Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
- "3:23:01,9684116","RDG Malware Detector.exe","1732","Process Start","","SUCCESS","Parent PID: 1656, Command line: ""C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe"" , Current directory: C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\, Environment: ; ALLUSERSPROFILE=C:\ProgramData; APPDATA=C:\Users\Administrador\AppData\Roaming; CommonProgramFiles=C:\Program Files\Common Files; CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files; CommonProgramW6432=C:\Program Files\Common Files; CommonStartMenu=C:\ProgramData\Microsoft\Windows\Start Menu; COMPUTERNAME=WIN-4GHA667EH3L; ComSpec=C:\Windows\system32\cmd.exe; Cursors=C:\Windows\Cursors; Downloads=C:\Users\Administrador\Downloads; Fonts=C:\Windows\Fonts; FP_NO_HOST_CHECK=NO; HOMEDRIVE=C:; HOMEPATH=\Users\Administrador; LOCALAPPDATA=C:\Users\Administrador\AppData\Local; LOGONSERVER=\\WIN-4GHA667EH3L; Media=C:\Windows\Media; NUMBER_OF_PROCESSORS=8; OS=Windows_NT; Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Prio; PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC; PROCESSOR_ARCHITECTURE=AMD64; PROCESSOR_IDENTIFIER=AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD; PROCESSOR_LEVEL=21; PROCESSOR_REVISION=0200; ProgramData=C:\ProgramData; ProgramFiles=C:\Program Files; ProgramFiles(x86)=C:\Program Files (x86); ProgramW6432=C:\Program Files; PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\; PUBLIC=C:\Users\Public; RecycleBin=C:\$Recycle.Bin\S-1-5-21-1639376891-3163970478-3182841167-1000; Resources=C:\Windows\Resources; SendTo=C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo; SESSIONNAME=Console; StartMenu=C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu; System32=C:\Windows\System32; SystemDrive=C:; SystemRoot=C:\Windows; SysWOW64=C:\Windows\SysWOW64; TEMP=C:\Users\ADMINI~1\AppData\Local\Temp; Themes=C:\Windows\Resources\Themes; TMP=C:\Users\ADMINI~1\AppData\Local\Temp; USERDOMAIN=WIN-4GHA667EH3L; USERNAME=Administrador; USERPROFILE=C:\Users\Administrador; Walls=C:\Windows\Web\Wallpaper; windir=C:\Windows; windows_tracing_flags=3; windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log; WinSXS=C:\Windows\WinSXS"
- "3:23:01,9684239","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1948"
- "3:23:02,0196352","RDG Malware Detector.exe","1732","Load Image","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","Image Base: 0x1100000, Image Size: 0x152000"
- "3:23:02,0197881","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\ntdll.dll","SUCCESS","Image Base: 0x77860000, Image Size: 0x1a9000"
- "3:23:02,0199082","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ntdll.dll","SUCCESS","Image Base: 0x77a40000, Image Size: 0x180000"
- "3:23:02,0199935","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
- "3:23:02,0200265","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableUserModeCallbackFilter","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0200837","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Read"
- "3:23:02,0201118","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Read"
- "3:23:02,0201360","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\CWDIllegalInDLLSearch","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0201583","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS",""
- "3:23:02,0203996","RDG Malware Detector.exe","1732","CreateFile","C:\Windows","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0205725","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0206870","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
- "3:23:02,0207070","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64.dll","SUCCESS",""
- "3:23:02,0208261","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0209185","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0209962","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0212598","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64.dll","SUCCESS","Image Base: 0x75540000, Image Size: 0x3f000"
- "3:23:02,0212837","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64.dll","SUCCESS",""
- "3:23:02,0215066","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64win.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0215953","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64win.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
- "3:23:02,0216156","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64win.dll","SUCCESS",""
- "3:23:02,0217235","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64win.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0218024","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64win.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0218844","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64win.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0220536","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64win.dll","SUCCESS","Image Base: 0x754e0000, Image Size: 0x5c000"
- "3:23:02,0220744","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64win.dll","SUCCESS",""
- "3:23:02,0222772","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0223664","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
- "3:23:02,0223834","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64cpu.dll","SUCCESS",""
- "3:23:02,0228107","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0228948","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64cpu.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0229645","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64cpu.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0232552","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64cpu.dll","SUCCESS","Image Base: 0x754d0000, Image Size: 0x8000"
- "3:23:02,0232857","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64cpu.dll","SUCCESS",""
- "3:23:02,0234108","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\WOW64","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0236086","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64log.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0238232","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x77740000, Image Size: 0x11f000"
- "3:23:02,0241434","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x77130000, Image Size: 0x110000"
- "3:23:02,0244184","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x77740000, Image Size: 0x11f000"
- "3:23:02,0245567","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\user32.dll","SUCCESS","Image Base: 0x77640000, Image Size: 0xfa000"
- "3:23:02,0246698","RDG Malware Detector.exe","1732","CreateFile","C:\Windows","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0247026","RDG Malware Detector.exe","1732","QueryNameInformationFile","C:\Windows","SUCCESS","Name: \Windows"
- "3:23:02,0247212","RDG Malware Detector.exe","1732","CloseFile","C:\Windows","SUCCESS",""
- "3:23:02,0248501","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
- "3:23:02,0248852","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
- "3:23:02,0249037","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0249235","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableUserModeCallbackFilter","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0249426","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Read"
- "3:23:02,0249809","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Read"
- "3:23:02,0250014","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0250142","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\CWDIllegalInDLLSearch","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0250322","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS",""
- "3:23:02,0252901","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0255389","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x77130000, Image Size: 0x110000"
- "3:23:02,0257362","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Image Base: 0x76800000, Image Size: 0x46000"
- "3:23:02,0263331","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","REPARSE","Desired Access: Read"
- "3:23:02,0263530","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
- "3:23:02,0263728","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0263855","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","NAME NOT FOUND","Length: 548"
- "3:23:02,0264014","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0264180","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
- "3:23:02,0264467","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE","Desired Access: Query Value, Set Value"
- "3:23:02,0264670","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND","Desired Access: Query Value, Set Value"
- "3:23:02,0264865","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","REPARSE","Desired Access: Read"
- "3:23:02,0265032","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0265286","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers","REPARSE","Desired Access: Query Value"
- "3:23:02,0265554","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers","SUCCESS","Desired Access: Query Value"
- "3:23:02,0265739","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0265887","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled","NAME NOT FOUND","Length: 80"
- "3:23:02,0266046","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS",""
- "3:23:02,0266316","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0268587","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\MSVBVM60.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0270797","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0271597","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","CreationTime: 10/06/2009 23:38:03, LastAccessTime: 10/06/2009 23:38:03, LastWriteTime: 14/07/2009 3:15:50, ChangeTime: 12/05/2014 1:07:50, FileAttributes: A"
- "3:23:02,0271753","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
- "3:23:02,0272921","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0273801","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0275144","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0277272","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Image Base: 0x72940000, Image Size: 0x153000"
- "3:23:02,0277485","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
- "3:23:02,0279948","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\user32.dll","SUCCESS","Image Base: 0x77370000, Image Size: 0x100000"
- "3:23:02,0282406","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\gdi32.dll","SUCCESS","Image Base: 0x76920000, Image Size: 0x90000"
- "3:23:02,0284833","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\lpk.dll","SUCCESS","Image Base: 0x76910000, Image Size: 0xa000"
- "3:23:02,0287283","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\usp10.dll","SUCCESS","Image Base: 0x76760000, Image Size: 0x9d000"
- "3:23:02,0288862","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvcrt.dll","SUCCESS","Image Base: 0x75650000, Image Size: 0xac000"
- "3:23:02,0296220","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\advapi32.dll","SUCCESS","Image Base: 0x76360000, Image Size: 0xa0000"
- "3:23:02,0298915","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0299764","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","CreationTime: 14/07/2009 1:11:59, LastAccessTime: 14/07/2009 1:11:59, LastWriteTime: 14/07/2009 3:16:13, ChangeTime: 12/05/2014 1:08:15, FileAttributes: A"
- "3:23:02,0299944","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS",""
- "3:23:02,0301414","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0302644","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sechost.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0303365","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sechost.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0304957","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Image Base: 0x770b0000, Image Size: 0x19000"
- "3:23:02,0305200","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS",""
- "3:23:02,0307407","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\rpcrt4.dll","SUCCESS","Image Base: 0x77280000, Image Size: 0xf0000"
- "3:23:02,0309509","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sspicli.dll","SUCCESS","Image Base: 0x755a0000, Image Size: 0x60000"
- "3:23:02,0312312","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\cryptbase.dll","SUCCESS","Image Base: 0x75590000, Image Size: 0xc000"
- "3:23:02,0317398","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Image Base: 0x769b0000, Image Size: 0x15c000"
- "3:23:02,0320713","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","Image Base: 0x76870000, Image Size: 0x8f000"
- "3:23:02,0323575","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","REPARSE","Desired Access: Read"
- "3:23:02,0323845","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","Desired Access: Read"
- "3:23:02,0324093","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0324245","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\(Default)","SUCCESS","Type: REG_SZ, Length: 36, Data: 00060101.00060101"
- "3:23:02,0325335","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value"
- "3:23:02,0325524","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value"
- "3:23:02,0325760","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0325900","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\SafeDllSearchMode","NAME NOT FOUND","Length: 16"
- "3:23:02,0326813","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","REPARSE","Desired Access: Read"
- "3:23:02,0326989","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
- "3:23:02,0327186","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0327363","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","NAME NOT FOUND","Length: 548"
- "3:23:02,0327521","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0327694","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
- "3:23:02,0327971","RDG Malware Detector.exe","1732","RegOpenKey","HKLM","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0328476","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0328693","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Diagnostics","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0334361","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0335175","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
- "3:23:02,0335337","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0337805","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0338727","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0338985","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","AllocationSize: 122.880, EndOfFile: 119.808, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0339345","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0339909","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0344667","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0345531","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
- "3:23:02,0345740","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0346750","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0347664","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0348003","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","AllocationSize: 122.880, EndOfFile: 119.808, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0348336","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0348859","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0351220","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0352095","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
- "3:23:02,0352265","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0353428","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0354187","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0354972","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0356914","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Image Base: 0x76700000, Image Size: 0x60000"
- "3:23:02,0357259","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
