Advertisement
Guest User

Untitled

a guest
Jun 29th, 2015
531
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 279.93 KB | None | 0 0
  1. "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
  2. "3:23:01,9684116","RDG Malware Detector.exe","1732","Process Start","","SUCCESS","Parent PID: 1656, Command line: ""C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe"" , Current directory: C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\, Environment: ; ALLUSERSPROFILE=C:\ProgramData; APPDATA=C:\Users\Administrador\AppData\Roaming; CommonProgramFiles=C:\Program Files\Common Files; CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files; CommonProgramW6432=C:\Program Files\Common Files; CommonStartMenu=C:\ProgramData\Microsoft\Windows\Start Menu; COMPUTERNAME=WIN-4GHA667EH3L; ComSpec=C:\Windows\system32\cmd.exe; Cursors=C:\Windows\Cursors; Downloads=C:\Users\Administrador\Downloads; Fonts=C:\Windows\Fonts; FP_NO_HOST_CHECK=NO; HOMEDRIVE=C:; HOMEPATH=\Users\Administrador; LOCALAPPDATA=C:\Users\Administrador\AppData\Local; LOGONSERVER=\\WIN-4GHA667EH3L; Media=C:\Windows\Media; NUMBER_OF_PROCESSORS=8; OS=Windows_NT; Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Prio; PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC; PROCESSOR_ARCHITECTURE=AMD64; PROCESSOR_IDENTIFIER=AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD; PROCESSOR_LEVEL=21; PROCESSOR_REVISION=0200; ProgramData=C:\ProgramData; ProgramFiles=C:\Program Files; ProgramFiles(x86)=C:\Program Files (x86); ProgramW6432=C:\Program Files; PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\; PUBLIC=C:\Users\Public; RecycleBin=C:\$Recycle.Bin\S-1-5-21-1639376891-3163970478-3182841167-1000; Resources=C:\Windows\Resources; SendTo=C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo; SESSIONNAME=Console; StartMenu=C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu; System32=C:\Windows\System32; SystemDrive=C:; SystemRoot=C:\Windows; SysWOW64=C:\Windows\SysWOW64; TEMP=C:\Users\ADMINI~1\AppData\Local\Temp; Themes=C:\Windows\Resources\Themes; TMP=C:\Users\ADMINI~1\AppData\Local\Temp; USERDOMAIN=WIN-4GHA667EH3L; USERNAME=Administrador; USERPROFILE=C:\Users\Administrador; Walls=C:\Windows\Web\Wallpaper; windir=C:\Windows; windows_tracing_flags=3; windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log; WinSXS=C:\Windows\WinSXS"
  3. "3:23:01,9684239","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1948"
  4. "3:23:02,0196352","RDG Malware Detector.exe","1732","Load Image","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","Image Base: 0x1100000, Image Size: 0x152000"
  5. "3:23:02,0197881","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\ntdll.dll","SUCCESS","Image Base: 0x77860000, Image Size: 0x1a9000"
  6. "3:23:02,0199082","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ntdll.dll","SUCCESS","Image Base: 0x77a40000, Image Size: 0x180000"
  7. "3:23:02,0199935","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
  8. "3:23:02,0200265","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableUserModeCallbackFilter","NAME NOT FOUND","Length: 1.024"
  9. "3:23:02,0200837","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Read"
  10. "3:23:02,0201118","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Read"
  11. "3:23:02,0201360","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\CWDIllegalInDLLSearch","NAME NOT FOUND","Length: 1.024"
  12. "3:23:02,0201583","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS",""
  13. "3:23:02,0203996","RDG Malware Detector.exe","1732","CreateFile","C:\Windows","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  14. "3:23:02,0205725","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  15. "3:23:02,0206870","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
  16. "3:23:02,0207070","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64.dll","SUCCESS",""
  17. "3:23:02,0208261","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  18. "3:23:02,0209185","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  19. "3:23:02,0209962","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64.dll","SUCCESS","SyncType: SyncTypeOther"
  20. "3:23:02,0212598","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64.dll","SUCCESS","Image Base: 0x75540000, Image Size: 0x3f000"
  21. "3:23:02,0212837","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64.dll","SUCCESS",""
  22. "3:23:02,0215066","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64win.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  23. "3:23:02,0215953","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64win.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
  24. "3:23:02,0216156","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64win.dll","SUCCESS",""
  25. "3:23:02,0217235","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64win.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  26. "3:23:02,0218024","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64win.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  27. "3:23:02,0218844","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64win.dll","SUCCESS","SyncType: SyncTypeOther"
  28. "3:23:02,0220536","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64win.dll","SUCCESS","Image Base: 0x754e0000, Image Size: 0x5c000"
  29. "3:23:02,0220744","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64win.dll","SUCCESS",""
  30. "3:23:02,0222772","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  31. "3:23:02,0223664","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","CreationTime: 21/11/2010 5:24:32, LastAccessTime: 21/11/2010 5:24:32, LastWriteTime: 21/11/2010 5:24:32, ChangeTime: 12/05/2014 1:05:19, FileAttributes: A"
  32. "3:23:02,0223834","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64cpu.dll","SUCCESS",""
  33. "3:23:02,0228107","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64cpu.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  34. "3:23:02,0228948","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64cpu.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  35. "3:23:02,0229645","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\System32\wow64cpu.dll","SUCCESS","SyncType: SyncTypeOther"
  36. "3:23:02,0232552","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\wow64cpu.dll","SUCCESS","Image Base: 0x754d0000, Image Size: 0x8000"
  37. "3:23:02,0232857","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\wow64cpu.dll","SUCCESS",""
  38. "3:23:02,0234108","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\WOW64","NAME NOT FOUND","Desired Access: Query Value"
  39. "3:23:02,0236086","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\wow64log.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  40. "3:23:02,0238232","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x77740000, Image Size: 0x11f000"
  41. "3:23:02,0241434","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x77130000, Image Size: 0x110000"
  42. "3:23:02,0244184","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x77740000, Image Size: 0x11f000"
  43. "3:23:02,0245567","RDG Malware Detector.exe","1732","Load Image","C:\Windows\System32\user32.dll","SUCCESS","Image Base: 0x77640000, Image Size: 0xfa000"
  44. "3:23:02,0246698","RDG Malware Detector.exe","1732","CreateFile","C:\Windows","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  45. "3:23:02,0247026","RDG Malware Detector.exe","1732","QueryNameInformationFile","C:\Windows","SUCCESS","Name: \Windows"
  46. "3:23:02,0247212","RDG Malware Detector.exe","1732","CloseFile","C:\Windows","SUCCESS",""
  47. "3:23:02,0248501","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
  48. "3:23:02,0248852","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
  49. "3:23:02,0249037","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  50. "3:23:02,0249235","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableUserModeCallbackFilter","NAME NOT FOUND","Length: 1.024"
  51. "3:23:02,0249426","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Read"
  52. "3:23:02,0249809","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Read"
  53. "3:23:02,0250014","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  54. "3:23:02,0250142","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\CWDIllegalInDLLSearch","NAME NOT FOUND","Length: 1.024"
  55. "3:23:02,0250322","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS",""
  56. "3:23:02,0252901","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  57. "3:23:02,0255389","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x77130000, Image Size: 0x110000"
  58. "3:23:02,0257362","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Image Base: 0x76800000, Image Size: 0x46000"
  59. "3:23:02,0263331","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","REPARSE","Desired Access: Read"
  60. "3:23:02,0263530","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
  61. "3:23:02,0263728","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  62. "3:23:02,0263855","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","NAME NOT FOUND","Length: 548"
  63. "3:23:02,0264014","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  64. "3:23:02,0264180","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
  65. "3:23:02,0264467","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE","Desired Access: Query Value, Set Value"
  66. "3:23:02,0264670","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND","Desired Access: Query Value, Set Value"
  67. "3:23:02,0264865","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","REPARSE","Desired Access: Read"
  68. "3:23:02,0265032","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","NAME NOT FOUND","Desired Access: Read"
  69. "3:23:02,0265286","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers","REPARSE","Desired Access: Query Value"
  70. "3:23:02,0265554","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers","SUCCESS","Desired Access: Query Value"
  71. "3:23:02,0265739","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  72. "3:23:02,0265887","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled","NAME NOT FOUND","Length: 80"
  73. "3:23:02,0266046","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS",""
  74. "3:23:02,0266316","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","NAME NOT FOUND","Desired Access: Query Value"
  75. "3:23:02,0268587","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\MSVBVM60.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  76. "3:23:02,0270797","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  77. "3:23:02,0271597","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","CreationTime: 10/06/2009 23:38:03, LastAccessTime: 10/06/2009 23:38:03, LastWriteTime: 14/07/2009 3:15:50, ChangeTime: 12/05/2014 1:07:50, FileAttributes: A"
  78. "3:23:02,0271753","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
  79. "3:23:02,0272921","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  80. "3:23:02,0273801","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  81. "3:23:02,0275144","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","SyncType: SyncTypeOther"
  82. "3:23:02,0277272","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Image Base: 0x72940000, Image Size: 0x153000"
  83. "3:23:02,0277485","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
  84. "3:23:02,0279948","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\user32.dll","SUCCESS","Image Base: 0x77370000, Image Size: 0x100000"
  85. "3:23:02,0282406","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\gdi32.dll","SUCCESS","Image Base: 0x76920000, Image Size: 0x90000"
  86. "3:23:02,0284833","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\lpk.dll","SUCCESS","Image Base: 0x76910000, Image Size: 0xa000"
  87. "3:23:02,0287283","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\usp10.dll","SUCCESS","Image Base: 0x76760000, Image Size: 0x9d000"
  88. "3:23:02,0288862","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvcrt.dll","SUCCESS","Image Base: 0x75650000, Image Size: 0xac000"
  89. "3:23:02,0296220","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\advapi32.dll","SUCCESS","Image Base: 0x76360000, Image Size: 0xa0000"
  90. "3:23:02,0298915","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  91. "3:23:02,0299764","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","CreationTime: 14/07/2009 1:11:59, LastAccessTime: 14/07/2009 1:11:59, LastWriteTime: 14/07/2009 3:16:13, ChangeTime: 12/05/2014 1:08:15, FileAttributes: A"
  92. "3:23:02,0299944","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS",""
  93. "3:23:02,0301414","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  94. "3:23:02,0302644","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sechost.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  95. "3:23:02,0303365","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sechost.dll","SUCCESS","SyncType: SyncTypeOther"
  96. "3:23:02,0304957","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Image Base: 0x770b0000, Image Size: 0x19000"
  97. "3:23:02,0305200","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS",""
  98. "3:23:02,0307407","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\rpcrt4.dll","SUCCESS","Image Base: 0x77280000, Image Size: 0xf0000"
  99. "3:23:02,0309509","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sspicli.dll","SUCCESS","Image Base: 0x755a0000, Image Size: 0x60000"
  100. "3:23:02,0312312","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\cryptbase.dll","SUCCESS","Image Base: 0x75590000, Image Size: 0xc000"
  101. "3:23:02,0317398","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Image Base: 0x769b0000, Image Size: 0x15c000"
  102. "3:23:02,0320713","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","Image Base: 0x76870000, Image Size: 0x8f000"
  103. "3:23:02,0323575","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","REPARSE","Desired Access: Read"
  104. "3:23:02,0323845","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","Desired Access: Read"
  105. "3:23:02,0324093","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  106. "3:23:02,0324245","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\(Default)","SUCCESS","Type: REG_SZ, Length: 36, Data: 00060101.00060101"
  107. "3:23:02,0325335","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value"
  108. "3:23:02,0325524","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value"
  109. "3:23:02,0325760","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\SESSION MANAGER","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  110. "3:23:02,0325900","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\SafeDllSearchMode","NAME NOT FOUND","Length: 16"
  111. "3:23:02,0326813","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","REPARSE","Desired Access: Read"
  112. "3:23:02,0326989","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
  113. "3:23:02,0327186","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  114. "3:23:02,0327363","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","NAME NOT FOUND","Length: 548"
  115. "3:23:02,0327521","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  116. "3:23:02,0327694","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
  117. "3:23:02,0327971","RDG Malware Detector.exe","1732","RegOpenKey","HKLM","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  118. "3:23:02,0328476","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  119. "3:23:02,0328693","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Diagnostics","NAME NOT FOUND","Desired Access: Read"
  120. "3:23:02,0334361","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  121. "3:23:02,0335175","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
  122. "3:23:02,0335337","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  123. "3:23:02,0337805","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  124. "3:23:02,0338727","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  125. "3:23:02,0338985","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","AllocationSize: 122.880, EndOfFile: 119.808, NumberOfLinks: 2, DeletePending: False, Directory: False"
  126. "3:23:02,0339345","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
  127. "3:23:02,0339909","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  128. "3:23:02,0344667","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  129. "3:23:02,0345531","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
  130. "3:23:02,0345740","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  131. "3:23:02,0346750","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  132. "3:23:02,0347664","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  133. "3:23:02,0348003","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","AllocationSize: 122.880, EndOfFile: 119.808, NumberOfLinks: 2, DeletePending: False, Directory: False"
  134. "3:23:02,0348336","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
  135. "3:23:02,0348859","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  136. "3:23:02,0351220","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  137. "3:23:02,0352095","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:25, LastAccessTime: 21/11/2010 5:24:25, LastWriteTime: 21/11/2010 5:24:25, ChangeTime: 12/05/2014 1:07:43, FileAttributes: A"
  138. "3:23:02,0352265","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  139. "3:23:02,0353428","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  140. "3:23:02,0354187","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  141. "3:23:02,0354972","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
  142. "3:23:02,0356914","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Image Base: 0x76700000, Image Size: 0x60000"
  143. "3:23:02,0357259","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
  144. "3:23:02,0359461","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msctf.dll","SUCCESS","Image Base: 0x76600000, Image Size: 0xcc000"
  145. "3:23:02,0361603","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Query: HandleTags, HandleTags: 0x400"
  146. "3:23:02,0361808","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
  147. "3:23:02,0362025","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\UseFilter","NAME NOT FOUND","Length: 544"
  148. "3:23:02,0362185","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\MSVBVM60.DLL","NAME NOT FOUND","Length: 1.024"
  149. "3:23:02,0362460","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","REPARSE","Desired Access: Read"
  150. "3:23:02,0362736","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","Desired Access: Read"
  151. "3:23:02,0362914","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  152. "3:23:02,0363045","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles","NAME NOT FOUND","Length: 20"
  153. "3:23:02,0363260","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
  154. "3:23:02,0364139","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS","Desired Access: Read"
