Technical Information
- <SYSTEM32>\tasks\rss feed ptx
- <SYSTEM32>\tasks\rss feed ptx ud
- <SYSTEM32>\tasks\rss feed ptx lg
- %TEMP%\is-um0a6.tmp\<File name>.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-f16mt.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-ok4pg.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-uag72.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-aktg7.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-o55sa.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-9kp0p.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-c0s5t.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-n9n7p.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-f4fmd.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-114s6.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-9ih5j.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rl494.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-2h994.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rmk2g.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-nn3lc.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-klqag.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-p32ho.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-m8g4f.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-tpoof.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sjv63.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-llk9f.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-l37lq.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sq064.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-b7qq8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-gvm2t.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-7qb49.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-q6mo0.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-11e9k.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-drvg5.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-fep39.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\libbridged.exe
- %LOCALAPPDATA%\packages\m.txt
- %LOCALAPPDATA%\packages\vtf\v2-0\php_br.log
- %LOCALAPPDATA%\packages\vtf\v2-0\unins000.dat
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-rr5nl.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-qp8r6.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-jl7uo.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-5a21a.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-s2h9s.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-5qnak.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-ik9ee.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-c2ere.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-nsau3.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-bffdp.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\is-eudsp.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\is-0amut.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\is-0fa2j.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\is-6viac.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\is-osqu0.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\is-oud2v.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\extras\ssl\is-9c31j.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-juap6.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-mitab.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-90oir.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-hjhpc.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rpnsu.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-4ujq3.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-2mib9.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-4u1c5.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-0um26.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-tusdr.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-ff9qs.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-1r744.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-p7up8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-me1kg.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-ea42d.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-44im8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-k9mr2.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-3a33s.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-e6j23.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-jspt6.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-mbvbk.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-3ocal.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-83765.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-c5b86.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-pe6u8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-m925n.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-ud3ur.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-lo5qh.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-vfug4.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-sgsem.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-6k20e.tmp
- %TEMP%\is-gojbe.tmp\_isetup\_setup64.tmp
- %TEMP%\is-ah1qb.tmp\<File name>.tmp
- %TEMP%\is-kmnfe.tmp\_isetup\_setup64.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-1vqp6.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-pb538.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-kdqiu.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-klf6l.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-4gcp2.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-4lvaj.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sur3s.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-eqcdm.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-vl333.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\dev\is-mevk7.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-4kk1t.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-4vbd3.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-ub68u.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-20sel.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-0hsil.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-9kiet.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-ej19d.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-kbp7b.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-u0h49.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-a6cpt.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-t0vbs.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-qrut8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-j1m55.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-pu1n0.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-99fak.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-dirlj.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-t98mk.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-s4gu9.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-v9i3s.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-8m19k.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-jk5n8.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\is-7o05d.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\microsoft.win32.taskscheduler.dll
- %LOCALAPPDATA%\packages\vtf\v2-0\php_errors.log
- %TEMP%\is-kmnfe.tmp\_isetup\_setup64.tmp
- %TEMP%\is-um0a6.tmp\<File name>.tmp
- %TEMP%\is-gojbe.tmp\_isetup\_setup64.tmp
- %TEMP%\is-ah1qb.tmp\<File name>.tmp
- %LOCALAPPDATA%\packages\vtf\v2-0\php_br.log
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-6k20e.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\unins000.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-9kp0p.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pgsql.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-c0s5t.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_sqlite.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-n9n7p.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_pgsql.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-f4fmd.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_odbc.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-114s6.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_oci.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-9ih5j.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_mysql.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rl494.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_pdo_firebird.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rmk2g.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_openssl.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-q6mo0.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_opcache.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-nn3lc.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_odbc.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-klqag.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_oci8_12c.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-m8g4f.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_mbstring.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-aktg7.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_shmop.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-tpoof.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_ldap.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sjv63.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_intl.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-llk9f.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_interbase.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-l37lq.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_imap.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sq064.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_icloader.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-b7qq8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_gmp.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-gvm2t.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_gettext.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-7qb49.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_gd2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-11e9k.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_ftp.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-2h994.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_fileinfo.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-p32ho.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_mysqli.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-4lvaj.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\readme-redist-bins.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-uag72.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_snmp.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-jl7uo.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslsasldb.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-5a21a.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslplain.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-s2h9s.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslotp.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-5qnak.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslntlm.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-ik9ee.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\sasllogin.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-c2ere.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\sasldigestmd5.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-4ujq3.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslcrammd5.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-fep39.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslanonymous.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\is-eudsp.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\microsoft.win32.taskscheduler.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\is-0amut.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\4\libbridged.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\is-0fa2j.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\microsoft.win32.taskscheduler.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-2mib9.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_exif.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-o55sa.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_phpdbg_webhelper.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\is-oud2v.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\libenchant_ispell.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\extras\ssl\is-9c31j.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\extras\ssl\openssl.cnf
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-juap6.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_zend_test.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-mitab.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_xsl.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-90oir.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_xmlrpc.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-hjhpc.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_win32service-7.3-nts-vc15-x64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-rpnsu.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_tidy.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-nsau3.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_sysvshm.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-bffdp.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_sqlite3.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-drvg5.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_sodium.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-f16mt.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_sockets.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\is-osqu0.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\enchant\libenchant_myspell.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-ok4pg.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_soap.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-4u1c5.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_enchant.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-0um26.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_dba.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-4gcp2.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_curl.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-e6j23.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\index.php
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-mbvbk.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\microsoft.win32.taskscheduler.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-kdqiu.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\license.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-tusdr.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libssl-1_1-x64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-ff9qs.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libssh2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-1r744.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libsodium.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-p7up8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libsasl.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-me1kg.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libpq.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-ea42d.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libenchant.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-44im8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libcrypto-1_1-x64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-k9mr2.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\libbridged.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-qp8r6.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslscram.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-klf6l.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\news.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-jspt6.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\icuuc64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-3ocal.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\icuio64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-1vqp6.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\icuin64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-83765.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\icudt64.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-c5b86.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\http.bat
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-pe6u8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\gmodule-2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-m925n.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\glib-2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-ud3ur.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\deplister.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-lo5qh.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\cunprotectdata40.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-vfug4.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\cunprotectdata20.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-sgsem.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\bvone.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-3a33s.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\install.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\is-6viac.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\lib\libbridge\2\libbridged.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-a6cpt.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\nghttp2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-8m19k.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php-cgi.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-7o05d.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\phar.phar.bat
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-sur3s.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_com_dotnet.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-eqcdm.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_bz2.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\ext\is-vl333.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\ext\php_bvone.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\dev\is-mevk7.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\dev\php7.lib
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-4kk1t.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\version.php
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-4vbd3.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\vcruntime140.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-ub68u.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\tag
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-20sel.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\switcher.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-0hsil.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\switcher.php
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-9kiet.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\snapshot.txt
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-jk5n8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\pharcommand.phar
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-ej19d.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\run.bat
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-pb538.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\news.php
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-u0h49.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\phpdbg.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-t0vbs.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php7phpdbg.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-qrut8.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php7embed.lib
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-j1m55.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php7.dll
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-pu1n0.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php.ini~orig
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-99fak.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php.ini-dev
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-dirlj.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php.ini
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-t98mk.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php.gif
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-s4gu9.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-v9i3s.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\php-win.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\is-kbp7b.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\rhc.exe
- from %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\is-rr5nl.tmp to %LOCALAPPDATA%\packages\vtf\v2-0\sasl2\saslsqlite.dll
- 'localhost':49175
- 'localhost':49177
- 'ch##ood.com':443
- 'localhost':49175
- 'localhost':49177
- 'localhost':49178
- 'ch##ood.com':443
- DNS ASK ch##ood.com
- '%TEMP%\is-um0a6.tmp\<File name>.tmp' /SL5="$A0214,19066616,1146880,<Full path to file>"
- '%TEMP%\is-ah1qb.tmp\<File name>.tmp' /SL5="$B0214,19066616,1146880,<Full path to file>" /SILENT
- '%LOCALAPPDATA%\packages\vtf\v2-0\php.exe' index.php
- '%LOCALAPPDATA%\packages\vtf\v2-0\php.exe' switcher.php
- '%LOCALAPPDATA%\packages\vtf\v2-0\rhc.exe' libbridged.exe
- '%LOCALAPPDATA%\packages\vtf\v2-0\libbridged.exe'
- '%LOCALAPPDATA%\packages\vtf\v2-0\php.exe' index.php' (with hidden window)
- '%LOCALAPPDATA%\packages\vtf\v2-0\php.exe' switcher.php' (with hidden window)
- '%LOCALAPPDATA%\packages\vtf\v2-0\libbridged.exe' ' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "rhc.exe libbridged.exe"