- "3:23:02,0359461","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msctf.dll","SUCCESS","Image Base: 0x76600000, Image Size: 0xcc000"
- "3:23:02,0361603","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Query: HandleTags, HandleTags: 0x400"
- "3:23:02,0361808","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
- "3:23:02,0362025","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\UseFilter","NAME NOT FOUND","Length: 544"
- "3:23:02,0362185","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\MSVBVM60.DLL","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0362460","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","REPARSE","Desired Access: Read"
- "3:23:02,0362736","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","Desired Access: Read"
- "3:23:02,0362914","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0363045","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles","NAME NOT FOUND","Length: 20"
- "3:23:02,0363260","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
- "3:23:02,0364139","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS","Desired Access: Read"
- "3:23:02,0364461","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32\RDG Malware Detector","NAME NOT FOUND","Length: 172"
- "3:23:02,0364688","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS",""
- "3:23:02,0364920","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IME Compatibility","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0366694","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\System32\wow64win.dll","SUCCESS","Offset: 338.944, Length: 15.360, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal"
- "3:23:02,0509992","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Query Value"
- "3:23:02,0510330","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Query Value"
- "3:23:02,0510817","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0511010","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
- "3:23:02,0511265","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
- "3:23:02,0511840","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","REPARSE","Desired Access: Read"
- "3:23:02,0512053","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","SUCCESS","Desired Access: Read"
- "3:23:02,0512356","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0512571","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language\InstallLanguageFallback","NAME NOT FOUND","Length: 16"
- "3:23:02,0512878","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS",""
- "3:23:02,0513103","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","REPARSE","Desired Access: Read"
- "3:23:02,0513323","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Desired Access: Read"
- "3:23:02,0513579","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0513754","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Index: 0, Name: es-ES"
- "3:23:02,0513975","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Query: HandleTags, HandleTags: 0x400"
- "3:23:02,0514218","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES","SUCCESS","Desired Access: Read"
- "3:23:02,0514472","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES\Type","SUCCESS","Type: REG_DWORD, Length: 4, Data: 145"
- "3:23:02,0514819","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES\AlternateCodePage","NAME NOT FOUND","Length: 12"
- "3:23:02,0515041","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES","SUCCESS",""
- "3:23:02,0515232","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","NO MORE ENTRIES","Index: 1, Length: 512"
- "3:23:02,0515449","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS",""
- "3:23:02,0515697","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","REPARSE","Desired Access: Read"
- "3:23:02,0515921","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0516155","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
- "3:23:02,0516390","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0516697","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0516939","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0517246","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached\MachineLanguageConfiguration","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0517585","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","REPARSE","Desired Access: Read"
- "3:23:02,0517823","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","Desired Access: Read"
- "3:23:02,0518108","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0518297","RDG Malware Detector.exe","1732","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
- "3:23:02,0518490","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS",""
- "3:23:02,0518760","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,0518982","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
- "3:23:02,0519219","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0519484","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0519702","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0519913","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0520134","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0520746","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","Desired Access: Read"
- "3:23:02,0521038","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0521205","RDG Malware Detector.exe","1732","RegEnumValue","HKCU\Control Panel\Desktop\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
- "3:23:02,0522424","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS",""
- "3:23:02,0522859","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,0523235","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
- "3:23:02,0523507","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0523866","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0524135","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0524356","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0524572","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0524778","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop","SUCCESS","Desired Access: Read"
- "3:23:02,0525022","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0525200","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\PreferredUILanguages","NAME NOT FOUND","Length: 12"
- "3:23:02,0525442","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop","SUCCESS",""
- "3:23:02,0525665","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,0525879","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
- "3:23:02,0526096","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0526382","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0526667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0526914","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","Desired Access: Read"
- "3:23:02,0527153","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0527322","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","BUFFER OVERFLOW","Length: 12"
- "3:23:02,0527500","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","SUCCESS","Type: REG_MULTI_SZ, Length: 12, Data: es-ES"
- "3:23:02,0527755","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS",""
- "3:23:02,0527952","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,0529684","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0530128","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","Desired Access: Read"
- "3:23:02,0530755","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0530989","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
- "3:23:02,0531229","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\RequireSignedAppInit_DLLs","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0531421","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs","SUCCESS","Type: REG_SZ, Length: 22, Data: prio32.dll"
- "3:23:02,0533379","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0537458","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0540187","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\system\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0542250","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0544091","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0545533","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0546953","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0549976","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\wbem\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0554290","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\WindowsPowerShell\v1.0\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0556617","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files\Prio\prio32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0556898","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files\Prio\prio32.dll","SUCCESS","CreationTime: 08/11/2012 21:29:36, LastAccessTime: 21/10/2014 14:46:27, LastWriteTime: 08/11/2012 21:29:36, ChangeTime: 21/10/2014 14:46:27, FileAttributes: ACNCI"
- "3:23:02,0557095","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files\Prio\prio32.dll","SUCCESS",""
- "3:23:02,0558533","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files\Prio\prio32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0558815","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files\Prio\prio32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0559612","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files\Prio\prio32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0563137","RDG Malware Detector.exe","1732","Load Image","C:\Program Files\Prio\prio32.dll","SUCCESS","Image Base: 0x10000000, Image Size: 0x6000"
- "3:23:02,0563391","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files\Prio\prio32.dll","SUCCESS",""
- "3:23:02,0564225","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\prio32.dll","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0565679","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
- "3:23:02,0565932","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
- "3:23:02,0566148","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0566329","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\es-ES","NAME NOT FOUND","Length: 532"
- "3:23:02,0566553","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
- "3:23:02,0566777","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
- "3:23:02,0566982","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
- "3:23:02,0567223","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0567391","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-ES","NAME NOT FOUND","Length: 532"
- "3:23:02,0567578","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
- "3:23:02,0569411","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0569752","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0569932","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","AllocationSize: 2.945.024, EndOfFile: 2.944.004, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0570351","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0570990","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS",""
- "3:23:02,0573111","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0573969","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0575234","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0575601","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0575827","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0576090","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0576579","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0576834","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0578169","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0578457","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0578641","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0578907","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0579278","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0579477","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0580578","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0580941","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0581170","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0581399","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0581694","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0581898","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0583144","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0583446","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0583645","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0585317","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0585632","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0585837","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0586994","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0587333","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0587534","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0587766","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0588080","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0588294","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0589535","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0589830","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0590022","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0590269","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0590782","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0591052","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0592615","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0592926","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0593142","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0593381","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0593975","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0594190","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0595395","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0595685","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0595861","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0596177","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0596769","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0596978","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0598205","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0598501","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0598704","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0598940","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0599259","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0599460","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0601074","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0601378","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0601585","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0601823","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0602119","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0602325","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0603482","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0603790","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0603984","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0604253","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0604582","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0604815","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0605976","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0606439","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0606668","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0606898","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0607221","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0607472","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0608663","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0608947","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0609125","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0609359","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
- "3:23:02,0609676","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0609914","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
