
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppCompat
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppCompat
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppCompat\Programs
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppCompat\Programs
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppCompat\Programs
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppCompat\Programs
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\AppPatch64
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\AppPatch64
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\AppPatch64
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\AppPatch64
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\Custom
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\Custom
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\Custom
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\Custom
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\Custom\Custom64
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\Custom\Custom64
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\Custom\Custom64
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\Custom\Custom64
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\en-US
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\en-US
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\en-US
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\en-US
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\pt-BR
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\pt-BR
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\AppPatch\pt-BR
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\AppPatch\pt-BR
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35
13/3/2020 - 16:46:2.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35
13/3/2020 - 16:46:2.12Open1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.12Read1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.75Read1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Open1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32
13/3/2020 - 16:46:2.122Open1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.168Open1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.262Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.309Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.356Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.403Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.450Open1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib
13/3/2020 - 16:46:2.497Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib
13/3/2020 - 16:46:2.497Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.497Read1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.543Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.543Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.543Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.543Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.543Open1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.590Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.637Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.637Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.684Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.731Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper
13/3/2020 - 16:46:2.778Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper
13/3/2020 - 16:46:2.778Open1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate
13/3/2020 - 16:46:2.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate
13/3/2020 - 16:46:2.825Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop
13/3/2020 - 16:46:2.872Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop
13/3/2020 - 16:46:2.872Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.918Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources
13/3/2020 - 16:46:2.918Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink
13/3/2020 - 16:46:2.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink
13/3/2020 - 16:46:2.965Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop
13/3/2020 - 16:46:3.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop
13/3/2020 - 16:46:3.28Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg
13/3/2020 - 16:46:3.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg
13/3/2020 - 16:46:3.106Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop
13/3/2020 - 16:46:3.153Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop
13/3/2020 - 16:46:3.153Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:3.200Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc
13/3/2020 - 16:46:3.200Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild
13/3/2020 - 16:46:3.247Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild
13/3/2020 - 16:46:3.247Open1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.293Open1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.293Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib
13/3/2020 - 16:46:3.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib
13/3/2020 - 16:46:3.293Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib
13/3/2020 - 16:46:3.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib
13/3/2020 - 16:46:3.293Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.293Read1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.340Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.340Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.340Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.340Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.340Open1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt
13/3/2020 - 16:46:3.340Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt
13/3/2020 - 16:46:3.340Open1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt
13/3/2020 - 16:46:3.340Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt
13/3/2020 - 16:46:3.340Open1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.387Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.387Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:3.434Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink
13/3/2020 - 16:46:3.434Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data
13/3/2020 - 16:46:3.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data
13/3/2020 - 16:46:3.481Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices
13/3/2020 - 16:46:3.528Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices
13/3/2020 - 16:46:3.528Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions
13/3/2020 - 16:46:3.575Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions
13/3/2020 - 16:46:3.575Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.622Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:3.622Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.622Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.668Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.715Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.762Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.809Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.856Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.903Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.950Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:3.997Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.43Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.90Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.137Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.184Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.231Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.278Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.325Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.372Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.418Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.465Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.512Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.559Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.606Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.653Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.700Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.747Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.793Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.840Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.887Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.934Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:4.981Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:5.28Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:5.75Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:5.122Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:5.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:5.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:10.747Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:10.747Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:10.747Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL
13/3/2020 - 16:46:10.747Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:10.840Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.887Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.934Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic
13/3/2020 - 16:46:10.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:10.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.28Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.28Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.122Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.168Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_pt-BR_31bf3856ad364e35
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote
13/3/2020 - 16:46:11.262Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote
13/3/2020 - 16:46:11.262Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost
13/3/2020 - 16:46:11.309Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost
13/3/2020 - 16:46:11.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj
13/3/2020 - 16:46:11.356Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj
13/3/2020 - 16:46:11.356Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.403Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35
13/3/2020 - 16:46:11.403Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop
13/3/2020 - 16:46:11.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop
13/3/2020 - 16:46:11.403Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop
13/3/2020 - 16:46:11.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mcplayerinterop
13/3/2020 - 16:46:11.403Ope