"" touched file "%LOCALAPPDATA%\Microsoft\Windows\Caches" "" touched file "%WINDIR%\system32\en-US\" "" touched file "%WINDIR%\Fonts\staticcache.dat" "" touched file "%WINDIR%\system32\imageres.dll" "" touched file "%WINDIR%\Globalization\Sorting\s" Source Hybrid Analysis Technology relevance 1/10Īntivirus vendors marked dropped file "libGLESv2.dll" as clean (type is "PE32+ executable (DLL) (console) x86-64 for MS Windows"), Antivirus vendors marked dropped file "squirrel.exe" as clean (type is "PE32 executable (GUI) Intel 80386 Mono/.Net assembly for MS Windows"), Antivirus vendors marked dropped file "d3dcompiler_47.dll" as clean (type is "PE32+ executable (DLL) (console) x86-64 for MS Windows"), Antivirus vendors marked dropped file "xinput1_3.dll" as clean (type is "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"), Antivirus vendors marked dropped file "ffmpeg.dll" as clean (type is "PE32+ executable (DLL) (console) x86-64 for MS Windows"), Antivirus vendors marked dropped file "libEGL.dll" as clean (type is "PE32+ executable (DLL) (console) x86-64 for MS Windows"), Antivirus vendors marked dropped file "Update.exe" as clean (type is "PE32 executable (GUI) Intel 80386 Mono/.Net assembly for MS Windows") Modifies proxy from WhatsAppSetup.exe (PID: 2400) ( Show at at at at at at at at at at at at at at at at at 53539-2291-0000000180270080 "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\natives_blob.bin" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\LICENSE" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\libGLESv2.dll" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\libEGL.dll" with delete access
"Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\icudtl.dat" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\ffmpeg.dll" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\d3dcompiler_47.dll" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\content_shell.pak" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\content_resources_200_percent.pak" with delete access
"Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\blink_image_resources_200_percent.pak" with delete access "Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\resources" with delete access
"Update.exe" opened "%LOCALAPPDATA%\WhatsApp\app-\lib\net45\locales" with delete access "" opened "%LOCALAPPDATA%\SquirrelTemp\WhatsApp-full.nupkg" with delete access "" opened "%LOCALAPPDATA%\SquirrelTemp\Update.exe" with delete access "" opened "%LOCALAPPDATA%\SquirrelTemp\RELEASES" with delete access "" opened "%LOCALAPPDATA%\SquirrelTemp\background.gif" with delete access
0 kommentar(er)