- "3:23:02,0611549","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0611854","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0612040","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0612272","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
- "3:23:02,0612557","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0612804","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
- "3:23:02,0613387","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
- "3:23:02,0613952","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0614159","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLE","REPARSE","Desired Access: Read"
- "3:23:02,0614605","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","Desired Access: Read"
- "3:23:02,0615025","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0615213","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\PageAllocatorUseSystemHeap","NAME NOT FOUND","Length: 144"
- "3:23:02,0615430","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
- "3:23:02,0615590","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0615767","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLE","SUCCESS","Desired Access: Read"
- "3:23:02,0615946","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0616099","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\PageAllocatorSystemHeapIsPrivate","NAME NOT FOUND","Length: 144"
- "3:23:02,0616255","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
- "3:23:02,0616573","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0616746","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\OLE\Tracing","REPARSE","Desired Access: Read"
- "3:23:02,0616933","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\OLE\Tracing","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0617845","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0618020","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLEAUT","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0618336","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0618548","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLEAUT","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0622593","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","REPARSE","Desired Access: Read"
- "3:23:02,0622775","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS","Desired Access: Read"
- "3:23:02,0622957","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0623128","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","REPARSE","Desired Access: Read"
- "3:23:02,0623295","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS","Desired Access: Read"
- "3:23:02,0623486","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0623655","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","REPARSE","Desired Access: Read"
- "3:23:02,0623859","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS","Desired Access: Read"
- "3:23:02,0624052","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0624191","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Locale\00000C0A","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
- "3:23:02,0624400","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language Groups\1","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
- "3:23:02,0627557","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\VB6ES.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0628039","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS","Desired Access: Query Value"
- "3:23:02,0628321","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0628454","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
- "3:23:02,0628619","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS",""
- "3:23:02,0628916","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
- "3:23:02,0629090","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
- "3:23:02,0629259","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0629445","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\en-US","NAME NOT FOUND","Length: 532"
- "3:23:02,0629605","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
- "3:23:02,0629781","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
- "3:23:02,0629949","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
- "3:23:02,0630126","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0630259","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-US","NAME NOT FOUND","Length: 532"
- "3:23:02,0630410","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
- "3:23:02,0633692","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rpcss.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0636564","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rpcss.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0640017","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\System32\wow64win.dll","SUCCESS","Offset: 330.752, Length: 8.192, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal"
- "3:23:02,0674663","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0675166","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","CreationTime: 21/10/2014 14:45:28, LastAccessTime: 21/10/2014 14:47:21, LastWriteTime: 02/09/2007 14:57:36, ChangeTime: 21/10/2014 14:47:21, FileAttributes: ACNCI"
- "3:23:02,0675441","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
- "3:23:02,0676896","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0677228","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files (x86)\RocketDock\RocketDock.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0678081","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0679124","RDG Malware Detector.exe","1732","Load Image","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Image Base: 0x2b0000, Image Size: 0x12000"
- "3:23:02,0680555","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
- "3:23:02,0681606","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0682931","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0683295","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","CreationTime: 21/10/2014 14:45:28, LastAccessTime: 21/10/2014 14:47:21, LastWriteTime: 02/09/2007 14:57:36, ChangeTime: 21/10/2014 14:47:21, FileAttributes: ACNCI"
- "3:23:02,0685956","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
- "3:23:02,0688462","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\psapi.dll","SUCCESS","Image Base: 0x76900000, Image Size: 0x5000"
- "3:23:02,0689021","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\RocketDock.dll","NAME NOT FOUND","Length: 1.024"
- "3:23:02,0695010","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\SafeProcessSearchMode","NAME NOT FOUND","Length: 16"
- "3:23:02,0696858","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe.cfg","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0698686","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SXS.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0702504","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0703731","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","CreationTime: 21/11/2010 5:24:16, LastAccessTime: 21/11/2010 5:24:16, LastWriteTime: 21/11/2010 5:24:16, ChangeTime: 12/05/2014 1:08:17, FileAttributes: A"
- "3:23:02,0703918","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS",""
- "3:23:02,0704954","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0705688","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sxs.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0707301","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sxs.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0709929","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Image Base: 0x75420000, Image Size: 0x5f000"
- "3:23:02,0710172","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS",""
- "3:23:02,0719395","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Codepage","REPARSE","Desired Access: Read"
- "3:23:02,0719881","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Codepage","SUCCESS","Desired Access: Read"
- "3:23:02,0720190","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CodePage","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0720334","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\932","SUCCESS","Type: REG_SZ, Length: 20, Data: c_932.nls"
- "3:23:02,0722382","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_932.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0724111","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_932.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
- "3:23:02,0724333","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_932.NLS","SUCCESS",""
- "3:23:02,0724765","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\949","SUCCESS","Type: REG_SZ, Length: 20, Data: c_949.nls"
- "3:23:02,0726217","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_949.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0727961","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_949.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
- "3:23:02,0728151","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_949.NLS","SUCCESS",""
- "3:23:02,0728711","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\950","SUCCESS","Type: REG_SZ, Length: 20, Data: c_950.nls"
- "3:23:02,0730480","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_950.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0731825","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_950.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
- "3:23:02,0732025","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_950.NLS","SUCCESS",""
- "3:23:02,0732673","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\936","SUCCESS","Type: REG_SZ, Length: 20, Data: c_936.nls"
- "3:23:02,0734078","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_936.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0735532","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_936.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
- "3:23:02,0735689","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_936.NLS","SUCCESS",""
- "3:23:02,0736348","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0736537","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\VBA\Monitors","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0750417","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0750685","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0751318","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0751524","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\COM3","SUCCESS","Desired Access: Read"
- "3:23:02,0751725","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\COM3","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0751870","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\COM3\Com+Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
- "3:23:02,0752049","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\COM3","SUCCESS",""
- "3:23:02,0753979","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\clbcatq.dll","SUCCESS","Image Base: 0x76e70000, Image Size: 0x83000"
- "3:23:02,0755230","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0755388","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0755544","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0755752","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0755984","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0756302","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0756676","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0756893","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0757313","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0757646","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0757834","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\OLE","SUCCESS","Desired Access: Read"
- "3:23:02,0758030","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0758160","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\MaxSxSHashCount","NAME NOT FOUND","Length: 144"
- "3:23:02,0758318","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
- "3:23:02,0758584","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0758744","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0758890","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0759046","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0759197","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0759366","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0759520","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0759677","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0759853","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0760048","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0760231","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0760622","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0760796","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0761147","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0761371","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0761621","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0761832","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0761982","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0762133","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0762300","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0762607","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0762767","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0762913","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0763063","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0763216","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0763567","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0763729","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0763884","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0764065","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0764265","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0764439","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0764608","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0764745","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0764883","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0765059","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0765256","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0765629","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0765789","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0765942","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0766119","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0766626","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0766789","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0766933","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0767089","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0767239","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0767409","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0767561","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0767714","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0767901","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0768104","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0768277","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0768437","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0768575","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0768715","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0768933","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0769139","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0769587","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0769756","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0769912","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0770082","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0770827","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0771017","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0771189","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0771357","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0771533","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