  155. "3:23:02,0364461","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32\RDG Malware Detector","NAME NOT FOUND","Length: 172"
  156. "3:23:02,0364688","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS",""
  157. "3:23:02,0364920","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IME Compatibility","NAME NOT FOUND","Desired Access: Read"
  158. "3:23:02,0366694","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\System32\wow64win.dll","SUCCESS","Offset: 338.944, Length: 15.360, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal"
  159. "3:23:02,0509992","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Query Value"
  160. "3:23:02,0510330","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Query Value"
  161. "3:23:02,0510817","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  162. "3:23:02,0511010","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
  163. "3:23:02,0511265","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
  164. "3:23:02,0511840","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","REPARSE","Desired Access: Read"
  165. "3:23:02,0512053","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","SUCCESS","Desired Access: Read"
  166. "3:23:02,0512356","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  167. "3:23:02,0512571","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language\InstallLanguageFallback","NAME NOT FOUND","Length: 16"
  168. "3:23:02,0512878","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS",""
  169. "3:23:02,0513103","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","REPARSE","Desired Access: Read"
  170. "3:23:02,0513323","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Desired Access: Read"
  171. "3:23:02,0513579","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  172. "3:23:02,0513754","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Index: 0, Name: es-ES"
  173. "3:23:02,0513975","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Query: HandleTags, HandleTags: 0x400"
  174. "3:23:02,0514218","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES","SUCCESS","Desired Access: Read"
  175. "3:23:02,0514472","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES\Type","SUCCESS","Type: REG_DWORD, Length: 4, Data: 145"
  176. "3:23:02,0514819","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES\AlternateCodePage","NAME NOT FOUND","Length: 12"
  177. "3:23:02,0515041","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\es-ES","SUCCESS",""
  178. "3:23:02,0515232","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","NO MORE ENTRIES","Index: 1, Length: 512"
  179. "3:23:02,0515449","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS",""
  180. "3:23:02,0515697","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","REPARSE","Desired Access: Read"
  181. "3:23:02,0515921","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","NAME NOT FOUND","Desired Access: Read"
  182. "3:23:02,0516155","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
  183. "3:23:02,0516390","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
  184. "3:23:02,0516697","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  185. "3:23:02,0516939","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  186. "3:23:02,0517246","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached\MachineLanguageConfiguration","NAME NOT FOUND","Desired Access: Read"
  187. "3:23:02,0517585","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","REPARSE","Desired Access: Read"
  188. "3:23:02,0517823","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","Desired Access: Read"
  189. "3:23:02,0518108","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  190. "3:23:02,0518297","RDG Malware Detector.exe","1732","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
  191. "3:23:02,0518490","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS",""
  192. "3:23:02,0518760","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  193. "3:23:02,0518982","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
  194. "3:23:02,0519219","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
  195. "3:23:02,0519484","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  196. "3:23:02,0519702","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  197. "3:23:02,0519913","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
  198. "3:23:02,0520134","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  199. "3:23:02,0520746","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","Desired Access: Read"
  200. "3:23:02,0521038","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  201. "3:23:02,0521205","RDG Malware Detector.exe","1732","RegEnumValue","HKCU\Control Panel\Desktop\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
  202. "3:23:02,0522424","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS",""
  203. "3:23:02,0522859","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  204. "3:23:02,0523235","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
  205. "3:23:02,0523507","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
  206. "3:23:02,0523866","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  207. "3:23:02,0524135","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  208. "3:23:02,0524356","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
  209. "3:23:02,0524572","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  210. "3:23:02,0524778","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop","SUCCESS","Desired Access: Read"
  211. "3:23:02,0525022","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  212. "3:23:02,0525200","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\PreferredUILanguages","NAME NOT FOUND","Length: 12"
  213. "3:23:02,0525442","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop","SUCCESS",""
  214. "3:23:02,0525665","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  215. "3:23:02,0525879","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
  216. "3:23:02,0526096","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
  217. "3:23:02,0526382","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  218. "3:23:02,0526667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  219. "3:23:02,0526914","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","Desired Access: Read"
  220. "3:23:02,0527153","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  221. "3:23:02,0527322","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","BUFFER OVERFLOW","Length: 12"
  222. "3:23:02,0527500","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","SUCCESS","Type: REG_MULTI_SZ, Length: 12, Data: es-ES"
  223. "3:23:02,0527755","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS",""
  224. "3:23:02,0527952","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  225. "3:23:02,0529684","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  226. "3:23:02,0530128","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","Desired Access: Read"
  227. "3:23:02,0530755","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  228. "3:23:02,0530989","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
  229. "3:23:02,0531229","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\RequireSignedAppInit_DLLs","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  230. "3:23:02,0531421","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs","SUCCESS","Type: REG_SZ, Length: 22, Data: prio32.dll"
  231. "3:23:02,0533379","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  232. "3:23:02,0537458","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  233. "3:23:02,0540187","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\system\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  234. "3:23:02,0542250","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  235. "3:23:02,0544091","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  236. "3:23:02,0545533","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  237. "3:23:02,0546953","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  238. "3:23:02,0549976","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\wbem\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  239. "3:23:02,0554290","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\WindowsPowerShell\v1.0\prio32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  240. "3:23:02,0556617","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files\Prio\prio32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  241. "3:23:02,0556898","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files\Prio\prio32.dll","SUCCESS","CreationTime: 08/11/2012 21:29:36, LastAccessTime: 21/10/2014 14:46:27, LastWriteTime: 08/11/2012 21:29:36, ChangeTime: 21/10/2014 14:46:27, FileAttributes: ACNCI"
  242. "3:23:02,0557095","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files\Prio\prio32.dll","SUCCESS",""
  243. "3:23:02,0558533","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files\Prio\prio32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  244. "3:23:02,0558815","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files\Prio\prio32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  245. "3:23:02,0559612","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files\Prio\prio32.dll","SUCCESS","SyncType: SyncTypeOther"
  246. "3:23:02,0563137","RDG Malware Detector.exe","1732","Load Image","C:\Program Files\Prio\prio32.dll","SUCCESS","Image Base: 0x10000000, Image Size: 0x6000"
  247. "3:23:02,0563391","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files\Prio\prio32.dll","SUCCESS",""
  248. "3:23:02,0564225","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\prio32.dll","NAME NOT FOUND","Length: 1.024"
  249. "3:23:02,0565679","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
  250. "3:23:02,0565932","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
  251. "3:23:02,0566148","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  252. "3:23:02,0566329","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\es-ES","NAME NOT FOUND","Length: 532"
  253. "3:23:02,0566553","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
  254. "3:23:02,0566777","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
  255. "3:23:02,0566982","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
  256. "3:23:02,0567223","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  257. "3:23:02,0567391","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-ES","NAME NOT FOUND","Length: 532"
  258. "3:23:02,0567578","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
  259. "3:23:02,0569411","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  260. "3:23:02,0569752","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  261. "3:23:02,0569932","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","AllocationSize: 2.945.024, EndOfFile: 2.944.004, NumberOfLinks: 2, DeletePending: False, Directory: False"
  262. "3:23:02,0570351","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","SyncType: SyncTypeOther"
  263. "3:23:02,0570990","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS",""
  264. "3:23:02,0573111","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  265. "3:23:02,0573969","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  266. "3:23:02,0575234","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  267. "3:23:02,0575601","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  268. "3:23:02,0575827","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  269. "3:23:02,0576090","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  270. "3:23:02,0576579","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  271. "3:23:02,0576834","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  272. "3:23:02,0578169","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  273. "3:23:02,0578457","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  274. "3:23:02,0578641","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  275. "3:23:02,0578907","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  276. "3:23:02,0579278","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  277. "3:23:02,0579477","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  278. "3:23:02,0580578","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  279. "3:23:02,0580941","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  280. "3:23:02,0581170","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  281. "3:23:02,0581399","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  282. "3:23:02,0581694","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  283. "3:23:02,0581898","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  284. "3:23:02,0583144","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  285. "3:23:02,0583446","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  286. "3:23:02,0583645","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  287. "3:23:02,0585317","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  288. "3:23:02,0585632","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  289. "3:23:02,0585837","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  290. "3:23:02,0586994","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  291. "3:23:02,0587333","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  292. "3:23:02,0587534","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  293. "3:23:02,0587766","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  294. "3:23:02,0588080","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  295. "3:23:02,0588294","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  296. "3:23:02,0589535","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  297. "3:23:02,0589830","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  298. "3:23:02,0590022","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  299. "3:23:02,0590269","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  300. "3:23:02,0590782","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  301. "3:23:02,0591052","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  302. "3:23:02,0592615","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  303. "3:23:02,0592926","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  304. "3:23:02,0593142","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  305. "3:23:02,0593381","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  306. "3:23:02,0593975","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  307. "3:23:02,0594190","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  308. "3:23:02,0595395","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  309. "3:23:02,0595685","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  310. "3:23:02,0595861","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  311. "3:23:02,0596177","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  312. "3:23:02,0596769","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  313. "3:23:02,0596978","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  314. "3:23:02,0598205","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  315. "3:23:02,0598501","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  316. "3:23:02,0598704","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  317. "3:23:02,0598940","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  318. "3:23:02,0599259","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  319. "3:23:02,0599460","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  320. "3:23:02,0601074","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  321. "3:23:02,0601378","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  322. "3:23:02,0601585","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  323. "3:23:02,0601823","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  324. "3:23:02,0602119","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  325. "3:23:02,0602325","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  326. "3:23:02,0603482","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  327. "3:23:02,0603790","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  328. "3:23:02,0603984","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  329. "3:23:02,0604253","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  330. "3:23:02,0604582","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  331. "3:23:02,0604815","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  332. "3:23:02,0605976","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  333. "3:23:02,0606439","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  334. "3:23:02,0606668","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  335. "3:23:02,0606898","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  336. "3:23:02,0607221","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  337. "3:23:02,0607472","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  338. "3:23:02,0608663","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  339. "3:23:02,0608947","RDG Malware Detector.exe","1732","LockFile","C:\Windows\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  340. "3:23:02,0609125","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\prio.ini","SUCCESS","AllocationSize: 64, EndOfFile: 61, NumberOfLinks: 1, DeletePending: False, Directory: False"
  341. "3:23:02,0609359","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 61, Priority: Very Low"
  342. "3:23:02,0609676","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Windows\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  343. "3:23:02,0609914","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\prio.ini","SUCCESS",""
  344. "3:23:02,0611549","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  345. "3:23:02,0611854","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  346. "3:23:02,0612040","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","AllocationSize: 112, EndOfFile: 110, NumberOfLinks: 1, DeletePending: False, Directory: False"
  347. "3:23:02,0612272","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 110, Priority: Very Low"
  348. "3:23:02,0612557","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  349. "3:23:02,0612804","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\AppData\Roaming\prio.ini","SUCCESS",""
  350. "3:23:02,0613387","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
  351. "3:23:02,0613952","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  352. "3:23:02,0614159","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLE","REPARSE","Desired Access: Read"
  353. "3:23:02,0614605","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","Desired Access: Read"
  354. "3:23:02,0615025","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  355. "3:23:02,0615213","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\PageAllocatorUseSystemHeap","NAME NOT FOUND","Length: 144"
  356. "3:23:02,0615430","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
