Technical Information
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\4a9377e7e528f7e56b69a81c500abc24
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\b66240b0f6c84bd4857aba60cf5ce4a0_5043e0f5df723415c9eecc201c838a62
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\b66240b0f6c84bd4857aba60cf5ce4a0_5043e0f5df723415c9eecc201c838a62
- D:\users\user\appdata\local\temp\tarc984.tmp
- D:\users\user\appdata\local\temp\cabc983.tmp
- D:\users\user\appdata\local\temp\tarc81b.tmp
- D:\users\user\appdata\local\temp\cabc81a.tmp
- D:\users\user\appdata\local\temp\tarc7cb.tmp
- D:\users\user\appdata\local\temp\cabc7ca.tmp
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\ugsx1com\analytics[1]
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\6bada8974a10c4bd62cc921d13e43b18_28dea62a0ae77228dd387e155ad0ba27
- D:\users\user\appdata\local\temp\tarc6cf.tmp
- D:\users\user\appdata\local\temp\tarc68f.tmp
- D:\users\user\appdata\local\temp\cabc67e.tmp
- D:\users\user\appdata\local\temp\tarc574.tmp
- D:\users\user\appdata\local\temp\cabc563.tmp
- D:\users\user\appdata\local\temp\tarc524.tmp
- D:\users\user\appdata\local\temp\cabc523.tmp
- D:\users\user\appdata\local\temp\tarc4e4.tmp
- D:\users\user\appdata\local\temp\cabc4e3.tmp
- D:\users\user\appdata\local\temp\tarc484.tmp
- D:\users\user\appdata\local\temp\cabc6ce.tmp
- D:\users\user\appdata\local\temp\cabc483.tmp
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\bad725c80f9e10846f35d039a996e4a8_88b6ae015495c1ecc395d19c1dd02894
- D:\windows\system32\config\software.log1
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\bm8skz0v\error[1]
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\0y9o17dr\error[1]
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\b3bb9c1ba2d19e090ae305b2683903a0_b89a63ac6877bd1ed812438ce82c3eb8
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\b3bb9c1ba2d19e090ae305b2683903a0_b89a63ac6877bd1ed812438ce82c3eb8
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\ea618097e393409afa316f0f87e2c202_1e65fd33f74047223af4d58cbfd34bce
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\ea618097e393409afa316f0f87e2c202_1e65fd33f74047223af4d58cbfd34bce
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\c46e7b0f942663a1edc8d9d6d7869173_6043fc604a395e1485af7ac16d16b7ce
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\c46e7b0f942663a1edc8d9d6d7869173_6043fc604a395e1485af7ac16d16b7ce
- D:\windows\system32\winevt\logs\application.evtx
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\75ca58072b9926f763a91f0cc2798706_b5d3a17e5bedd2eda793611a0a74e1e8
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\bad725c80f9e10846f35d039a996e4a8_88b6ae015495c1ecc395d19c1dd02894
- D:\windows\system32\winevt\logs\microsoft-windows-networkprofile%4operational.evtx
- D:\windows\system32\config\system
- D:\windows\system32\config\system.log1
- D:\windows\system32\winevt\logs\security.evtx
- D:\windows\system32\winevt\logs\system.evtx
- D:\system volume information\syscache.hve
- D:\system volume information\syscache.hve.log1
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\qkr46vql\4e56b0b[1].js
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\75ca58072b9926f763a91f0cc2798706_b5d3a17e5bedd2eda793611a0a74e1e8
- D:\windows\system32\config\software
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\6bada8974a10c4bd62cc921d13e43b18_28dea62a0ae77228dd387e155ad0ba27
- D:\users\user\appdata\local\temp\tarc369.tmp
- D:\users\user\appdata\local\temp\cabc368.tmp