0771711","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0772042","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0772290","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0772539","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0772776","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0772986","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0773189","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0773343","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0773485","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0773661","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0773855","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0774233","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0774396","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0774546","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0774722","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0775226","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0775392","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0775534","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0775714","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0775870","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0776042","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0776196","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0776361","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0776690","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0776967","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0777273","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0777477","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0777619","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0777762","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0777942","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0778168","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0778822","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0779004","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0779258","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0779539","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0780279","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0780782","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0780962","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0781135","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0781287","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0781463","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0781652","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0781811","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0781991","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0782406","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0782612","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0782792","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0782938","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0783092","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0783284","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0783495","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0783888","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0784048","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0784196","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0784405","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0784941","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0785109","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0785264","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0785447","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0785637","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0785850","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0786044","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0786225","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0786604","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0786821","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0787010","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0787177","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0787316","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0787460","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0787638","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0787828","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0788251","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0788414","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0788564","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0788769","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0789299","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0789485","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0789639","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0789839","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0790006","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0790197","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0790559","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0790744","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0790925","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0791122","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0791297","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0791580","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0791753","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\VBA\Monitors","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0794464","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0794655","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Rpc","REPARSE","Desired Access: Read"
- "3:23:02,0794918","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS","Desired Access: Read"
- "3:23:02,0795321","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0795499","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize","NAME NOT FOUND","Length: 144"
- "3:23:02,0795672","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS",""
- "3:23:02,0796091","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","REPARSE","Desired Access: Read"
- "3:23:02,0796291","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS","Desired Access: Read"
- "3:23:02,0796542","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0796689","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName","SUCCESS","Type: REG_SZ, Length: 32, Data: WIN-4GHA667EH3L"
- "3:23:02,0796890","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS",""
- "3:23:02,0797081","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\Setup","SUCCESS","Desired Access: Read"
- "3:23:02,0797619","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SYSTEM\Setup","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0797757","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SYSTEM\Setup\OOBEInProgress","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0797970","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SYSTEM\Setup","SUCCESS",""
- "3:23:02,0798147","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\Setup","SUCCESS","Desired Access: Read"
- "3:23:02,0798310","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SYSTEM\Setup","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0798441","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SYSTEM\Setup\SystemSetupInProgress","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0798600","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SYSTEM\Setup","SUCCESS",""
- "3:23:02,0798766","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0798938","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\Windows NT\Rpc","REPARSE","Desired Access: Read"
- "3:23:02,0799166","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Rpc","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0799509","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Policies\Microsoft\SQMClient\Windows","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0799702","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows","SUCCESS","Desired Access: Read"
- "3:23:02,0799888","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0800021","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable","NAME NOT FOUND","Length: 20"
- "3:23:02,0800197","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows","SUCCESS",""
- "3:23:02,0806832","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1492"
- "3:23:02,0809625","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0809917","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,0810084","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0810290","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,0810800","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,0811221","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,0813142","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\VB6ES.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0816629","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\CRYPTSP.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,0818046","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0818770","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","CreationTime: 14/07/2009 1:37:21, LastAccessTime: 14/07/2009 1:37:21, LastWriteTime: 14/07/2009 3:15:07, ChangeTime: 12/05/2014 1:07:31, FileAttributes: A"
- "3:23:02,0818969","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS",""
- "3:23:02,0819889","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0820664","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\cryptsp.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0821500","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0823877","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Image Base: 0x751e0000, Image Size: 0x16000"
- "3:23:02,0824120","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS",""
- "3:23:02,0825273","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0825487","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS","Desired Access: Read"
- "3:23:02,0825805","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0825961","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Type","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
- "3:23:02,0826116","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
- "3:23:02,0826267","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
- "3:23:02,0826456","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
- "3:23:02,0826604","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
- "3:23:02,0828126","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0828810","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0828976","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0829880","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0830640","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0830800","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0831379","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0831861","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0833413","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0834065","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0834222","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0835094","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0835799","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0835936","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0836230","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0836668","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0838185","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0838826","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0838980","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0839849","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0840559","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0840693","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0841159","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0841655","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0843195","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0843848","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0844002","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0844880","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0845587","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0845724","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0846016","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0846454","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0848272","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0848965","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0849132","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0850093","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0850932","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0851109","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0851245","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,0851541","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0888313","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0889942","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0890652","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
- "3:23:02,0890809","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0891867","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0892554","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0893223","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0895579","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Image Base: 0x751a0000, Image Size: 0x3b000"
- "3:23:02,0895828","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
- "3:23:02,0896821","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","REPARSE","Desired Access: Query Value"
- "3:23:02,0897026","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","Desired Access: Query Value"
- "3:23:02,0897228","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0897365","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,0897550","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","REPARSE","Desired Access: Query Value"
- "3:23:02,0897724","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","Desired Access: Query Value"
- "3:23:02,0897898","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0898032","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","NAME NOT FOUND","Length: 20"
- "3:23:02,0898217","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS",""
- "3:23:02,0898371","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS",""
- "3:23:02,0898551","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","REPARSE","Desired Access: Query Value"
- "3:23:02,0898728","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0899038","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0899193","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Policies\Microsoft\Cryptography","SUCCESS","Desired Access: Read"
- "3:23:02,0899428","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Cryptography","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0899569","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCacheMaxItems","NAME NOT FOUND","Length: 144"
- "3:23:02,0899718","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCachePurgeIntervalSeconds","NAME NOT FOUND","Length: 144"
- "3:23:02,0899861","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivateKeyLifetimeSeconds","NAME NOT FOUND","Length: 144"
- "3:23:02,0900019","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Cryptography","SUCCESS",""
- "3:23:02,0900174","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0900414","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\Cryptography","SUCCESS","Desired Access: Read"
- "3:23:02,0900585","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Cryptography","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0900717","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
- "3:23:02,0901195","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
