Today, 3/29/2022 5:20:02 PMProcess action blockedMicrosoft ExcelEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEC:\Program Files\Microsoft Office\root\Office167024NO_Name\MR0L00KActive userBlockedBlockedStart of Microsoft Register Server from office applicationAnomalyHeuristic AnalysisC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16ProcessStart of Microsoft Register Server from office applicationc:\program files\microsoft office\root\office16\excel.exe0995d5d4783eb7af1b39b4520fa6631c58a81a9622a05f8a03744c6ef37df7e8c:\users\mr0l00k\desktop\koko\ugiqtofu.xls2c3df9f2fcc6072e34b4b179afaeb4c5f6adc51b4b1001925cba26e5ea69c218C:\Seng\exle3.dll043ed302394791a30a84b18e739105e7f40c51a4276c8a7c0f691e3d0f1c2cfaobject://cmdline:regsvr32 C:\Seng\exle3.dll
Today, 3/29/2022 5:19:38 PMProcess action blockedMicrosoft ExcelEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEC:\Program Files\Microsoft Office\root\Office167024NO_Name\MR0L00KActive userBlockedBlockedStart of Microsoft Register Server from office applicationAnomalyHeuristic AnalysisC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16ProcessStart of Microsoft Register Server from office applicationc:\program files\microsoft office\root\office16\excel.exe0995d5d4783eb7af1b39b4520fa6631c58a81a9622a05f8a03744c6ef37df7e8c:\users\mr0l00k\desktop\koko\ugiqtofu.xls2c3df9f2fcc6072e34b4b179afaeb4c5f6adc51b4b1001925cba26e5ea69c218C:\Seng\exle2.dll7fd395edf3fda5e07c0fd047e8243bd4d0f283855dddfc7dd2e0434bc19f1622object://cmdline:regsvr32 C:\Seng\exle2.dll
Today, 3/29/2022 5:16:17 PMProcess action blockedMicrosoft ExcelEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEC:\Program Files\Microsoft Office\root\Office167024NO_Name\MR0L00KActive userBlockedBlockedStart of Microsoft Register Server from office applicationAnomalyHeuristic AnalysisC:\Program Files\Microsoft Office\root\Office16\EXCEL.EXEEXCEL.EXEC:\Program Files\Microsoft Office\root\Office16ProcessStart of Microsoft Register Server from office applicationc:\program files\microsoft office\root\office16\excel.exe0995d5d4783eb7af1b39b4520fa6631c58a81a9622a05f8a03744c6ef37df7e8c:\users\mr0l00k\desktop\koko\ugiqtofu.xls2c3df9f2fcc6072e34b4b179afaeb4c5f6adc51b4b1001925cba26e5ea69c218C:\Seng\exle1.dll959af85c0995333ac85819b733b1c130722c1e60a94ad9d4d19735818517f9e0object://cmdline:regsvr32 C:\Seng\exle1.dll
Today, 3/29/2022 5:15:41 PMTask startedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 4:58:17 PMTask stoppedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 1:51:37 PMApplication settings changedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNO_Name\MR0L00KActive user
Today, 3/29/2022 1:46:57 PMTask startedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 1:46:55 PMApplication settings changedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNO_Name\MR0L00KActive user
Today, 3/29/2022 1:44:03 PMTask stoppedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 1:42:13 PMApplication settings changedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNO_Name\MR0L00KActive user
Today, 3/29/2022 1:07:00 PMTask startedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 1:05:24 PMTask stoppedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 10:35:46 AMTask startedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNT AUTHORITY\SYSTEMInitiator
Today, 3/29/2022 10:22:41 AMApplication settings changedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNO_Name\MR0L00KActive user
Today, 3/29/2022 10:16:43 AMTask cannot be performedavp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for WindowsNO_Name\MR0L00KActive user