- D:\users\user\appdata\local\temp\tarbabe.tmp
- D:\users\user\appdata\local\temp\cabbabd.tmp
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\0y9o17dr\3566091532-css_bundle_v2[1].css
- D:\users\user\appdata\local\temp\tarb2c0.tmp
- D:\users\user\appdata\local\temp\cabb2bf.tmp
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\f2ddcd2b5f37625b82e81f4976cee400_252e1be0796779bb20491d3fe9412cbb
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\f2ddcd2b5f37625b82e81f4976cee400_252e1be0796779bb20491d3fe9412cbb
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\caf4703619713e3f18d8a9d5d88d6288_a7725538c46de2d0088ee44974e2ceba
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\265c0deb29181dd1891051371c5f863a_202052056a04ebfd64ba1332b9be59a6
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\caf4703619713e3f18d8a9d5d88d6288_a7725538c46de2d0088ee44974e2ceba
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\24bd96d5497f70b3f510a6b53cd43f3e_3a89246fb90c5ee6620004f1ae0eb0ea
- D:\users\user\ntuser.dat
- D:\users\user\ntuser.dat.log1
- D:\users\user\appdata\local\temp\tarada0.tmp
- D:\users\user\appdata\local\temp\cabad9f.tmp
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\94308059b57b3142e455b38a6eb92015
- D:\users\user\appdata\local\temp\tarabaa.tmp
- D:\users\user\appdata\local\temp\cababa9.tmp
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\4a9377e7e528f7e56b69a81c500abc24
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\24bd96d5497f70b3f510a6b53cd43f3e_3a89246fb90c5ee6620004f1ae0eb0ea
- D:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\265c0deb29181dd1891051371c5f863a_202052056a04ebfd64ba1332b9be59a6
- D:\users\user\appdata\local\temp\cabbd3e.tmp
- D:\users\user\appdata\local\temp\tarc329.tmp
- D:\users\user\appdata\local\temp\tarbfb7.tmp
- D:\users\user\appdata\local\temp\cabc328.tmp
- D:\users\user\appdata\local\microsoft\windows\usrclass.dat
- D:\users\user\appdata\local\microsoft\windows\usrclass.dat.log1
- D:\users\user\appdata\local\temp\tarc1ef.tmp
- D:\users\user\appdata\local\temp\cabc1ee.tmp
- D:\users\user\appdata\local\temp\tarc18f.tmp
- D:\users\user\appdata\local\temp\cabc18e.tmp
- D:\users\user\appdata\local\temp\tarbff8.tmp
- D:\users\user\appdata\local\temp\cabbff7.tmp
- D:\users\user\appdata\local\temp\cabbfb6.tmp
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\bm8skz0v\f[1].txt
- D:\users\user\appdata\local\temp\tarbf77.tmp
- D:\users\user\appdata\local\temp\cabbf76.tmp
- D:\users\user\appdata\local\temp\tarbe0e.tmp
- D:\users\user\appdata\local\temp\cabbe0d.tmp
- D:\users\user\appdata\local\temp\tarbdae.tmp
- D:\users\user\appdata\local\temp\cabbd9e.tmp
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\070e0202839d9d67350cd2613e78e416
- D:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\070e0202839d9d67350cd2613e78e416
- D:\users\user\appdata\local\temp\tarbd3f.tmp
- D:\users\user\appdata\local\microsoft\windows\<INETFILES>\content.ie5\ugsx1com\warning[1]
- D:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
- D:\users\user\appdata\local\temp\cababa9.tmp
- D:\users\user\appdata\local\temp\cabc328.tmp
- D:\users\user\appdata\local\temp\tarc329.tmp
- D:\users\user\appdata\local\temp\cabc368.tmp
- D:\users\user\appdata\local\temp\tarc369.tmp
- D:\users\user\appdata\local\temp\cabc483.tmp
- D:\users\user\appdata\local\temp\tarc484.tmp
- D:\users\user\appdata\local\temp\cabc4e3.tmp
- D:\users\user\appdata\local\temp\tarc4e4.tmp
- D:\users\user\appdata\local\temp\cabc523.tmp
- D:\users\user\appdata\local\temp\cabc563.tmp
- D:\users\user\appdata\local\temp\cabc983.tmp
- D:\users\user\appdata\local\temp\tarc574.tmp
- D:\users\user\appdata\local\temp\cabc67e.tmp
- D:\users\user\appdata\local\temp\tarc68f.tmp
- D:\users\user\appdata\local\temp\cabc6ce.tmp
- D:\users\user\appdata\local\temp\tarc6cf.tmp
- D:\users\user\appdata\local\temp\cabc7ca.tmp
- D:\users\user\appdata\local\temp\tarc7cb.tmp
- D:\users\user\appdata\local\temp\cabc81a.tmp
- D:\users\user\appdata\local\temp\tarc81b.tmp
- D:\users\user\appdata\local\temp\tarc1ef.tmp
- D:\users\user\appdata\local\temp\tarc524.tmp
- D:\users\user\appdata\local\temp\cabc1ee.tmp
- D:\users\user\appdata\local\temp\tarbd3f.tmp
- D:\users\user\appdata\local\temp\tarabaa.tmp
- D:\users\user\appdata\local\temp\cabad9f.tmp
- D:\users\user\appdata\local\temp\tarada0.tmp
- D:\users\user\appdata\roaming\mozilla\firefox\profiles\0j9e9tku.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-wal
- D:\users\user\appdata\local\temp\cabb2bf.tmp
- D:\users\user\appdata\local\temp\tarb2c0.tmp
- D:\users\user\appdata\local\temp\cabbabd.tmp
- D:\users\user\appdata\local\temp\tarbabe.tmp
- D:\users\user\appdata\local\temp\cabbd3e.tmp
- D:\users\user\appdata\local\temp\cabbd9e.tmp
- D:\users\user\appdata\local\temp\cabc18e.tmp
- D:\users\user\appdata\local\temp\tarbdae.tmp
- D:\users\user\appdata\local\temp\cabbe0d.tmp
- D:\users\user\appdata\local\temp\tarbe0e.tmp
- D:\users\user\appdata\local\temp\cabbf76.tmp
- D:\users\user\appdata\local\temp\tarbf77.tmp
- D:\users\user\appdata\local\temp\cabbfb6.tmp
- D:\users\user\appdata\local\temp\tarbfb7.tmp
- D:\users\user\appdata\local\temp\cabbff7.tmp
- D:\users\user\appdata\local\temp\tarbff8.tmp
- D:\users\user\appdata\local\temp\tarc18f.tmp
- D:\users\user\appdata\local\temp\tarc984.tmp
- 'bl##ger.com':443
- 'pl########.profitablegatetocontent.com':445
- 'pk#.goog':80
- 'pl########.profitablegatetocontent.com':139
- 'pa#####.#ooglesyndication.com':443
- 'pl#####m.foremedia.net':443
- 'dy#######vg6o.cloudfront.net':443
- 'x.##2.us':80
- 'o.##2.us':80
- 'oc##.###tg2.amazontrust.com':80
- 'oc##.####ca1.amazontrust.com':80
- 'fo###.#oogleapis.com':445
- 'fo###.#oogleapis.com':139
- 'ma####.bootstrapcdn.com':445
- 'ma####.bootstrapcdn.com':139
- http://pk#.goog/gsr1/gsr1.crt
- http://x.##2.us/x.cer
- http://o.##2.us//MEowSDBGMEQwQjAJBgUrDgMCGgUABBSLwZ6EW5gdYc9UaSEaaLjjETNtkAQUv1%2B30c7dH4b0W1Ws3NcQwg6piOcCCQCnDkpMNIK3fw%3D%3D
- http://oc##.###tg2.amazontrust.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBSIfaREXmfqfJR3TkMYnD7O5MhzEgQUnF8A36oB1zArOIiiuG1KnPIRkYMCEwZ%2FlEoqJ83z%2BsKuKwH5CO65xMY%3D
- http://oc##.####ca1.amazontrust.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPWaOUU8%2B5VZ5%2Fa9jFTaU9pkK3FAQUhBjMhTTsvAyUlC4IWZzHshBOCggCEwdzEjgLnWaIozse2b%2BczaaODg8%3D
- 'bl##ger.com':443
- 'pa#####.#ooglesyndication.com':443
- 'pl#####m.foremedia.net':443
- 'dy#######vg6o.cloudfront.net':443
- 'localhost':49158
- '34.##0.144.191':443
- 'fi#####.###tings.services.mozilla.com':443
- DNS ASK pl########.profitablegatetocontent.com
- DNS ASK bl##ger.com
- DNS ASK pk#.goog
- DNS ASK pa#####.#ooglesyndication.com
- DNS ASK pl#####m.foremedia.net
- DNS ASK dy#######vg6o.cloudfront.net
- DNS ASK x.##2.us
- DNS ASK o.##2.us
- DNS ASK oc##.###tg2.amazontrust.com
- DNS ASK oc##.####ca1.amazontrust.com
- DNS ASK fo###.#oogleapis.com
- DNS ASK ma####.bootstrapcdn.com
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''