- "3:23:02,0901388","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
- "3:23:02,0901552","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
- "3:23:02,0901793","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Cryptography","SUCCESS",""
- "3:23:02,0901962","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,0902142","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Cryptography\Offload","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0903204","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS",""
- "3:23:02,0904657","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Desired Access: Generic Read/Write, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
- "3:23:02,0907471","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0907705","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 512"
- "3:23:02,0908282","RDG Malware Detector.exe","1732","SetAllocationInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512"
- "3:23:02,0908587","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","FILE LOCKED WITH WRITERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0908734","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512, EndOfFile: 512, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0909050","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0909751","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","CreationTime: 30/06/2015 3:23:02, LastAccessTime: 30/06/2015 3:23:02, LastWriteTime: 30/06/2015 3:23:02, ChangeTime: 30/06/2015 3:23:02, FileAttributes: ACNCI"
- "3:23:02,0909979","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.538, Length: 1, Fail Immediately: True"
- "3:23:02,0910146","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.539, Length: 20, Fail Immediately: True"
- "3:23:02,0910293","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.539, Length: 20"
- "3:23:02,0910545","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.559, Length: 20, Fail Immediately: True"
- "3:23:02,0910686","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.559, Length: 20"
- "3:23:02,0910827","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.579, Length: 20, Fail Immediately: True"
- "3:23:02,0911207","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.579, Length: 20"
- "3:23:02,0911350","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.599, Length: 20, Fail Immediately: True"
- "3:23:02,0911519","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.599, Length: 20"
- "3:23:02,0911654","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.539, Length: 1, Fail Immediately: True"
- "3:23:02,0911793","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.559, Length: 1, Fail Immediately: True"
- "3:23:02,0912102","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.579, Length: 1, Fail Immediately: True"
- "3:23:02,0912248","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.599, Length: 1, Fail Immediately: True"
- "3:23:02,0912400","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.538, Length: 1"
- "3:23:02,0912760","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512, EndOfFile: 512, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0912928","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 16.384"
- "3:23:02,0913889","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 0, Length: 4.096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
- "3:23:02,0914498","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 4.096, Length: 12.288, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
- "3:23:02,0921363","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\shlwapi.dll","SUCCESS","Image Base: 0x76ba0000, Image Size: 0x57000"
- "3:23:02,0924452","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0925330","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","CreationTime: 30/06/2015 3:12:06, LastAccessTime: 30/06/2015 3:12:06, LastWriteTime: 19/03/2009 7:44:42, ChangeTime: 30/06/2015 3:12:06, FileAttributes: ACNCI"
- "3:23:02,0925550","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS",""
- "3:23:02,0927099","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
- "3:23:02,0927510","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","AllocationSize: 24.576, EndOfFile: 59.962, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0928009","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 0, Length: 5, Priority: Very Low"
- "3:23:02,0928335","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 5, Length: 6"
- "3:23:02,0928557","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 11, Length: 16"
- "3:23:02,0928744","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 27, Length: 16"
- "3:23:02,0928932","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 43, Length: 16"
- "3:23:02,0929120","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 59, Length: 16"
- "3:23:02,0929303","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 75, Length: 16"
- "3:23:02,0929488","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 91, Length: 16"
- "3:23:02,0929674","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 107, Length: 16"
- "3:23:02,0929861","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 123, Length: 16"
- "3:23:02,0930044","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 139, Length: 16"
- "3:23:02,0930225","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 155, Length: 16"
- "3:23:02,0930439","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 171, Length: 16"
- "3:23:02,0930622","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 187, Length: 16"
- "3:23:02,0930810","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 203, Length: 16"
- "3:23:02,0931229","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 219, Length: 16"
- "3:23:02,0931426","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 235, Length: 16"
- "3:23:02,0931638","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 251, Length: 16"
- "3:23:02,0931821","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 267, Length: 16"
- "3:23:02,0932001","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 283, Length: 16"
- "3:23:02,0932186","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 299, Length: 16"
- "3:23:02,0932512","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 315, Length: 16"
- "3:23:02,0932734","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 331, Length: 16"
- "3:23:02,0932919","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 347, Length: 16"
- "3:23:02,0933098","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 363, Length: 16"
- "3:23:02,0933281","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 379, Length: 16"
- "3:23:02,0933463","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 395, Length: 16"
- "3:23:02,0933643","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 411, Length: 16"
- "3:23:02,0933823","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 427, Length: 16"
- "3:23:02,0934003","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 443, Length: 16"
- "3:23:02,0934189","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 459, Length: 8"
- "3:23:02,0934370","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 467, Length: 16"
- "3:23:02,0934552","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 483, Length: 16"
- "3:23:02,0934737","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 499, Length: 16"
- "3:23:02,0934924","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 515, Length: 16"
- "3:23:02,0935107","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 531, Length: 8"
- "3:23:02,0935290","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 539, Length: 16"
- "3:23:02,0935471","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 555, Length: 16"
- "3:23:02,0935650","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 571, Length: 16"
- "3:23:02,0935833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 587, Length: 16"
- "3:23:02,0936013","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 603, Length: 8"
- "3:23:02,0936193","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 611, Length: 16"
- "3:23:02,0936375","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 627, Length: 16"
- "3:23:02,0936555","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 643, Length: 16"
- "3:23:02,0936736","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 659, Length: 16"
- "3:23:02,0936919","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 675, Length: 8"
- "3:23:02,0937100","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 683, Length: 16"
- "3:23:02,0937281","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 699, Length: 8"
- "3:23:02,0937460","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 707, Length: 61"
- "3:23:02,0937641","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 768, Length: 4"
- "3:23:02,0937820","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 772, Length: 2"
- "3:23:02,0938001","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 774, Length: 16"
- "3:23:02,0938185","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 790, Length: 1"
- "3:23:02,0938368","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 791, Length: 16"
- "3:23:02,0938553","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 807, Length: 16"
- "3:23:02,0938733","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 823, Length: 16"
- "3:23:02,0938915","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 839, Length: 16"
- "3:23:02,0939105","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 855, Length: 16"
- "3:23:02,0939285","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 871, Length: 16"
- "3:23:02,0939466","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 887, Length: 16"
- "3:23:02,0939652","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 903, Length: 16"
- "3:23:02,0939833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 919, Length: 16"
- "3:23:02,0940014","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 935, Length: 16"
- "3:23:02,0940200","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 951, Length: 61"
- "3:23:02,0940377","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.012, Length: 4"
- "3:23:02,0940592","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.016, Length: 4"
- "3:23:02,0940771","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.020, Length: 2"
- "3:23:02,0941110","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.022, Length: 8"
- "3:23:02,0941309","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.030, Length: 16"
- "3:23:02,0941490","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.046, Length: 8"
- "3:23:02,0941682","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.054, Length: 40"
- "3:23:02,0941875","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.094, Length: 40"
- "3:23:02,0942067","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.134, Length: 400"
- "3:23:02,0942272","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.534, Length: 58.428"
- "3:23:02,0942747","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS",""
- "3:23:02,0943318","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledProcesses\","SUCCESS","Desired Access: Read"
- "3:23:02,0943633","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0943825","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\4E717114","NAME NOT FOUND","Length: 24"
- "3:23:02,0944031","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses","SUCCESS",""
- "3:23:02,0944256","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledSessions\","SUCCESS","Desired Access: Read"
- "3:23:02,0944502","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0944689","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling","NAME NOT FOUND","Length: 24"
- "3:23:02,0944891","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS",""
- "3:23:02,0945289","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledSessions\","SUCCESS","Desired Access: Read"
- "3:23:02,0945518","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0945747","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession","NAME NOT FOUND","Length: 24"
- "3:23:02,0945947","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS",""
- "3:23:02,0947481","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0947837","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","AllocationSize: 16.384, EndOfFile: 27.044, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0948073","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Registration\R00000000000c.clb","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0948259","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","AllocationSize: 16.384, EndOfFile: 27.044, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,0948657","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Registration\R00000000000c.clb","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0949929","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0950179","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0950387","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0950892","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0951189","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Desired Access: Read"
- "3:23:02,0951513","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0951699","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0951893","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0952179","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0952410","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0952617","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0952827","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","BUFFER TOO SMALL","Query: Name, Length: 0"
- "3:23:02,0953013","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0953214","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0953405","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0953673","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0953903","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0954108","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0954344","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0954555","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0954757","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0954985","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0955248","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0955443","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0955713","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0955920","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: VBPropertyBag"
- "3:23:02,0956123","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0956325","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0956609","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0956817","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: VBPropertyBag"
- "3:23:02,0957044","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0957234","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0957499","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0957733","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0957936","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32","SUCCESS","Desired Access: Read"
- "3:23:02,0958181","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
- "3:23:02,0958372","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0958637","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0958845","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\InprocServer32","NAME NOT FOUND","Length: 144"
- "3:23:02,0959033","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
- "3:23:02,0959220","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0959487","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0959693","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\msvbvm60.dll"
- "3:23:02,0959887","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
- "3:23:02,0960075","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0960336","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0960625","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\msvbvm60.dll"
- "3:23:02,0961049","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
- "3:23:02,0961380","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0961658","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0961870","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 20, Data: Apartment"
- "3:23:02,0962089","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS",""
- "3:23:02,0962279","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0962466","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0962921","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0963161","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0963361","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0963557","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0963754","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0964014","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0964240","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0964443","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0964665","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS",""
- "3:23:02,0965204","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0965425","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0965619","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0965812","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0966041","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0966277","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0966529","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Desired Access: Read"
- "3:23:02,0966755","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0966957","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0967147","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
- "3:23:02,0967342","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0967608","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0967834","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0968037","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0968248","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS",""
- "3:23:02,0969853","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0970690","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","CreationTime: 10/06/2009 23:38:03, LastAccessTime: 10/06/2009 23:38:03, LastWriteTime: 14/07/2009 3:15:50, ChangeTime: 12/05/2014 1:07:50, FileAttributes: A"
- "3:23:02,0971117","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
- "3:23:02,0972227","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,0972966","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,0974146","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,0976127","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Image Base: 0x2860000, Image Size: 0x153000"
- "3:23:02,0976624","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
- "3:23:02,0979316","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0979530","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0979743","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0979992","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0980262","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
- "3:23:02,0980862","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0981053","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0981250","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0981538","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0981772","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0981971","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0982172","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","BUFFER TOO SMALL","Query: Name, Length: 0"
- "3:23:02,0982357","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0982557","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0982748","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0983013","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0983235","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0983438","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
- "3:23:02,0983682","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
- "3:23:02,0983873","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0984137","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0984350","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 22, Data: StdPicture"
- "3:23:02,0984569","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
- "3:23:02,0984790","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0984986","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0985439","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0985671","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0985881","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
- "3:23:02,0986095","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
- "3:23:02,0986317","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0986591","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0986803","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 22, Data: StdPicture"
- "3:23:02,0987016","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
- "3:23:02,0987203","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0987398","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0987662","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0987875","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 34, Data: Standard Picture"
- "3:23:02,0988071","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0988263","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0988527","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0988733","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 34, Data: Standard Picture"
- "3:23:02,0988943","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0989132","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0989391","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0989612","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0989812","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Desired Access: Read"
- "3:23:02,0990050","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,0990249","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0990649","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0990876","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\InprocServer32","NAME NOT FOUND","Length: 144"
- "3:23:02,0991069","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,0991266","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0991538","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0991751","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
- "3:23:02,0991951","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,0992140","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0992401","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0992611","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
- "3:23:02,0992809","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,0992995","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0993262","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,0993471","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 20, Data: Apartment"
- "3:23:02,0993687","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS",""
- "3:23:02,0993871","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0994059","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0994319","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0994538","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0994739","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0994936","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0995127","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0995385","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0995607","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0995809","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,0996025","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
- "3:23:02,0996438","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,0996657","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0996859","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,0997055","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0997248","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,0997476","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0997726","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
- "3:23:02,0997945","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,0998150","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,0998332","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,0998523","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0998785","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0999006","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,0999209","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,0999415","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
- "3:23:02,1000138","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 16.384, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,1000624","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 32.768"
- "3:23:02,1001316","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 16.384, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
- "3:23:02,1001805","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 32.768, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,1002004","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 49.152"
- "3:23:02,1002231","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 32.768, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
- "3:23:02,1002598","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 49.152, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,1002793","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 65.536"
- "3:23:02,1003026","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 49.152, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
- "3:23:02,1007687","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","REPARSE","Desired Access: Read"
- "3:23:02,1007993","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","Desired Access: Read"
- "3:23:02,1008341","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1008601","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\CMF\Config\SYSTEM","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
- "3:23:02,1008850","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS",""
- "3:23:02,1578383","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1580637","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\es-ES\user32.dll.mui","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,1581342","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","AllocationSize: 20.480, EndOfFile: 19.456, NumberOfLinks: 2, DeletePending: False, Directory: False"
- "3:23:02,1582693","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,1667278","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1668363","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS","Desired Access: Query Value"
- "3:23:02,1669591","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1670505","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable","NAME NOT FOUND","Length: 144"
- "3:23:02,1671378","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\Fonts\staticcache.dat"
- "3:23:02,1672340","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS",""
- "3:23:02,1677178","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1678454","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","AllocationSize: 9.633.792, EndOfFile: 9.633.792, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,1679367","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","Offset: 0, Length: 60, Priority: Very Low"
- "3:23:02,1680462","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Fonts\StaticCache.dat","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,1681384","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","AllocationSize: 9.633.792, EndOfFile: 9.633.792, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,1683119","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Fonts\StaticCache.dat","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,1687985","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1688920","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Desired Access: Query Value"
- "3:23:02,1689903","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1690905","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1","NAME NOT FOUND","Length: 144"
- "3:23:02,1691762","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2","SUCCESS","Type: REG_SZ, Length: 24, Data: SimSun-ExtB"
- "3:23:02,1692631","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2","SUCCESS","Type: REG_SZ, Length: 24, Data: SimSun-ExtB"
- "3:23:02,1693577","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3","NAME NOT FOUND","Length: 144"
- "3:23:02,1695007","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4","NAME NOT FOUND","Length: 144"
- "3:23:02,1696088","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5","NAME NOT FOUND","Length: 144"
- "3:23:02,1696940","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6","NAME NOT FOUND","Length: 144"
- "3:23:02,1697870","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7","NAME NOT FOUND","Length: 144"
- "3:23:02,1699228","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8","NAME NOT FOUND","Length: 144"
- "3:23:02,1700079","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9","NAME NOT FOUND","Length: 144"
- "3:23:02,1700922","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10","NAME NOT FOUND","Length: 144"
- "3:23:02,1701754","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11","NAME NOT FOUND","Length: 144"
- "3:23:02,1702703","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12","NAME NOT FOUND","Length: 144"
- "3:23:02,1703678","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13","NAME NOT FOUND","Length: 144"
- "3:23:02,1708275","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14","NAME NOT FOUND","Length: 144"
- "3:23:02,1709882","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15","NAME NOT FOUND","Length: 144"
- "3:23:02,1710905","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16","NAME NOT FOUND","Length: 144"
- "3:23:02,1712311","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS",""
- "3:23:02,1713503","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1714757","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
- "3:23:02,1715753","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1717013","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Query: Cached, SubKeys: 4, Values: 1"
- "3:23:02,1717988","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 0, Name: MingLiU"
- "3:23:02,1719371","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 1, Name: MingLiU_HKSCS"
- "3:23:02,1720564","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 2, Name: PMingLiU"
- "3:23:02,1721444","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 3, Name: SimSun"
- "3:23:02,1725018","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Query: HandleTags, HandleTags: 0x100"
- "3:23:02,1726020","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\MS Sans Serif","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1727089","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS",""
- "3:23:02,1883160","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1884705","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\Compatibility\RDG Malware Detector.exe","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1892007","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1895082","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:01, LastAccessTime: 21/11/2010 5:24:01, LastWriteTime: 21/11/2010 5:24:01, ChangeTime: 12/05/2014 1:08:11, FileAttributes: A"
- "3:23:02,1896033","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