  357. "3:23:02,0615590","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  358. "3:23:02,0615767","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLE","SUCCESS","Desired Access: Read"
  359. "3:23:02,0615946","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  360. "3:23:02,0616099","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\PageAllocatorSystemHeapIsPrivate","NAME NOT FOUND","Length: 144"
  361. "3:23:02,0616255","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
  362. "3:23:02,0616573","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  363. "3:23:02,0616746","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\OLE\Tracing","REPARSE","Desired Access: Read"
  364. "3:23:02,0616933","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\OLE\Tracing","NAME NOT FOUND","Desired Access: Read"
  365. "3:23:02,0617845","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  366. "3:23:02,0618020","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLEAUT","NAME NOT FOUND","Desired Access: Query Value"
  367. "3:23:02,0618336","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  368. "3:23:02,0618548","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\OLEAUT","NAME NOT FOUND","Desired Access: Query Value"
  369. "3:23:02,0622593","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","REPARSE","Desired Access: Read"
  370. "3:23:02,0622775","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS","Desired Access: Read"
  371. "3:23:02,0622957","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  372. "3:23:02,0623128","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","REPARSE","Desired Access: Read"
  373. "3:23:02,0623295","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS","Desired Access: Read"
  374. "3:23:02,0623486","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  375. "3:23:02,0623655","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","REPARSE","Desired Access: Read"
  376. "3:23:02,0623859","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS","Desired Access: Read"
  377. "3:23:02,0624052","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  378. "3:23:02,0624191","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Locale\00000C0A","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
  379. "3:23:02,0624400","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language Groups\1","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
  380. "3:23:02,0627557","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\VB6ES.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  381. "3:23:02,0628039","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS","Desired Access: Query Value"
  382. "3:23:02,0628321","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  383. "3:23:02,0628454","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
  384. "3:23:02,0628619","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR","SUCCESS",""
  385. "3:23:02,0628916","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
  386. "3:23:02,0629090","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
  387. "3:23:02,0629259","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  388. "3:23:02,0629445","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\en-US","NAME NOT FOUND","Length: 532"
  389. "3:23:02,0629605","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
  390. "3:23:02,0629781","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
  391. "3:23:02,0629949","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
  392. "3:23:02,0630126","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  393. "3:23:02,0630259","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-US","NAME NOT FOUND","Length: 532"
  394. "3:23:02,0630410","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
  395. "3:23:02,0633692","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rpcss.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  396. "3:23:02,0636564","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rpcss.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  397. "3:23:02,0640017","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\System32\wow64win.dll","SUCCESS","Offset: 330.752, Length: 8.192, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal"
  398. "3:23:02,0674663","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  399. "3:23:02,0675166","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","CreationTime: 21/10/2014 14:45:28, LastAccessTime: 21/10/2014 14:47:21, LastWriteTime: 02/09/2007 14:57:36, ChangeTime: 21/10/2014 14:47:21, FileAttributes: ACNCI"
  400. "3:23:02,0675441","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
  401. "3:23:02,0676896","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  402. "3:23:02,0677228","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files (x86)\RocketDock\RocketDock.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  403. "3:23:02,0678081","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","SyncType: SyncTypeOther"
  404. "3:23:02,0679124","RDG Malware Detector.exe","1732","Load Image","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Image Base: 0x2b0000, Image Size: 0x12000"
  405. "3:23:02,0680555","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
  406. "3:23:02,0681606","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
  407. "3:23:02,0682931","RDG Malware Detector.exe","1732","CreateFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  408. "3:23:02,0683295","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS","CreationTime: 21/10/2014 14:45:28, LastAccessTime: 21/10/2014 14:47:21, LastWriteTime: 02/09/2007 14:57:36, ChangeTime: 21/10/2014 14:47:21, FileAttributes: ACNCI"
  409. "3:23:02,0685956","RDG Malware Detector.exe","1732","CloseFile","C:\Program Files (x86)\RocketDock\RocketDock.dll","SUCCESS",""
  410. "3:23:02,0688462","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\psapi.dll","SUCCESS","Image Base: 0x76900000, Image Size: 0x5000"
  411. "3:23:02,0689021","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\RocketDock.dll","NAME NOT FOUND","Length: 1.024"
  412. "3:23:02,0695010","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\SESSION MANAGER\SafeProcessSearchMode","NAME NOT FOUND","Length: 16"
  413. "3:23:02,0696858","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe.cfg","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  414. "3:23:02,0698686","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SXS.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  415. "3:23:02,0702504","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  416. "3:23:02,0703731","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","CreationTime: 21/11/2010 5:24:16, LastAccessTime: 21/11/2010 5:24:16, LastWriteTime: 21/11/2010 5:24:16, ChangeTime: 12/05/2014 1:08:17, FileAttributes: A"
  417. "3:23:02,0703918","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS",""
  418. "3:23:02,0704954","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  419. "3:23:02,0705688","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sxs.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  420. "3:23:02,0707301","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\sxs.dll","SUCCESS","SyncType: SyncTypeOther"
  421. "3:23:02,0709929","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\sxs.dll","SUCCESS","Image Base: 0x75420000, Image Size: 0x5f000"
  422. "3:23:02,0710172","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\sxs.dll","SUCCESS",""
  423. "3:23:02,0719395","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Codepage","REPARSE","Desired Access: Read"
  424. "3:23:02,0719881","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Codepage","SUCCESS","Desired Access: Read"
  425. "3:23:02,0720190","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CodePage","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  426. "3:23:02,0720334","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\932","SUCCESS","Type: REG_SZ, Length: 20, Data: c_932.nls"
  427. "3:23:02,0722382","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_932.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  428. "3:23:02,0724111","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_932.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
  429. "3:23:02,0724333","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_932.NLS","SUCCESS",""
  430. "3:23:02,0724765","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\949","SUCCESS","Type: REG_SZ, Length: 20, Data: c_949.nls"
  431. "3:23:02,0726217","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_949.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  432. "3:23:02,0727961","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_949.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
  433. "3:23:02,0728151","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_949.NLS","SUCCESS",""
  434. "3:23:02,0728711","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\950","SUCCESS","Type: REG_SZ, Length: 20, Data: c_950.nls"
  435. "3:23:02,0730480","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_950.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  436. "3:23:02,0731825","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_950.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
  437. "3:23:02,0732025","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_950.NLS","SUCCESS",""
  438. "3:23:02,0732673","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CodePage\936","SUCCESS","Type: REG_SZ, Length: 20, Data: c_936.nls"
  439. "3:23:02,0734078","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\System32\C_936.NLS","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  440. "3:23:02,0735532","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\System32\C_936.NLS","SUCCESS","CreationTime: 13/07/2009 22:18:19, LastAccessTime: 13/07/2009 22:18:19, LastWriteTime: 10/06/2009 23:10:09, ChangeTime: 12/05/2014 1:04:04, FileAttributes: A"
  441. "3:23:02,0735689","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\System32\C_936.NLS","SUCCESS",""
  442. "3:23:02,0736348","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  443. "3:23:02,0736537","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\VBA\Monitors","NAME NOT FOUND","Desired Access: Maximum Allowed"
  444. "3:23:02,0750417","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  445. "3:23:02,0750685","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  446. "3:23:02,0751318","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  447. "3:23:02,0751524","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\COM3","SUCCESS","Desired Access: Read"
  448. "3:23:02,0751725","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\COM3","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  449. "3:23:02,0751870","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\COM3\Com+Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
  450. "3:23:02,0752049","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\COM3","SUCCESS",""
  451. "3:23:02,0753979","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\clbcatq.dll","SUCCESS","Image Base: 0x76e70000, Image Size: 0x83000"
  452. "3:23:02,0755230","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  453. "3:23:02,0755388","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  454. "3:23:02,0755544","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  455. "3:23:02,0755752","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  456. "3:23:02,0755984","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  457. "3:23:02,0756302","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  458. "3:23:02,0756676","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  459. "3:23:02,0756893","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  460. "3:23:02,0757313","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  461. "3:23:02,0757646","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  462. "3:23:02,0757834","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\OLE","SUCCESS","Desired Access: Read"
  463. "3:23:02,0758030","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  464. "3:23:02,0758160","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\OLE\MaxSxSHashCount","NAME NOT FOUND","Length: 144"
  465. "3:23:02,0758318","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\OLE","SUCCESS",""
  466. "3:23:02,0758584","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  467. "3:23:02,0758744","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  468. "3:23:02,0758890","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  469. "3:23:02,0759046","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  470. "3:23:02,0759197","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  471. "3:23:02,0759366","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  472. "3:23:02,0759520","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  473. "3:23:02,0759677","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  474. "3:23:02,0759853","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  475. "3:23:02,0760048","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  476. "3:23:02,0760231","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  477. "3:23:02,0760622","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  478. "3:23:02,0760796","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  479. "3:23:02,0761147","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  480. "3:23:02,0761371","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  481. "3:23:02,0761621","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  482. "3:23:02,0761832","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  483. "3:23:02,0761982","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  484. "3:23:02,0762133","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  485. "3:23:02,0762300","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  486. "3:23:02,0762607","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  487. "3:23:02,0762767","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  488. "3:23:02,0762913","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  489. "3:23:02,0763063","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  490. "3:23:02,0763216","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  491. "3:23:02,0763567","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  492. "3:23:02,0763729","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  493. "3:23:02,0763884","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  494. "3:23:02,0764065","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  495. "3:23:02,0764265","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{2288F6C0-36B4-4A5A-86FF-B71602FBB95D}","NAME NOT FOUND","Desired Access: Read"
  496. "3:23:02,0764439","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  497. "3:23:02,0764608","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  498. "3:23:02,0764745","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  499. "3:23:02,0764883","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  500. "3:23:02,0765059","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  501. "3:23:02,0765256","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  502. "3:23:02,0765629","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  503. "3:23:02,0765789","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  504. "3:23:02,0765942","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  505. "3:23:02,0766119","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  506. "3:23:02,0766626","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  507. "3:23:02,0766789","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  508. "3:23:02,0766933","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  509. "3:23:02,0767089","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  510. "3:23:02,0767239","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  511. "3:23:02,0767409","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  512. "3:23:02,0767561","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  513. "3:23:02,0767714","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  514. "3:23:02,0767901","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  515. "3:23:02,0768104","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  516. "3:23:02,0768277","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  517. "3:23:02,0768437","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  518. "3:23:02,0768575","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  519. "3:23:02,0768715","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  520. "3:23:02,0768933","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  521. "3:23:02,0769139","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  522. "3:23:02,0769587","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  523. "3:23:02,0769756","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  524. "3:23:02,0769912","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  525. "3:23:02,0770082","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  526. "3:23:02,0770827","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  527. "3:23:02,0771017","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  528. "3:23:02,0771189","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  529. "3:23:02,0771357","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  530. "3:23:02,0771533","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  531. "3:23:02,0771711","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  532. "3:23:02,0772042","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  533. "3:23:02,0772290","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  534. "3:23:02,0772539","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  535. "3:23:02,0772776","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{BDDFB411-96B7-450D-B719-7CE8989A0DFE}","NAME NOT FOUND","Desired Access: Read"
  536. "3:23:02,0772986","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  537. "3:23:02,0773189","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  538. "3:23:02,0773343","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  539. "3:23:02,0773485","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  540. "3:23:02,0773661","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  541. "3:23:02,0773855","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  542. "3:23:02,0774233","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  543. "3:23:02,0774396","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  544. "3:23:02,0774546","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  545. "3:23:02,0774722","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  546. "3:23:02,0775226","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  547. "3:23:02,0775392","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  548. "3:23:02,0775534","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  549. "3:23:02,0775714","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  550. "3:23:02,0775870","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  551. "3:23:02,0776042","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  552. "3:23:02,0776196","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  553. "3:23:02,0776361","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  554. "3:23:02,0776690","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  555. "3:23:02,0776967","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  556. "3:23:02,0777273","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  557. "3:23:02,0777477","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  558. "3:23:02,0777619","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  559. "3:23:02,0777762","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  560. "3:23:02,0777942","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  561. "3:23:02,0778168","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  562. "3:23:02,0778822","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  563. "3:23:02,0779004","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  564. "3:23:02,0779258","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  565. "3:23:02,0779539","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  566. "3:23:02,0780279","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  567. "3:23:02,0780782","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  568. "3:23:02,0780962","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  569. "3:23:02,0781135","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  570. "3:23:02,0781287","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  571. "3:23:02,0781463","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  572. "3:23:02,0781652","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  573. "3:23:02,0781811","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  574. "3:23:02,0781991","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  575. "3:23:02,0782406","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  576. "3:23:02,0782612","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  577. "3:23:02,0782792","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  578. "3:23:02,0782938","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  579. "3:23:02,0783092","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  580. "3:23:02,0783284","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  581. "3:23:02,0783495","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  582. "3:23:02,0783888","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  583. "3:23:02,0784048","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  584. "3:23:02,0784196","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  585. "3:23:02,0784405","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  586. "3:23:02,0784941","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  587. "3:23:02,0785109","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  588. "3:23:02,0785264","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  589. "3:23:02,0785447","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  590. "3:23:02,0785637","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  591. "3:23:02,0785850","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  592. "3:23:02,0786044","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  593. "3:23:02,0786225","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  594. "3:23:02,0786604","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  595. "3:23:02,0786821","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  596. "3:23:02,0787010","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  597. "3:23:02,0787177","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  598. "3:23:02,0787316","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  599. "3:23:02,0787460","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  600. "3:23:02,0787638","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  601. "3:23:02,0787828","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  602. "3:23:02,0788251","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  603. "3:23:02,0788414","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  604. "3:23:02,0788564","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  605. "3:23:02,0788769","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  606. "3:23:02,0789299","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  607. "3:23:02,0789485","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  608. "3:23:02,0789639","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  609. "3:23:02,0789839","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  610. "3:23:02,0790006","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  611. "3:23:02,0790197","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  612. "3:23:02,0790559","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  613. "3:23:02,0790744","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  614. "3:23:02,0790925","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  615. "3:23:02,0791122","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{3F8D0E0C-4025-41C9-AAB5-5407E591FD29}","NAME NOT FOUND","Desired Access: Read"
  616. "3:23:02,0791297","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  617. "3:23:02,0791580","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  618. "3:23:02,0791753","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\VBA\Monitors","NAME NOT FOUND","Desired Access: Maximum Allowed"
  619. "3:23:02,0794464","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  620. "3:23:02,0794655","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Rpc","REPARSE","Desired Access: Read"
  621. "3:23:02,0794918","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS","Desired Access: Read"
  622. "3:23:02,0795321","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  623. "3:23:02,0795499","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize","NAME NOT FOUND","Length: 144"
  624. "3:23:02,0795672","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS",""
  625. "3:23:02,0796091","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","REPARSE","Desired Access: Read"
  626. "3:23:02,0796291","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS","Desired Access: Read"
  627. "3:23:02,0796542","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  628. "3:23:02,0796689","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName","SUCCESS","Type: REG_SZ, Length: 32, Data: WIN-4GHA667EH3L"
  629. "3:23:02,0796890","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS",""
  630. "3:23:02,0797081","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\Setup","SUCCESS","Desired Access: Read"
  631. "3:23:02,0797619","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SYSTEM\Setup","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  632. "3:23:02,0797757","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SYSTEM\Setup\OOBEInProgress","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  633. "3:23:02,0797970","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SYSTEM\Setup","SUCCESS",""
  634. "3:23:02,0798147","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\Setup","SUCCESS","Desired Access: Read"
  635. "3:23:02,0798310","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SYSTEM\Setup","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  636. "3:23:02,0798441","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SYSTEM\Setup\SystemSetupInProgress","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  637. "3:23:02,0798600","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SYSTEM\Setup","SUCCESS",""
  638. "3:23:02,0798766","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  639. "3:23:02,0798938","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Policies\Microsoft\Windows NT\Rpc","REPARSE","Desired Access: Read"
  640. "3:23:02,0799166","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Rpc","NAME NOT FOUND","Desired Access: Read"
  641. "3:23:02,0799509","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Policies\Microsoft\SQMClient\Windows","NAME NOT FOUND","Desired Access: Read"
  642. "3:23:02,0799702","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows","SUCCESS","Desired Access: Read"
  643. "3:23:02,0799888","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  644. "3:23:02,0800021","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable","NAME NOT FOUND","Length: 20"
  645. "3:23:02,0800197","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows","SUCCESS",""
  646. "3:23:02,0806832","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1492"
  647. "3:23:02,0809625","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  648. "3:23:02,0809917","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  649. "3:23:02,0810084","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  650. "3:23:02,0810290","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  651. "3:23:02,0810800","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  652. "3:23:02,0811221","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  653. "3:23:02,0813142","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\VB6ES.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  654. "3:23:02,0816629","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\CRYPTSP.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  655. "3:23:02,0818046","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  656. "3:23:02,0818770","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","CreationTime: 14/07/2009 1:37:21, LastAccessTime: 14/07/2009 1:37:21, LastWriteTime: 14/07/2009 3:15:07, ChangeTime: 12/05/2014 1:07:31, FileAttributes: A"
  657. "3:23:02,0818969","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS",""
  658. "3:23:02,0819889","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  659. "3:23:02,0820664","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\cryptsp.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  660. "3:23:02,0821500","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","SyncType: SyncTypeOther"
  661. "3:23:02,0823877","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS","Image Base: 0x751e0000, Image Size: 0x16000"
  662. "3:23:02,0824120","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\cryptsp.dll","SUCCESS",""
  663. "3:23:02,0825273","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  664. "3:23:02,0825487","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS","Desired Access: Read"
  665. "3:23:02,0825805","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  666. "3:23:02,0825961","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Type","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
  667. "3:23:02,0826116","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
  668. "3:23:02,0826267","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
  669. "3:23:02,0826456","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
  670. "3:23:02,0826604","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll"
  671. "3:23:02,0828126","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  672. "3:23:02,0828810","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  673. "3:23:02,0828976","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  674. "3:23:02,0829880","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  675. "3:23:02,0830640","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  676. "3:23:02,0830800","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  677. "3:23:02,0831379","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  678. "3:23:02,0831861","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  679. "3:23:02,0833413","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  680. "3:23:02,0834065","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  681. "3:23:02,0834222","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  682. "3:23:02,0835094","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  683. "3:23:02,0835799","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  684. "3:23:02,0835936","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  685. "3:23:02,0836230","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  686. "3:23:02,0836668","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  687. "3:23:02,0838185","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  688. "3:23:02,0838826","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  689. "3:23:02,0838980","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  690. "3:23:02,0839849","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  691. "3:23:02,0840559","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  692. "3:23:02,0840693","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  693. "3:23:02,0841159","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  694. "3:23:02,0841655","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  695. "3:23:02,0843195","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  696. "3:23:02,0843848","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  697. "3:23:02,0844002","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  698. "3:23:02,0844880","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  699. "3:23:02,0845587","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  700. "3:23:02,0845724","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  701. "3:23:02,0846016","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  702. "3:23:02,0846454","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  703. "3:23:02,0848272","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  704. "3:23:02,0848965","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  705. "3:23:02,0849132","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  706. "3:23:02,0850093","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  707. "3:23:02,0850932","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  708. "3:23:02,0851109","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  709. "3:23:02,0851245","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","AllocationSize: 245.760, EndOfFile: 242.936, NumberOfLinks: 2, DeletePending: False, Directory: False"
  710. "3:23:02,0851541","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  711. "3:23:02,0888313","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  712. "3:23:02,0889942","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  713. "3:23:02,0890652","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","CreationTime: 14/07/2009 1:37:33, LastAccessTime: 14/07/2009 1:37:33, LastWriteTime: 14/07/2009 3:17:54, ChangeTime: 12/05/2014 1:08:14, FileAttributes: A"
  714. "3:23:02,0890809","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  715. "3:23:02,0891867","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  716. "3:23:02,0892554","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  717. "3:23:02,0893223","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","SyncType: SyncTypeOther"
  718. "3:23:02,0895579","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS","Image Base: 0x751a0000, Image Size: 0x3b000"
  719. "3:23:02,0895828","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\rsaenh.dll","SUCCESS",""
  720. "3:23:02,0896821","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","REPARSE","Desired Access: Query Value"
  721. "3:23:02,0897026","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","Desired Access: Query Value"
  722. "3:23:02,0897228","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  723. "3:23:02,0897365","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  724. "3:23:02,0897550","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","REPARSE","Desired Access: Query Value"
  725. "3:23:02,0897724","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","Desired Access: Query Value"
  726. "3:23:02,0897898","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  727. "3:23:02,0898032","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","NAME NOT FOUND","Length: 20"
  728. "3:23:02,0898217","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS",""
  729. "3:23:02,0898371","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS",""
  730. "3:23:02,0898551","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","REPARSE","Desired Access: Query Value"
  731. "3:23:02,0898728","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","NAME NOT FOUND","Desired Access: Query Value"
  732. "3:23:02,0899038","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  733. "3:23:02,0899193","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Policies\Microsoft\Cryptography","SUCCESS","Desired Access: Read"
  734. "3:23:02,0899428","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Cryptography","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  735. "3:23:02,0899569","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCacheMaxItems","NAME NOT FOUND","Length: 144"
  736. "3:23:02,0899718","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCachePurgeIntervalSeconds","NAME NOT FOUND","Length: 144"
  737. "3:23:02,0899861","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivateKeyLifetimeSeconds","NAME NOT FOUND","Length: 144"
  738. "3:23:02,0900019","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Cryptography","SUCCESS",""
  739. "3:23:02,0900174","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  740. "3:23:02,0900414","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\Cryptography","SUCCESS","Desired Access: Read"
  741. "3:23:02,0900585","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Cryptography","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  742. "3:23:02,0900717","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
  743. "3:23:02,0901195","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
  744. "3:23:02,0901388","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
  745. "3:23:02,0901552","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid","SUCCESS","Type: REG_SZ, Length: 74, Data: a6502c5e-d959-4dcf-b2c4-99b96e1eae54"
  746. "3:23:02,0901793","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Cryptography","SUCCESS",""
  747. "3:23:02,0901962","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  748. "3:23:02,0902142","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Cryptography\Offload","NAME NOT FOUND","Desired Access: Read"
  749. "3:23:02,0903204","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider","SUCCESS",""
  750. "3:23:02,0904657","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Desired Access: Generic Read/Write, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  751. "3:23:02,0907471","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: False"
  752. "3:23:02,0907705","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 512"
  753. "3:23:02,0908282","RDG Malware Detector.exe","1732","SetAllocationInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512"
  754. "3:23:02,0908587","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","FILE LOCKED WITH WRITERS","SyncType: SyncTypeCreateSection, PageProtection: "
  755. "3:23:02,0908734","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512, EndOfFile: 512, NumberOfLinks: 1, DeletePending: False, Directory: False"
  756. "3:23:02,0909050","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","SyncType: SyncTypeOther"
  757. "3:23:02,0909751","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","CreationTime: 30/06/2015 3:23:02, LastAccessTime: 30/06/2015 3:23:02, LastWriteTime: 30/06/2015 3:23:02, ChangeTime: 30/06/2015 3:23:02, FileAttributes: ACNCI"
  758. "3:23:02,0909979","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.538, Length: 1, Fail Immediately: True"
  759. "3:23:02,0910146","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.539, Length: 20, Fail Immediately: True"
  760. "3:23:02,0910293","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.539, Length: 20"
  761. "3:23:02,0910545","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.559, Length: 20, Fail Immediately: True"
  762. "3:23:02,0910686","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.559, Length: 20"
  763. "3:23:02,0910827","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.579, Length: 20, Fail Immediately: True"
  764. "3:23:02,0911207","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.579, Length: 20"
  765. "3:23:02,0911350","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.599, Length: 20, Fail Immediately: True"
  766. "3:23:02,0911519","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.599, Length: 20"
  767. "3:23:02,0911654","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.539, Length: 1, Fail Immediately: True"
  768. "3:23:02,0911793","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.559, Length: 1, Fail Immediately: True"
  769. "3:23:02,0912102","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.579, Length: 1, Fail Immediately: True"
  770. "3:23:02,0912248","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Exclusive: True, Offset: 2.147.483.599, Length: 1, Fail Immediately: True"
  771. "3:23:02,0912400","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 2.147.483.538, Length: 1"
  772. "3:23:02,0912760","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 512, EndOfFile: 512, NumberOfLinks: 1, DeletePending: False, Directory: False"
  773. "3:23:02,0912928","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 16.384"
  774. "3:23:02,0913889","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 0, Length: 4.096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
  775. "3:23:02,0914498","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 4.096, Length: 12.288, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
  776. "3:23:02,0921363","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\shlwapi.dll","SUCCESS","Image Base: 0x76ba0000, Image Size: 0x57000"
  777. "3:23:02,0924452","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  778. "3:23:02,0925330","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","CreationTime: 30/06/2015 3:12:06, LastAccessTime: 30/06/2015 3:12:06, LastWriteTime: 19/03/2009 7:44:42, ChangeTime: 30/06/2015 3:12:06, FileAttributes: ACNCI"
  779. "3:23:02,0925550","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS",""
  780. "3:23:02,0927099","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  781. "3:23:02,0927510","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","AllocationSize: 24.576, EndOfFile: 59.962, NumberOfLinks: 1, DeletePending: False, Directory: False"
  782. "3:23:02,0928009","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 0, Length: 5, Priority: Very Low"
  783. "3:23:02,0928335","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 5, Length: 6"
  784. "3:23:02,0928557","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 11, Length: 16"
  785. "3:23:02,0928744","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 27, Length: 16"
  786. "3:23:02,0928932","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 43, Length: 16"
  787. "3:23:02,0929120","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 59, Length: 16"
  788. "3:23:02,0929303","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 75, Length: 16"
  789. "3:23:02,0929488","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 91, Length: 16"
  790. "3:23:02,0929674","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 107, Length: 16"
  791. "3:23:02,0929861","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 123, Length: 16"
  792. "3:23:02,0930044","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 139, Length: 16"
  793. "3:23:02,0930225","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 155, Length: 16"
  794. "3:23:02,0930439","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 171, Length: 16"
  795. "3:23:02,0930622","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 187, Length: 16"
  796. "3:23:02,0930810","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 203, Length: 16"
  797. "3:23:02,0931229","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 219, Length: 16"
  798. "3:23:02,0931426","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 235, Length: 16"
  799. "3:23:02,0931638","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 251, Length: 16"
  800. "3:23:02,0931821","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 267, Length: 16"
  801. "3:23:02,0932001","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 283, Length: 16"
  802. "3:23:02,0932186","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 299, Length: 16"
  803. "3:23:02,0932512","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 315, Length: 16"
  804. "3:23:02,0932734","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 331, Length: 16"
  805. "3:23:02,0932919","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 347, Length: 16"
  806. "3:23:02,0933098","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 363, Length: 16"
  807. "3:23:02,0933281","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 379, Length: 16"
  808. "3:23:02,0933463","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 395, Length: 16"
  809. "3:23:02,0933643","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 411, Length: 16"
  810. "3:23:02,0933823","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 427, Length: 16"
  811. "3:23:02,0934003","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 443, Length: 16"
  812. "3:23:02,0934189","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 459, Length: 8"
  813. "3:23:02,0934370","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 467, Length: 16"
  814. "3:23:02,0934552","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 483, Length: 16"
  815. "3:23:02,0934737","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 499, Length: 16"
  816. "3:23:02,0934924","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 515, Length: 16"
  817. "3:23:02,0935107","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 531, Length: 8"
  818. "3:23:02,0935290","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 539, Length: 16"
  819. "3:23:02,0935471","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 555, Length: 16"
  820. "3:23:02,0935650","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 571, Length: 16"
  821. "3:23:02,0935833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 587, Length: 16"
  822. "3:23:02,0936013","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 603, Length: 8"
  823. "3:23:02,0936193","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 611, Length: 16"
  824. "3:23:02,0936375","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 627, Length: 16"
  825. "3:23:02,0936555","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 643, Length: 16"
  826. "3:23:02,0936736","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 659, Length: 16"
  827. "3:23:02,0936919","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 675, Length: 8"
  828. "3:23:02,0937100","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 683, Length: 16"
  829. "3:23:02,0937281","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 699, Length: 8"
  830. "3:23:02,0937460","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 707, Length: 61"
  831. "3:23:02,0937641","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 768, Length: 4"
  832. "3:23:02,0937820","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 772, Length: 2"
  833. "3:23:02,0938001","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 774, Length: 16"
  834. "3:23:02,0938185","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 790, Length: 1"
  835. "3:23:02,0938368","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 791, Length: 16"
  836. "3:23:02,0938553","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 807, Length: 16"
  837. "3:23:02,0938733","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 823, Length: 16"
  838. "3:23:02,0938915","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 839, Length: 16"
  839. "3:23:02,0939105","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 855, Length: 16"
  840. "3:23:02,0939285","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 871, Length: 16"
  841. "3:23:02,0939466","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 887, Length: 16"
  842. "3:23:02,0939652","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 903, Length: 16"
  843. "3:23:02,0939833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 919, Length: 16"
  844. "3:23:02,0940014","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 935, Length: 16"
  845. "3:23:02,0940200","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 951, Length: 61"
  846. "3:23:02,0940377","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.012, Length: 4"
  847. "3:23:02,0940592","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.016, Length: 4"
  848. "3:23:02,0940771","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.020, Length: 2"
  849. "3:23:02,0941110","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.022, Length: 8"
  850. "3:23:02,0941309","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.030, Length: 16"
  851. "3:23:02,0941490","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.046, Length: 8"
  852. "3:23:02,0941682","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.054, Length: 40"
  853. "3:23:02,0941875","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.094, Length: 40"
  854. "3:23:02,0942067","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.134, Length: 400"
  855. "3:23:02,0942272","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS","Offset: 1.534, Length: 58.428"
  856. "3:23:02,0942747","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\sk.dat","SUCCESS",""
  857. "3:23:02,0943318","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledProcesses\","SUCCESS","Desired Access: Read"
  858. "3:23:02,0943633","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  859. "3:23:02,0943825","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\4E717114","NAME NOT FOUND","Length: 24"
  860. "3:23:02,0944031","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses","SUCCESS",""
  861. "3:23:02,0944256","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledSessions\","SUCCESS","Desired Access: Read"
  862. "3:23:02,0944502","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  863. "3:23:02,0944689","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling","NAME NOT FOUND","Length: 24"
  864. "3:23:02,0944891","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS",""
  865. "3:23:02,0945289","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Microsoft\SQMClient\Windows\DisabledSessions\","SUCCESS","Desired Access: Read"
  866. "3:23:02,0945518","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  867. "3:23:02,0945747","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession","NAME NOT FOUND","Length: 24"
  868. "3:23:02,0945947","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions","SUCCESS",""
  869. "3:23:02,0947481","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  870. "3:23:02,0947837","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","AllocationSize: 16.384, EndOfFile: 27.044, NumberOfLinks: 1, DeletePending: False, Directory: False"
  871. "3:23:02,0948073","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Registration\R00000000000c.clb","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  872. "3:23:02,0948259","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Registration\R00000000000c.clb","SUCCESS","AllocationSize: 16.384, EndOfFile: 27.044, NumberOfLinks: 1, DeletePending: False, Directory: False"
  873. "3:23:02,0948657","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Registration\R00000000000c.clb","SUCCESS","SyncType: SyncTypeOther"
  874. "3:23:02,0949929","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  875. "3:23:02,0950179","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  876. "3:23:02,0950387","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  877. "3:23:02,0950892","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
  878. "3:23:02,0951189","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Desired Access: Read"
  879. "3:23:02,0951513","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  880. "3:23:02,0951699","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  881. "3:23:02,0951893","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  882. "3:23:02,0952179","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  883. "3:23:02,0952410","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  884. "3:23:02,0952617","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  885. "3:23:02,0952827","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","BUFFER TOO SMALL","Query: Name, Length: 0"
  886. "3:23:02,0953013","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  887. "3:23:02,0953214","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  888. "3:23:02,0953405","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  889. "3:23:02,0953673","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  890. "3:23:02,0953903","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  891. "3:23:02,0954108","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  892. "3:23:02,0954344","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  893. "3:23:02,0954555","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  894. "3:23:02,0954757","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
  895. "3:23:02,0954985","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
  896. "3:23:02,0955248","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  897. "3:23:02,0955443","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  898. "3:23:02,0955713","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  899. "3:23:02,0955920","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: VBPropertyBag"
  900. "3:23:02,0956123","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  901. "3:23:02,0956325","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  902. "3:23:02,0956609","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  903. "3:23:02,0956817","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: VBPropertyBag"
  904. "3:23:02,0957044","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  905. "3:23:02,0957234","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  906. "3:23:02,0957499","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
  907. "3:23:02,0957733","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  908. "3:23:02,0957936","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32","SUCCESS","Desired Access: Read"
  909. "3:23:02,0958181","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
  910. "3:23:02,0958372","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  911. "3:23:02,0958637","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  912. "3:23:02,0958845","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\InprocServer32","NAME NOT FOUND","Length: 144"
  913. "3:23:02,0959033","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
  914. "3:23:02,0959220","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  915. "3:23:02,0959487","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  916. "3:23:02,0959693","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\msvbvm60.dll"
  917. "3:23:02,0959887","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
  918. "3:23:02,0960075","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  919. "3:23:02,0960336","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  920. "3:23:02,0960625","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\msvbvm60.dll"
  921. "3:23:02,0961049","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: Name"
  922. "3:23:02,0961380","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  923. "3:23:02,0961658","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  924. "3:23:02,0961870","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 20, Data: Apartment"
  925. "3:23:02,0962089","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InProcServer32","SUCCESS",""
  926. "3:23:02,0962279","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  927. "3:23:02,0962466","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  928. "3:23:02,0962921","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  929. "3:23:02,0963161","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  930. "3:23:02,0963361","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  931. "3:23:02,0963557","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  932. "3:23:02,0963754","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  933. "3:23:02,0964014","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  934. "3:23:02,0964240","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  935. "3:23:02,0964443","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  936. "3:23:02,0964665","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS",""
  937. "3:23:02,0965204","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  938. "3:23:02,0965425","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  939. "3:23:02,0965619","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  940. "3:23:02,0965812","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  941. "3:23:02,0966041","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  942. "3:23:02,0966277","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","NAME NOT FOUND","Desired Access: Read"
  943. "3:23:02,0966529","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Desired Access: Read"
  944. "3:23:02,0966755","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  945. "3:23:02,0966957","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  946. "3:23:02,0967147","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: Name"
  947. "3:23:02,0967342","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  948. "3:23:02,0967608","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  949. "3:23:02,0967834","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  950. "3:23:02,0968037","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  951. "3:23:02,0968248","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}","SUCCESS",""
  952. "3:23:02,0969853","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  953. "3:23:02,0970690","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","CreationTime: 10/06/2009 23:38:03, LastAccessTime: 10/06/2009 23:38:03, LastWriteTime: 14/07/2009 3:15:50, ChangeTime: 12/05/2014 1:07:50, FileAttributes: A"
  954. "3:23:02,0971117","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
  955. "3:23:02,0972227","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  956. "3:23:02,0972966","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  957. "3:23:02,0974146","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","SyncType: SyncTypeOther"
  958. "3:23:02,0976127","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS","Image Base: 0x2860000, Image Size: 0x153000"
  959. "3:23:02,0976624","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\msvbvm60.dll","SUCCESS",""
  960. "3:23:02,0979316","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  961. "3:23:02,0979530","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  962. "3:23:02,0979743","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  963. "3:23:02,0979992","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
  964. "3:23:02,0980262","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
  965. "3:23:02,0980862","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  966. "3:23:02,0981053","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  967. "3:23:02,0981250","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  968. "3:23:02,0981538","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  969. "3:23:02,0981772","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  970. "3:23:02,0981971","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  971. "3:23:02,0982172","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","BUFFER TOO SMALL","Query: Name, Length: 0"
  972. "3:23:02,0982357","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  973. "3:23:02,0982557","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  974. "3:23:02,0982748","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  975. "3:23:02,0983013","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  976. "3:23:02,0983235","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  977. "3:23:02,0983438","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
  978. "3:23:02,0983682","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
  979. "3:23:02,0983873","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  980. "3:23:02,0984137","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
  981. "3:23:02,0984350","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 22, Data: StdPicture"
  982. "3:23:02,0984569","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
  983. "3:23:02,0984790","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  984. "3:23:02,0984986","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  985. "3:23:02,0985439","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  986. "3:23:02,0985671","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  987. "3:23:02,0985881","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
  988. "3:23:02,0986095","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
  989. "3:23:02,0986317","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  990. "3:23:02,0986591","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
  991. "3:23:02,0986803","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 22, Data: StdPicture"
  992. "3:23:02,0987016","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
  993. "3:23:02,0987203","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  994. "3:23:02,0987398","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  995. "3:23:02,0987662","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  996. "3:23:02,0987875","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 34, Data: Standard Picture"
  997. "3:23:02,0988071","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  998. "3:23:02,0988263","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  999. "3:23:02,0988527","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1000. "3:23:02,0988733","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 34, Data: Standard Picture"
  1001. "3:23:02,0988943","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1002. "3:23:02,0989132","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1003. "3:23:02,0989391","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
  1004. "3:23:02,0989612","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1005. "3:23:02,0989812","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Desired Access: Read"
  1006. "3:23:02,0990050","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1007. "3:23:02,0990249","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1008. "3:23:02,0990649","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1009. "3:23:02,0990876","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\InprocServer32","NAME NOT FOUND","Length: 144"
  1010. "3:23:02,0991069","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1011. "3:23:02,0991266","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1012. "3:23:02,0991538","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1013. "3:23:02,0991751","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
  1014. "3:23:02,0991951","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1015. "3:23:02,0992140","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1016. "3:23:02,0992401","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1017. "3:23:02,0992611","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
  1018. "3:23:02,0992809","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1019. "3:23:02,0992995","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1020. "3:23:02,0993262","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1021. "3:23:02,0993471","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 20, Data: Apartment"
  1022. "3:23:02,0993687","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS",""
  1023. "3:23:02,0993871","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1024. "3:23:02,0994059","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1025. "3:23:02,0994319","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  1026. "3:23:02,0994538","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1027. "3:23:02,0994739","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  1028. "3:23:02,0994936","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1029. "3:23:02,0995127","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1030. "3:23:02,0995385","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  1031. "3:23:02,0995607","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1032. "3:23:02,0995809","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  1033. "3:23:02,0996025","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
  1034. "3:23:02,0996438","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1035. "3:23:02,0996657","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1036. "3:23:02,0996859","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1037. "3:23:02,0997055","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1038. "3:23:02,0997248","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1039. "3:23:02,0997476","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
  1040. "3:23:02,0997726","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
  1041. "3:23:02,0997945","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1042. "3:23:02,0998150","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1043. "3:23:02,0998332","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1044. "3:23:02,0998523","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1045. "3:23:02,0998785","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  1046. "3:23:02,0999006","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1047. "3:23:02,0999209","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  1048. "3:23:02,0999415","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
  1049. "3:23:02,1000138","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 16.384, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1050. "3:23:02,1000624","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 32.768"
  1051. "3:23:02,1001316","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 16.384, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
  1052. "3:23:02,1001805","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 32.768, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1053. "3:23:02,1002004","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 49.152"
  1054. "3:23:02,1002231","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 32.768, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
  1055. "3:23:02,1002598","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","AllocationSize: 0, EndOfFile: 49.152, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1056. "3:23:02,1002793","RDG Malware Detector.exe","1732","SetEndOfFileInformationFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","EndOfFile: 65.536"
  1057. "3:23:02,1003026","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\AppData\Local\Temp\~DFD848703C4E674CDE.TMP","SUCCESS","Offset: 49.152, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Very Low"
  1058. "3:23:02,1007687","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","REPARSE","Desired Access: Read"
  1059. "3:23:02,1007993","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","Desired Access: Read"
  1060. "3:23:02,1008341","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1061. "3:23:02,1008601","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\CMF\Config\SYSTEM","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
  1062. "3:23:02,1008850","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS",""
  1063. "3:23:02,1578383","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1064. "3:23:02,1580637","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\es-ES\user32.dll.mui","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1065. "3:23:02,1581342","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","AllocationSize: 20.480, EndOfFile: 19.456, NumberOfLinks: 2, DeletePending: False, Directory: False"
  1066. "3:23:02,1582693","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\es-ES\user32.dll.mui","SUCCESS","SyncType: SyncTypeOther"
  1067. "3:23:02,1667278","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1068. "3:23:02,1668363","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS","Desired Access: Query Value"
  1069. "3:23:02,1669591","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1070. "3:23:02,1670505","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable","NAME NOT FOUND","Length: 144"
  1071. "3:23:02,1671378","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\Fonts\staticcache.dat"
  1072. "3:23:02,1672340","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0","SUCCESS",""
  1073. "3:23:02,1677178","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1074. "3:23:02,1678454","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","AllocationSize: 9.633.792, EndOfFile: 9.633.792, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1075. "3:23:02,1679367","RDG Malware Detector.exe","1732","ReadFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","Offset: 0, Length: 60, Priority: Very Low"
  1076. "3:23:02,1680462","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Fonts\StaticCache.dat","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1077. "3:23:02,1681384","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Windows\Fonts\StaticCache.dat","SUCCESS","AllocationSize: 9.633.792, EndOfFile: 9.633.792, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1078. "3:23:02,1683119","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\Fonts\StaticCache.dat","SUCCESS","SyncType: SyncTypeOther"
  1079. "3:23:02,1687985","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1080. "3:23:02,1688920","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Desired Access: Query Value"
  1081. "3:23:02,1689903","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1082. "3:23:02,1690905","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1","NAME NOT FOUND","Length: 144"
  1083. "3:23:02,1691762","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2","SUCCESS","Type: REG_SZ, Length: 24, Data: SimSun-ExtB"
  1084. "3:23:02,1692631","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2","SUCCESS","Type: REG_SZ, Length: 24, Data: SimSun-ExtB"
  1085. "3:23:02,1693577","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3","NAME NOT FOUND","Length: 144"
  1086. "3:23:02,1695007","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4","NAME NOT FOUND","Length: 144"
  1087. "3:23:02,1696088","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5","NAME NOT FOUND","Length: 144"
  1088. "3:23:02,1696940","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6","NAME NOT FOUND","Length: 144"
  1089. "3:23:02,1697870","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7","NAME NOT FOUND","Length: 144"
  1090. "3:23:02,1699228","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8","NAME NOT FOUND","Length: 144"
  1091. "3:23:02,1700079","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9","NAME NOT FOUND","Length: 144"
  1092. "3:23:02,1700922","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10","NAME NOT FOUND","Length: 144"
  1093. "3:23:02,1701754","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11","NAME NOT FOUND","Length: 144"
  1094. "3:23:02,1702703","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12","NAME NOT FOUND","Length: 144"
  1095. "3:23:02,1703678","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13","NAME NOT FOUND","Length: 144"
  1096. "3:23:02,1708275","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14","NAME NOT FOUND","Length: 144"
  1097. "3:23:02,1709882","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15","NAME NOT FOUND","Length: 144"
  1098. "3:23:02,1710905","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16","NAME NOT FOUND","Length: 144"
  1099. "3:23:02,1712311","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS",""
  1100. "3:23:02,1713503","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1101. "3:23:02,1714757","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
  1102. "3:23:02,1715753","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1103. "3:23:02,1717013","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Query: Cached, SubKeys: 4, Values: 1"
  1104. "3:23:02,1717988","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 0, Name: MingLiU"
  1105. "3:23:02,1719371","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 1, Name: MingLiU_HKSCS"
  1106. "3:23:02,1720564","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 2, Name: PMingLiU"
  1107. "3:23:02,1721444","RDG Malware Detector.exe","1732","RegEnumKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Index: 3, Name: SimSun"
  1108. "3:23:02,1725018","RDG Malware Detector.exe","1732","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS","Query: HandleTags, HandleTags: 0x100"
  1109. "3:23:02,1726020","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\MS Sans Serif","NAME NOT FOUND","Desired Access: Query Value"
  1110. "3:23:02,1727089","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback","SUCCESS",""
  1111. "3:23:02,1883160","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1112. "3:23:02,1884705","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\Compatibility\RDG Malware Detector.exe","NAME NOT FOUND","Desired Access: Read"
  1113. "3:23:02,1892007","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1114. "3:23:02,1895082","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:01, LastAccessTime: 21/11/2010 5:24:01, LastWriteTime: 21/11/2010 5:24:01, ChangeTime: 12/05/2014 1:08:11, FileAttributes: A"
  1115. "3:23:02,1896033","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
  1116. "3:23:02,1899918","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1117. "3:23:02,1902383","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1118. "3:23:02,1907104","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","SUCCESS","SyncType: SyncTypeOther"
  1119. "3:23:02,1914479","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Image Base: 0x2860000, Image Size: 0x15c000"
  1120. "3:23:02,1916034","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
  1121. "3:23:02,1919284","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1122. "3:23:02,1920359","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","REPARSE","Desired Access: Read"
  1123. "3:23:02,1921661","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS","Desired Access: Read"
  1124. "3:23:02,1922734","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1125. "3:23:02,1923577","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
  1126. "3:23:02,1925534","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}","SUCCESS",""
  1127. "3:23:02,1927669","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1128. "3:23:02,1928112","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\","SUCCESS","Desired Access: Read"
  1129. "3:23:02,1928524","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1130. "3:23:02,1928913","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext","NAME NOT FOUND","Length: 144"
  1131. "3:23:02,1929289","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF","SUCCESS",""
  1132. "3:23:02,1931622","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1133. "3:23:02,1932051","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Wow6432Node\Microsoft\CTF\KnownClasses","NAME NOT FOUND","Desired Access: Read"
  1134. "3:23:02,1952147","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1135. "3:23:02,1952422","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1136. "3:23:02,1952667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1137. "3:23:02,1952898","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1138. "3:23:02,1953092","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  1139. "3:23:02,1953342","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  1140. "3:23:02,1953565","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1141. "3:23:02,1953799","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1142. "3:23:02,1954216","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  1143. "3:23:02,1954513","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1AB064EE-025B-4A46-8A0D-0CE78D3AABEB}","NAME NOT FOUND","Desired Access: Read"
  1144. "3:23:02,1954748","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1145. "3:23:02,1958140","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\shell32.dll","SUCCESS","Image Base: 0x75700000, Image Size: 0xc4a000"
  1146. "3:23:02,1962528","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots","NAME NOT FOUND","Desired Access: Enumerate Sub Keys"
  1147. "3:23:02,1965092","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe.Local","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  1148. "3:23:02,1968083","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1149. "3:23:02,1968385","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","CreationTime: 21/11/2010 5:24:13, LastAccessTime: 21/11/2010 5:24:13, LastWriteTime: 21/11/2010 5:24:13, ChangeTime: 12/05/2014 1:10:04, FileAttributes: D"
  1150. "3:23:02,1968579","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS",""
  1151. "3:23:02,1970176","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1152. "3:23:02,1972004","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1153. "3:23:02,1972843","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:09, LastAccessTime: 21/11/2010 5:24:09, LastWriteTime: 21/11/2010 5:24:09, ChangeTime: 12/05/2014 1:07:30, FileAttributes: A"
  1154. "3:23:02,1973030","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS",""
  1155. "3:23:02,1974346","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1156. "3:23:02,1974680","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1157. "3:23:02,1978916","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","SyncType: SyncTypeOther"
  1158. "3:23:02,1980601","RDG Malware Detector.exe","1732","Load Image","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS","Image Base: 0x74350000, Image Size: 0x84000"
  1159. "3:23:02,1980875","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll","SUCCESS",""
  1160. "3:23:02,1984640","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
  1161. "3:23:02,1985005","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  1162. "3:23:02,1985667","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1163. "3:23:02,1986072","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1164. "3:23:02,1986272","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1165. "3:23:02,1986507","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
  1166. "3:23:02,1986767","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
  1167. "3:23:02,1987120","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1168. "3:23:02,1987290","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1169. "3:23:02,1987467","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1170. "3:23:02,1987736","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  1171. "3:23:02,1987954","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1172. "3:23:02,1988136","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Query Value"
  1173. "3:23:02,1988330","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","BUFFER TOO SMALL","Query: Name, Length: 0"
  1174. "3:23:02,1988493","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1175. "3:23:02,1988678","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1176. "3:23:02,1988844","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1177. "3:23:02,1989096","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  1178. "3:23:02,1989315","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1179. "3:23:02,1989493","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
  1180. "3:23:02,1989719","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
  1181. "3:23:02,1989892","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1182. "3:23:02,1990149","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1183. "3:23:02,1990356","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 16, Data: StdFont"
  1184. "3:23:02,1990565","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
  1185. "3:23:02,1990734","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1186. "3:23:02,1990908","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1187. "3:23:02,1991163","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","NAME NOT FOUND","Desired Access: Query Value"
  1188. "3:23:02,1991372","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1189. "3:23:02,1991555","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\Progid","SUCCESS","Desired Access: Query Value"
  1190. "3:23:02,1991740","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: Name"
  1191. "3:23:02,1991914","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1192. "3:23:02,1992159","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1193. "3:23:02,1992348","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID\(Default)","SUCCESS","Type: REG_SZ, Length: 16, Data: StdFont"
  1194. "3:23:02,1992541","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\ProgID","SUCCESS",""
  1195. "3:23:02,1992717","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1196. "3:23:02,1992894","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1197. "3:23:02,1993148","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1198. "3:23:02,1993339","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: Standard Font"
  1199. "3:23:02,1993514","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1200. "3:23:02,1993688","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1201. "3:23:02,1994066","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1202. "3:23:02,1994309","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\(Default)","SUCCESS","Type: REG_SZ, Length: 28, Data: Standard Font"
  1203. "3:23:02,1994510","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1204. "3:23:02,1994685","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1205. "3:23:02,1994949","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Read"
  1206. "3:23:02,1995156","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1207. "3:23:02,1995339","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Desired Access: Read"
  1208. "3:23:02,1995575","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1209. "3:23:02,1995749","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1210. "3:23:02,1995998","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1211. "3:23:02,1996187","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\InprocServer32","NAME NOT FOUND","Length: 144"
  1212. "3:23:02,1996355","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1213. "3:23:02,1996528","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1214. "3:23:02,1996781","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1215. "3:23:02,1996971","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
  1216. "3:23:02,1997146","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1217. "3:23:02,1997318","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1218. "3:23:02,1997566","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1219. "3:23:02,1997753","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\(Default)","SUCCESS","Type: REG_SZ, Length: 66, Data: C:\Windows\SysWOW64\oleaut32.dll"
  1220. "3:23:02,1997928","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: Name"
  1221. "3:23:02,1998103","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1222. "3:23:02,1998355","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","NAME NOT FOUND","Desired Access: Maximum Allowed"
  1223. "3:23:02,1998563","RDG Malware Detector.exe","1732","RegQueryValue","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32\ThreadingModel","SUCCESS","Type: REG_SZ, Length: 10, Data: Both"
  1224. "3:23:02,1998762","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32","SUCCESS",""
  1225. "3:23:02,1998945","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1226. "3:23:02,1999121","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1227. "3:23:02,1999378","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  1228. "3:23:02,1999596","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1229. "3:23:02,1999778","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler32","NAME NOT FOUND","Desired Access: Query Value"
  1230. "3:23:02,1999959","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1231. "3:23:02,2000129","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1232. "3:23:02,2000376","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  1233. "3:23:02,2000587","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1234. "3:23:02,2000763","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocHandler","NAME NOT FOUND","Desired Access: Query Value"
  1235. "3:23:02,2001405","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
  1236. "3:23:02,2002017","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1237. "3:23:02,2002417","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1238. "3:23:02,2002618","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1239. "3:23:02,2002799","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1240. "3:23:02,2002979","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1241. "3:23:02,2003204","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","NAME NOT FOUND","Desired Access: Read"
  1242. "3:23:02,2003465","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Desired Access: Read"
  1243. "3:23:02,2003686","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1244. "3:23:02,2003894","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1245. "3:23:02,2004237","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: Name"
  1246. "3:23:02,2004417","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1247. "3:23:02,2004692","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  1248. "3:23:02,2004909","RDG Malware Detector.exe","1732","RegQueryKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS","Query: HandleTags, HandleTags: 0x401"
  1249. "3:23:02,2005108","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\TreatAs","NAME NOT FOUND","Desired Access: Read"
  1250. "3:23:02,2005304","RDG Malware Detector.exe","1732","RegCloseKey","HKCR\Wow6432Node\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}","SUCCESS",""
  1251. "3:23:02,2045256","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1252. "3:23:02,2045520","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1253. "3:23:02,2045723","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1254. "3:23:02,2045948","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1255. "3:23:02,2046137","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  1256. "3:23:02,2046363","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  1257. "3:23:02,2046564","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1258. "3:23:02,2046754","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1259. "3:23:02,2046978","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  1260. "3:23:02,2047224","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{96680663-2FE5-467F-9EC5-64503A9F3F46}","NAME NOT FOUND","Desired Access: Read"
  1261. "3:23:02,2047444","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1262. "3:23:02,2053001","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1263. "3:23:02,2053238","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1264. "3:23:02,2053426","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1265. "3:23:02,2053636","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1266. "3:23:02,2053822","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  1267. "3:23:02,2054196","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  1268. "3:23:02,2054415","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1269. "3:23:02,2054608","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1270. "3:23:02,2054826","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  1271. "3:23:02,2055069","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{1C6DA4A9-C23B-459E-8EED-20D9AED01D34}","NAME NOT FOUND","Desired Access: Read"
  1272. "3:23:02,2055286","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1273. "3:23:02,2104706","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1274. "3:23:02,2104939","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1275. "3:23:02,2105123","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1276. "3:23:02,2105333","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1277. "3:23:02,2105545","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  1278. "3:23:02,2105755","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  1279. "3:23:02,2105952","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1280. "3:23:02,2106136","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1281. "3:23:02,2106445","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  1282. "3:23:02,2106732","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{DB2CAE1B-477F-4565-821B-D3770C5FA021}","NAME NOT FOUND","Desired Access: Read"
  1283. "3:23:02,2107021","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1284. "3:23:02,2115819","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\olepro32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  1285. "3:23:02,2120575","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1286. "3:23:02,2121954","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:03, LastAccessTime: 21/11/2010 5:24:03, LastWriteTime: 21/11/2010 5:24:03, ChangeTime: 12/05/2014 1:08:11, FileAttributes: A"
  1287. "3:23:02,2122164","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS",""
  1288. "3:23:02,2123521","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1289. "3:23:02,2124812","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\olepro32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1290. "3:23:02,2126327","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","SyncType: SyncTypeOther"
  1291. "3:23:02,2128565","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\olepro32.dll","SUCCESS","Image Base: 0x75400000, Image Size: 0x19000"
  1292. "3:23:02,2128878","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\olepro32.dll","SUCCESS",""
  1293. "3:23:02,2131003","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
  1294. "3:23:02,2131257","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
  1295. "3:23:02,2131600","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1296. "3:23:02,2131772","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\es-AR","NAME NOT FOUND","Length: 532"
  1297. "3:23:02,2131974","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
  1298. "3:23:02,2132184","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
  1299. "3:23:02,2132389","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
  1300. "3:23:02,2132603","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1301. "3:23:02,2132768","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-AR","NAME NOT FOUND","Length: 532"
  1302. "3:23:02,2132948","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
  1303. "3:23:02,2183733","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1304. "3:23:02,2184156","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Classes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1305. "3:23:02,2184390","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1306. "3:23:02,2184631","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1307. "3:23:02,2184831","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  1308. "3:23:02,2185066","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  1309. "3:23:02,2185272","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
  1310. "3:23:02,2185464","RDG Malware Detector.exe","1732","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x1"
  1311. "3:23:02,2185697","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Classes\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  1312. "3:23:02,2185960","RDG Malware Detector.exe","1732","RegOpenKey","HKCR\Wow6432Node\CLSID\{A7E04557-6D92-4558-B265-B477174A4D07}","NAME NOT FOUND","Desired Access: Read"
  1313. "3:23:02,2186188","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Classes","SUCCESS",""
  1314. "3:23:02,2274870","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1315. "3:23:02,2275975","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","CreationTime: 21/11/2010 5:23:51, LastAccessTime: 21/11/2010 5:23:51, LastWriteTime: 21/11/2010 5:23:51, ChangeTime: 12/05/2014 1:07:25, FileAttributes: A"
  1316. "3:23:02,2276155","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS",""
  1317. "3:23:02,2277336","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1318. "3:23:02,2278231","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\asycfilt.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1319. "3:23:02,2279523","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","SyncType: SyncTypeOther"
  1320. "3:23:02,2282085","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS","Image Base: 0x744a0000, Image Size: 0x14000"
  1321. "3:23:02,2282367","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\asycfilt.dll","SUCCESS",""
  1322. "3:23:02,2478468","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
  1323. "3:23:02,2478936","RDG Malware Detector.exe","1732","RegCloseKey","HKCU","SUCCESS",""
  1324. "3:23:02,2538346","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1325. "3:23:02,2538638","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","REPARSE","Desired Access: Read"
  1326. "3:23:02,2539100","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
  1327. "3:23:02,2539368","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1328. "3:23:02,2539572","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Sans Serif","NAME NOT FOUND","Length: 144"
  1329. "3:23:02,2539832","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
  1330. "3:23:02,2568075","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\imagehlp.dll","SUCCESS","Image Base: 0x76f00000, Image Size: 0x2a000"
  1331. "3:23:02,2571124","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1332. "3:23:02,2571498","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1333. "3:23:02,2571660","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","AllocationSize: 724.992, EndOfFile: 1.343.488, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1334. "3:23:02,2572013","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","SyncType: SyncTypeOther"
  1335. "3:23:02,2572365","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS","AllocationSize: 724.992, EndOfFile: 1.343.488, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1336. "3:23:02,2580366","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\RDG Malware Detector.exe","SUCCESS",""
  1337. "3:23:02,2583197","RDG Malware Detector.exe","1732","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
  1338. "3:23:02,2583530","RDG Malware Detector.exe","1732","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1339. "3:23:02,2583767","RDG Malware Detector.exe","1732","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS","Desired Access: Read"
  1340. "3:23:02,2584109","RDG Malware Detector.exe","1732","RegSetInfoKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1341. "3:23:02,2584312","RDG Malware Detector.exe","1732","RegQueryValue","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer","NAME NOT FOUND","Length: 144"
  1342. "3:23:02,2584889","RDG Malware Detector.exe","1732","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","SUCCESS",""
  1343. "3:23:02,2585791","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1344. "3:23:02,2586035","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
  1345. "3:23:02,2586303","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1346. "3:23:02,2586489","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
  1347. "3:23:02,2586725","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
  1348. "3:23:02,2588836","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1349. "3:23:02,2589129","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
  1350. "3:23:02,2589436","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1351. "3:23:02,2589664","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
  1352. "3:23:02,2589932","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
  1353. "3:23:02,2590444","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1354. "3:23:02,2590718","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
  1355. "3:23:02,2590989","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1356. "3:23:02,2591221","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
  1357. "3:23:02,2591493","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
  1358. "3:23:02,2595493","RDG Malware Detector.exe","1732","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  1359. "3:23:02,2595803","RDG Malware Detector.exe","1732","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","Desired Access: Read"
  1360. "3:23:02,2596110","RDG Malware Detector.exe","1732","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
  1361. "3:23:02,2596353","RDG Malware Detector.exe","1732","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma","NAME NOT FOUND","Length: 144"
  1362. "3:23:02,2596847","RDG Malware Detector.exe","1732","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes","SUCCESS",""
  1363. "3:23:02,2646995","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1364. "3:23:02,2647335","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1365. "3:23:02,2647531","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1366. "3:23:02,2647783","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1367. "3:23:02,2648151","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1368. "3:23:02,2648328","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1369. "3:23:02,2650250","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1370. "3:23:02,2650958","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","CreationTime: 21/11/2010 5:24:15, LastAccessTime: 21/11/2010 5:24:15, LastWriteTime: 21/11/2010 5:24:15, ChangeTime: 12/05/2014 1:07:45, FileAttributes: A"
  1371. "3:23:02,2651127","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS",""
  1372. "3:23:02,2652055","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1373. "3:23:02,2652812","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\kernel32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1374. "3:23:02,2653750","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","SyncType: SyncTypeOther"
  1375. "3:23:02,2656177","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x3760000, Image Size: 0x110000"
  1376. "3:23:02,2656478","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\kernel32.dll","SUCCESS",""
  1377. "3:23:02,2675091","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1378. "3:23:02,2675359","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1379. "3:23:02,2675508","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1380. "3:23:02,2675727","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1381. "3:23:02,2676020","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1382. "3:23:02,2676191","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1383. "3:23:02,2677244","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1384. "3:23:02,2677485","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1385. "3:23:02,2677633","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1386. "3:23:02,2678011","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1387. "3:23:02,2678501","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1388. "3:23:02,2678674","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1389. "3:23:02,2679761","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1390. "3:23:02,2679996","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1391. "3:23:02,2680134","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1392. "3:23:02,2680335","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1393. "3:23:02,2680601","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1394. "3:23:02,2680762","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1395. "3:23:02,2681799","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1396. "3:23:02,2682047","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1397. "3:23:02,2682191","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1398. "3:23:02,2683531","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1399. "3:23:02,2683823","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1400. "3:23:02,2684146","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1401. "3:23:02,2685408","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1402. "3:23:02,2685677","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1403. "3:23:02,2685826","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1404. "3:23:02,2686031","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1405. "3:23:02,2686506","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1406. "3:23:02,2686735","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1407. "3:23:02,2687909","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1408. "3:23:02,2688248","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1409. "3:23:02,2688438","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1410. "3:23:02,2689727","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1411. "3:23:02,2690166","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1412. "3:23:02,2690349","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1413. "3:23:02,2691551","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1414. "3:23:02,2691819","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1415. "3:23:02,2691982","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1416. "3:23:02,2692188","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1417. "3:23:02,2692471","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1418. "3:23:02,2692663","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1419. "3:23:02,2693867","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1420. "3:23:02,2694273","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1421. "3:23:02,2694422","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1422. "3:23:02,2694669","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1423. "3:23:02,2694952","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1424. "3:23:02,2695128","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1425. "3:23:02,2696693","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\AppData\Local\Temp:E","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a"
  1426. "3:23:02,2699164","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1427. "3:23:02,2699492","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1428. "3:23:02,2699740","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1429. "3:23:02,2699954","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1430. "3:23:02,2700404","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1431. "3:23:02,2700595","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1432. "3:23:02,2701860","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1433. "3:23:02,2702129","RDG Malware Detector.exe","1732","LockFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Exclusive: False, Offset: 0, Length: 4.294.967.295, Fail Immediately: False"
  1434. "3:23:02,2702276","RDG Malware Detector.exe","1732","QueryStandardInformationFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","AllocationSize: 208, EndOfFile: 207, NumberOfLinks: 1, DeletePending: False, Directory: False"
  1435. "3:23:02,2702505","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 207, Priority: Very Low"
  1436. "3:23:02,2702793","RDG Malware Detector.exe","1732","UnlockFileSingle","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS","Offset: 0, Length: 4.294.967.295"
  1437. "3:23:02,2702980","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Config.ini","SUCCESS",""
  1438. "3:23:02,2708449","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\winmm.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  1439. "3:23:02,2709927","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1440. "3:23:02,2710656","RDG Malware Detector.exe","1732","QueryBasicInformationFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","CreationTime: 21/11/2010 5:24:16, LastAccessTime: 21/11/2010 5:24:16, LastWriteTime: 21/11/2010 5:24:16, ChangeTime: 12/05/2014 1:08:20, FileAttributes: A"
  1441. "3:23:02,2710819","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
  1442. "3:23:02,2712094","RDG Malware Detector.exe","1732","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1443. "3:23:02,2712807","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  1444. "3:23:02,2714580","RDG Malware Detector.exe","1732","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","SUCCESS","SyncType: SyncTypeOther"
  1445. "3:23:02,2716408","RDG Malware Detector.exe","1732","Load Image","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Image Base: 0x74460000, Image Size: 0x32000"
  1446. "3:23:02,2716661","RDG Malware Detector.exe","1732","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
  1447. "3:23:02,2895062","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1448. "3:23:02,2896005","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1449. "3:23:02,2896250","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Filter: SignA.user.db, 1: SignA.user.db"
  1450. "3:23:02,2896533","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1451. "3:23:02,2896977","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
  1452. "3:23:02,2897404","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.user.db","SUCCESS",""
  1453. "3:23:02,2899307","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1454. "3:23:02,2900174","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1455. "3:23:02,2900405","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Filter: SignA.db, 1: SignA.db"
  1456. "3:23:02,2900666","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1457. "3:23:02,2901093","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS","Offset: 0, Length: 20.344, Priority: Very Low"
  1458. "3:23:02,2901851","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignA.db","SUCCESS",""
  1459. "3:23:02,2945575","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1460. "3:23:02,2946440","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1461. "3:23:02,2946671","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Filter: SignE.user.db, 1: SignE.user.db"
  1462. "3:23:02,2946927","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1463. "3:23:02,2947291","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
  1464. "3:23:02,2947588","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.user.db","SUCCESS",""
  1465. "3:23:02,2949333","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1466. "3:23:02,2950171","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1467. "3:23:02,2950400","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Filter: SignE.db, 1: SignE.db"
  1468. "3:23:02,2950649","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1469. "3:23:02,2951117","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS","Offset: 0, Length: 16.715, Priority: Very Low"
  1470. "3:23:02,2951965","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignE.db","SUCCESS",""
  1471. "3:23:02,2987150","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1472. "3:23:02,2988022","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1473. "3:23:02,2988253","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Filter: Sign512.user.db, 1: Sign512.user.db"
  1474. "3:23:02,2988503","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1475. "3:23:02,2988869","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS","Offset: 0, Length: 143, Priority: Very Low"
  1476. "3:23:02,2989160","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.user.db","SUCCESS",""
  1477. "3:23:02,2990901","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1478. "3:23:02,2991785","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1479. "3:23:02,2992013","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Filter: Sign512.db, 1: Sign512.db"
  1480. "3:23:02,2992320","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1481. "3:23:02,2992703","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS","Offset: 0, Length: 4.757, Priority: Very Low"
  1482. "3:23:02,2993077","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\Sign512.db","SUCCESS",""
  1483. "3:23:02,3003421","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1484. "3:23:02,3004328","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1485. "3:23:02,3004718","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Filter: SignP.db, 1: SignP.db"
  1486. "3:23:02,3004995","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1487. "3:23:02,3005879","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS","Offset: 0, Length: 881, Priority: Very Low"
  1488. "3:23:02,3006185","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignP.db","SUCCESS",""
  1489. "3:23:02,3009170","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1490. "3:23:02,3010050","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1491. "3:23:02,3010281","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Filter: SignI.user.db, 1: SignI.user.db"
  1492. "3:23:02,3010525","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1493. "3:23:02,3010889","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
  1494. "3:23:02,3011164","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.user.db","SUCCESS",""
  1495. "3:23:02,3012745","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1496. "3:23:02,3013594","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1497. "3:23:02,3013823","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Filter: SignI.db, 1: SignI.db"
  1498. "3:23:02,3014160","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1499. "3:23:02,3015156","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS","Offset: 0, Length: 14.461, Priority: Very Low"
  1500. "3:23:02,3015632","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignI.db","SUCCESS",""
  1501. "3:23:02,3045294","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.user.db","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  1502. "3:23:02,3046162","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1503. "3:23:02,3046400","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.user.db","NO SUCH FILE","Filter: SignNET.user.db"
  1504. "3:23:02,3046608","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1505. "3:23:02,3048754","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1506. "3:23:02,3049646","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1507. "3:23:02,3049872","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Filter: SignNET.db, 1: SignNET.db"
  1508. "3:23:02,3050117","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1509. "3:23:02,3050946","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS","Offset: 0, Length: 1.832, Priority: Very Low"
  1510. "3:23:02,3051261","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignNET.db","SUCCESS",""
  1511. "3:23:02,3056123","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1512. "3:23:02,3056988","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1513. "3:23:02,3057216","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Filter: SignVB.user.db, 1: SignVB.user.db"
  1514. "3:23:02,3057461","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1515. "3:23:02,3057833","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS","Offset: 0, Length: 144, Priority: Very Low"
  1516. "3:23:02,3058317","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.user.db","SUCCESS",""
  1517. "3:23:02,3059954","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1518. "3:23:02,3060828","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1519. "3:23:02,3061066","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Filter: SignVB.db, 1: SignVB.db"
  1520. "3:23:02,3061324","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1521. "3:23:02,3062260","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS","Offset: 0, Length: 342, Priority: Very Low"
  1522. "3:23:02,3062561","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignVB.db","SUCCESS",""
  1523. "3:23:02,3064902","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1524. "3:23:02,3065965","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1525. "3:23:02,3066231","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Filter: SignMem.db, 1: SignMem.db"
  1526. "3:23:02,3066508","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1527. "3:23:02,3067404","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS","Offset: 0, Length: 1.747, Priority: Very Low"
  1528. "3:23:02,3067737","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignMem.db","SUCCESS",""
  1529. "3:23:02,3072747","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1530. "3:23:02,3073655","RDG Malware Detector.exe","1732","CreateFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1531. "3:23:02,3073903","RDG Malware Detector.exe","1732","QueryDirectory","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Filter: SignWL.db, 1: SignWL.db"
  1532. "3:23:02,3074310","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015","SUCCESS",""
  1533. "3:23:02,3075313","RDG Malware Detector.exe","1732","ReadFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS","Offset: 0, Length: 388, Priority: Very Low"
  1534. "3:23:02,3075683","RDG Malware Detector.exe","1732","CloseFile","C:\Users\Administrador\Desktop\RDG Malware Detector Beta7 2015\SignWL.db","SUCCESS",""
  1535. "3:23:32,0919938","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 836"
  1536. "3:23:32,0923707","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1668"
  1537. "3:23:32,0926598","RDG Malware Detector.exe","1732","Thread Create","","SUCCESS","Thread ID: 1440"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement