bject":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574107644,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":1638601790},{"eventId":327683,"localTimestamp":1574110647,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574110648,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|1196|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":2624069028},{"eventId":21,"localTimestamp":1574110647,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574110648,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":1514327220},{"eventId":327683,"localTimestamp":1574111248,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574111246,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|3892|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":4029742452},{"eventId":21,"localTimestamp":1574111248,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574111246,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":4224413621},{"eventId":327683,"localTimestamp":1574114250,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574114249,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|10744|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":2353286054},{"eventId":21,"localTimestamp":1574114250,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574114250,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":792669946},{"eventId":327683,"localTimestamp":1574114851,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574114850,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|2124|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":2039070101},{"eventId":21,"localTimestamp":1574114851,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574114850,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":1793523462},{"eventId":327683,"localTimestamp":1574118143,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574118145,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|13280|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":3216973161},{"eventId":21,"localTimestamp":1574118143,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574118145,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":688976684},{"eventId":327683,"localTimestamp":1574118744,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574118746,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|11084|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":209684604},{"eventId":21,"localTimestamp":1574118744,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574118746,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":3439272704},{"eventId":327683,"localTimestamp":1574121746,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574121749,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|8996|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":420220509},{"eventId":21,"localTimestamp":1574121747,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574121749,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":2363432767},{"eventId":327683,"localTimestamp":1574122347,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574122347,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|5108|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":3534403094},{"eventId":21,"localTimestamp":1574122347,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574122347,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":935877980},{"eventId":327683,"localTimestamp":1574125349,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574125348,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|17288|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":1209831461},{"eventId":21,"localTimestamp":1574125350,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574125348,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":3301191293},{"eventId":327683,"localTimestamp":1574125950,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574125946,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|1596|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":3007765637},{"eventId":21,"localTimestamp":1574125950,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574125946,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":345579481},{"eventId":327683,"localTimestamp":1574129243,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574129244,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|17600|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":230936798},{"eventId":21,"localTimestamp":1574129243,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574129244,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":3981818764},{"eventId":327683,"localTimestamp":1574129843,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574129842,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|14564|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":561958180},{"eventId":21,"localTimestamp":1574129843,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574129843,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":497298490},{"eventId":327683,"localTimestamp":1574132846,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574132849,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|1600|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":2294782040},{"eventId":21,"localTimestamp":1574132846,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574132849,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"ucrc":4199339432},{"eventId":327683,"localTimestamp":1574133446,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574133450,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\9.5.0.3399\\SGTool.exe","type":"kernel_event","user":"Administrator"},"treepath":"SGTool.exe|16448|360se.exe|12616|explorer.exe|2904|userinit.exe|2872|winlogon.exe|2520|smss.exe|2488|smss.exe|304|System|4||0","ucrc":547164086},{"eventId":21,"localTimestamp":1574133446,"newMachineId":"c80cfe797ee7cd7c456c708e9fd38204","object":{"file":"c:\\users\\administrator\\appdata\\locallow\\sogoupy\\temp.dll"},"operation":"create","result":1,"standardTimestamp":1574133450,"subject":{"process":"C:\\Program Files (x86)\\SogouInput\\