- "3:23:02,1899918","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1902383","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,1907104","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,1914479","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Image Base: 0x2860000, Image Size: 0x15c000"
- "3:23:02,1916034","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
- "3:23:02,1919284","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1920359","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","REPARSE","Desired Access: Read"
- "3:23:02,1921661","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS","Desired Access: Read"
- "3:23:02,1922734","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1923577","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
- "3:23:02,1925534","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS",""
- "3:23:02,1927669","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1928112","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\","SUCCESS","Desired Access: Read"
- "3:23:02,1928524","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1928913","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext","NAME NOT FOUND","Length: 144"
- "3:23:02,1929289","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF","SUCCESS",""
- "3:23:02,1931622","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,1932051","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\KnownClasses","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1952147","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,1952422","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1952667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,1952898","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,1953092","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1953342","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1953565","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,1953799","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,1954216","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1954513","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1954748","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,1958140","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\shell32.dll","SUCCESS","Image Base: 0x75700000, Image Size: 0xc4a000"
- "3:23:02,1962528","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots","NAME NOT FOUND","Desired Access: Enumerate Sub Keys"
- "3:23:02,1965092","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe.Local","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,1968083","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1968385","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","CreationTime: 21/11/2010 5:24:13, LastAccessTime: 21/11/2010 5:24:13, LastWriteTime: 21/11/2010 5:24:13, ChangeTime: 12/05/2014 1:10:04, FileAttributes: D"
- "3:23:02,1968579","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS",""
- "3:23:02,1970176","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1972004","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1972843","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:09, LastAccessTime: 21/11/2010 5:24:09, LastWriteTime: 21/11/2010 5:24:09, ChangeTime: 12/05/2014 1:07:30, FileAttributes: A"
- "3:23:02,1973030","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS",""
- "3:23:02,1974346","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,1974680","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,1978916","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,1980601","RDG Malware Detector.exe","1732","Load Image","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Image Base: 0x74350000, Image Size: 0x84000"
- "3:23:02,1980875","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS",""
- "3:23:02,1984640","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
- "3:23:02,1985005","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,1985667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,1986072","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,1986272","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,1986507","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1986767","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
- "3:23:02,1987120","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,1987290","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1987467","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1987736","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1987954","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1988136","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1988330","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","BUFFER TOO SMALL","Query: Name, Length: 0"
- "3:23:02,1988493","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1988678","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1988844","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1989096","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1989315","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1989493","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
- "3:23:02,1989719","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
- "3:23:02,1989892","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1990149","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1990356","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 16, Data: StdFont"
- "3:23:02,1990565","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
- "3:23:02,1990734","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1990908","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1991163","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1991372","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1991555","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
- "3:23:02,1991740","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
- "3:23:02,1991914","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1992159","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1992348","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 16, Data: StdFont"
- "3:23:02,1992541","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
- "3:23:02,1992717","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1992894","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1993148","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1993339","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: Standard Font"
- "3:23:02,1993514","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1993688","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1994066","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1994309","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: Standard Font"
- "3:23:02,1994510","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1994685","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1994949","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,1995156","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1995339","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Desired Access: Read"
- "3:23:02,1995575","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,1995749","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1995998","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1996187","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\InprocServer32","NAME NOT FOUND","Length: 144"
- "3:23:02,1996355","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,1996528","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1996781","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1996971","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
- "3:23:02,1997146","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,1997318","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1997566","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1997753","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
- "3:23:02,1997928","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
- "3:23:02,1998103","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1998355","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
- "3:23:02,1998563","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 10, Data: Both"
- "3:23:02,1998762","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS",""
- "3:23:02,1998945","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,1999121","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1999378","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1999596","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,1999778","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,1999959","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,2000129","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,2000376","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,2000587","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,2000763","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
- "3:23:02,2001405","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
- "3:23:02,2002017","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2002417","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2002618","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2002799","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2002979","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2003204","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2003465","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
- "3:23:02,2003686","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2003894","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,2004237","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
- "3:23:02,2004417","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,2004692","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2004909","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
- "3:23:02,2005108","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2005304","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
- "3:23:02,2045256","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2045520","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2045723","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2045948","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2046137","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2046363","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2046564","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2046754","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2046978","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2047224","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2047444","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,2053001","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2053238","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2053426","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2053636","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2053822","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2054196","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2054415","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2054608","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2054826","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2055069","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2055286","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,2104706","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2104939","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2105123","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2105333","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2105545","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2105755","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2105952","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2106136","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2106445","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2106732","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2107021","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,2115819","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\olepro32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,2120575","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2121954","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:03, LastAccessTime: 21/11/2010 5:24:03, LastWriteTime: 21/11/2010 5:24:03, ChangeTime: 12/05/2014 1:08:11, FileAttributes: A"
- "3:23:02,2122164","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS",""
- "3:23:02,2123521","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2124812","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\olepro32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,2126327","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,2128565","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Image Base: 0x75400000, Image Size: 0x19000"
- "3:23:02,2128878","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS",""
- "3:23:02,2131003","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
- "3:23:02,2131257","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
- "3:23:02,2131600","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2131772","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\es-AR","NAME NOT FOUND","Length: 532"
- "3:23:02,2131974","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
- "3:23:02,2132184","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
- "3:23:02,2132389","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
- "3:23:02,2132603","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2132768","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-AR","NAME NOT FOUND","Length: 532"
- "3:23:02,2132948","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
- "3:23:02,2183733","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2184156","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2184390","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2184631","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2184831","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2185066","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2185272","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
- "3:23:02,2185464","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
- "3:23:02,2185697","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2185960","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
- "3:23:02,2186188","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
- "3:23:02,2274870","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2275975","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","CreationTime: 21/11/2010 5:23:51, LastAccessTime: 21/11/2010 5:23:51, LastWriteTime: 21/11/2010 5:23:51, ChangeTime: 12/05/2014 1:07:25, FileAttributes: A"
- "3:23:02,2276155","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS",""
- "3:23:02,2277336","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2278231","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\asycfilt.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,2279523","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,2282085","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Image Base: 0x744a0000, Image Size: 0x14000"
- "3:23:02,2282367","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS",""
- "3:23:02,2478468","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
- "3:23:02,2478936","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
- "3:23:02,2538346","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2538638","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","REPARSE","Desired Access: Read"
- "3:23:02,2539100","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
- "3:23:02,2539368","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2539572","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Sans Serif","NAME NOT FOUND","Length: 144"
- "3:23:02,2539832","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
- "3:23:02,2568075","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\imagehlp.dll","SUCCESS","Image Base: 0x76f00000, Image Size: 0x2a000"
- "3:23:02,2571124","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2571498","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,2571660","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","AllocationSize: 724.992, EndOfFile: 1.343.488, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2572013","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,2572365","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","AllocationSize: 724.992, EndOfFile: 1.343.488, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2580366","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS",""
- "3:23:02,2583197","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
- "3:23:02,2583530","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2583767","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS","Desired Access: Read"
- "3:23:02,2584109","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2584312","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer","NAME NOT FOUND","Length: 144"
- "3:23:02,2584889","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS",""
- "3:23:02,2585791","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2586035","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
- "3:23:02,2586303","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2586489","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
- "3:23:02,2586725","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
- "3:23:02,2588836","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2589129","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
- "3:23:02,2589436","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2589664","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
- "3:23:02,2589932","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
- "3:23:02,2590444","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2590718","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
- "3:23:02,2590989","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2591221","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
- "3:23:02,2591493","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
- "3:23:02,2595493","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
- "3:23:02,2595803","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
- "3:23:02,2596110","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
- "3:23:02,2596353","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
- "3:23:02,2596847","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
- "3:23:02,2646995","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2647335","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2647531","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2647783","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2648151","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2648328","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2650250","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2650958","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:15, LastAccessTime: 21/11/2010 5:24:15, LastWriteTime: 21/11/2010 5:24:15, ChangeTime: 12/05/2014 1:07:45, FileAttributes: A"
- "3:23:02,2651127","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS",""
- "3:23:02,2652055","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2652812","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\kernel32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,2653750","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,2656177","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x3760000, Image Size: 0x110000"
- "3:23:02,2656478","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS",""
- "3:23:02,2675091","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2675359","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2675508","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2675727","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2676020","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2676191","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2677244","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2677485","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2677633","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2678011","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2678501","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2678674","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2679761","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2679996","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2680134","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2680335","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2680601","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2680762","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2681799","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2682047","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2682191","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2683531","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2683823","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2684146","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2685408","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2685677","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2685826","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2686031","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2686506","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2686735","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2687909","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2688248","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2688438","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2689727","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2690166","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2690349","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2691551","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2691819","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2691982","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2692188","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2692471","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2692663","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2693867","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2694273","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2694422","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2694669","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2694952","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2695128","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2696693","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Local\Temp:E","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a"
- "3:23:02,2699164","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2699492","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2699740","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2699954","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2700404","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2700595","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2701860","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2702129","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
- "3:23:02,2702276","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
- "3:23:02,2702505","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
- "3:23:02,2702793","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
- "3:23:02,2702980","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
- "3:23:02,2708449","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\winmm.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
- "3:23:02,2709927","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2710656","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","CreationTime: 21/11/2010 5:24:16, LastAccessTime: 21/11/2010 5:24:16, LastWriteTime: 21/11/2010 5:24:16, ChangeTime: 12/05/2014 1:08:20, FileAttributes: A"
- "3:23:02,2710819","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
- "3:23:02,2712094","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2712807","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
- "3:23:02,2714580","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","SUCCESS","SyncType: SyncTypeOther"
- "3:23:02,2716408","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Image Base: 0x74460000, Image Size: 0x32000"
- "3:23:02,2716661","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
- "3:23:02,2895062","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2896005","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2896250","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Filter: SignA.user.db, 1: SignA.user.db"
- "3:23:02,2896533","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2896977","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
- "3:23:02,2897404","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS",""
- "3:23:02,2899307","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2900174","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2900405","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Filter: SignA.db, 1: SignA.db"
- "3:23:02,2900666","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2901093","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Offset: 0, Length: 20.344, Priority: Very Low"
- "3:23:02,2901851","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS",""
- "3:23:02,2945575","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2946440","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2946671","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Filter: SignE.user.db, 1: SignE.user.db"
- "3:23:02,2946927","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2947291","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
- "3:23:02,2947588","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS",""
- "3:23:02,2949333","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2950171","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2950400","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Filter: SignE.db, 1: SignE.db"
- "3:23:02,2950649","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2951117","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Offset: 0, Length: 16.715, Priority: Very Low"
- "3:23:02,2951965","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS",""
- "3:23:02,2987150","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2988022","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2988253","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Filter: Sign512.user.db, 1: Sign512.user.db"
- "3:23:02,2988503","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2988869","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Offset: 0, Length: 143, Priority: Very Low"
- "3:23:02,2989160","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS",""
- "3:23:02,2990901","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2991785","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,2992013","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Filter: Sign512.db, 1: Sign512.db"
- "3:23:02,2992320","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,2992703","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Offset: 0, Length: 4.757, Priority: Very Low"
- "3:23:02,2993077","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS",""
- "3:23:02,3003421","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3004328","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3004718","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Filter: SignP.db, 1: SignP.db"
- "3:23:02,3004995","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3005879","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Offset: 0, Length: 881, Priority: Very Low"
- "3:23:02,3006185","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS",""
- "3:23:02,3009170","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3010050","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3010281","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Filter: SignI.user.db, 1: SignI.user.db"
- "3:23:02,3010525","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3010889","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
- "3:23:02,3011164","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS",""
- "3:23:02,3012745","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3013594","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3013823","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Filter: SignI.db, 1: SignI.db"
- "3:23:02,3014160","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3015156","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Offset: 0, Length: 14.461, Priority: Very Low"
- "3:23:02,3015632","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS",""
- "3:23:02,3045294","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.user.db","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
- "3:23:02,3046162","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3046400","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.user.db","NO SUCH FILE","Filter: SignNET.user.db"
- "3:23:02,3046608","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3048754","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3049646","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3049872","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Filter: SignNET.db, 1: SignNET.db"
- "3:23:02,3050117","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3050946","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Offset: 0, Length: 1.832, Priority: Very Low"
- "3:23:02,3051261","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS",""
- "3:23:02,3056123","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3056988","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3057216","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Filter: SignVB.user.db, 1: SignVB.user.db"
- "3:23:02,3057461","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3057833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
- "3:23:02,3058317","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS",""
- "3:23:02,3059954","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3060828","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3061066","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Filter: SignVB.db, 1: SignVB.db"
- "3:23:02,3061324","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3062260","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Offset: 0, Length: 342, Priority: Very Low"
- "3:23:02,3062561","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS",""
- "3:23:02,3064902","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3065965","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3066231","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Filter: SignMem.db, 1: SignMem.db"
- "3:23:02,3066508","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3067404","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Offset: 0, Length: 1.747, Priority: Very Low"
- "3:23:02,3067737","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS",""
- "3:23:02,3072747","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3073655","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
- "3:23:02,3073903","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Filter: SignWL.db, 1: SignWL.db"
- "3:23:02,3074310","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
- "3:23:02,3075313","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Offset: 0, Length: 388, Priority: Very Low"
- "3:23:02,3075683","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS",""
- "3:23:32,0919938","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 836"
- "3:23:32,0923707","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1668"
- "3:23:32,0926598","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1440"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement