Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\desktop.ini.flowencryption
- %HOMEPATH%\downloads\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\sendto\desktop (create shortcut).desklink.flowencryption
- %APPDATA%\microsoft\windows\sendto\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\sendto\documents.mydocs.flowencryption
- %APPDATA%\microsoft\windows\sendto\fax recipient.lnk.flowencryption
- %APPDATA%\microsoft\windows\sendto\mail recipient.mapimail.flowencryption
- %APPDATA%\microsoft\windows\recent\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\1b4dd67f29cb1962.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\5afe4de1b92fc382.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\6824f4a902c78fbd.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\7e4dca80246863e3.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\f475f3b42fb8ed73.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\shows desktop.lnk.flowencryption
- %APPDATA%\microsoft\windows\recent\automaticdestinations\1b4dd67f29cb1962.automaticdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\libraries\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\libraries\documents.library-ms.flowencryption
- %APPDATA%\microsoft\windows\libraries\music.library-ms.flowencryption
- %APPDATA%\microsoft\windows\libraries\pictures.library-ms.flowencryption
- %APPDATA%\microsoft\windows\libraries\videos.library-ms.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\desktop.ini.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\google chrome.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\mozilla thunderbird.lnk.flowencryption
- %APPDATA%\microsoft\windows\sendto\compressed (zipped) folder.zfsendtotarget.flowencryption
- %APPDATA%\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\accessibility\on-screen keyboard.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\command prompt.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\winrar\console rar manual.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\winrar\what is new in the latest version.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\winrar\winrar help.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\winrar\winrar.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\telegram desktop\telegram.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\telegram desktop\uninstall telegram.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\maintenance\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\maintenance\help.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\google chrome\google chrome.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\administrative tools\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\accessibility\magnify.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\notepad.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\run.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\windows explorer.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\system tools\computer.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\system tools\control panel.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\system tools\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\system tools\internet explorer (no add-ons).lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\system tools\private character editor.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\accessibility\desktop.ini.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\accessibility\ease of access.lnk.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\accessories\accessibility\narrator.lnk.flowencryption
- %LOCALAPPDATA%\thunderbird\profiles\5sfumjqc.default\startupcache\startupcache.4.little.flowencryption
- %TEMP%\~df31882040dbbdf847.tmp.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\firefox.lnk.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153514_000_vcruntimeminimum_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153514_001_vcruntimeadditional_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153623.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153623_001_vcruntimeminimum_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153623_002_vcruntimeadditional_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153746.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153812.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153812_001_vcruntimeminimum_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153812_002_vcruntimeadditional_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153848.log.flowencryption
- %TEMP%\jaureg.log.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\desktop.ini.flowencryption
- %TEMP%\java_install.log.flowencryption
- %TEMP%\java_install_reg.log.flowencryption
- %TEMP%\jusched.log.flowencryption
- %TEMP%\microsoft visual c++ 2010 x86 redistributable setup_20220928_153347296-msi_vc_red.msi.txt.flowencryption
- %TEMP%\opera_crashreporter.log.flowencryption
- %TEMP%\ose00000.exe.flowencryption
- %TEMP%\rde8a9.tmp.flowencryption
- %TEMP%\setupexe(20220928154629a5c).log.flowencryption
- %TEMP%\wmsetup.log.flowencryption
- %TEMP%\~df069b8c6b2249f4e5.tmp.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153514.log.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\internet explorer.lnk.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153442_1_vcruntimeadditional_x86.log.flowencryption
- %LOCALAPPDATA%low\microsoft\internet explorer\services\search_{0633ee93-d776-472f-a0ff-e1416b8b2e3a}.ico.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\google chrome.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\internet explorer.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\opera.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\windows explorer.lnk.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\windows media player.lnk.flowencryption
- %LOCALAPPDATA%low\sun\java\jre1.7.0_11\data1.cab.flowencryption
- %LOCALAPPDATA%low\sun\java\jre1.7.0_11\jre1.7.0_11.msi.flowencryption
- %LOCALAPPDATA%low\sun\java\deployment\deployment.properties.flowencryption
- %LOCALAPPDATA%low\sun\java\au\au.cab.flowencryption
- %LOCALAPPDATA%low\sun\java\au\au.msi.flowencryption
- %APPDATA%\microsoft\internet explorer\quick launch\window switcher.lnk.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153442.log.flowencryption
- %TEMP%\adobearm.log.flowencryption
- %TEMP%\adobesfx.log.flowencryption
- %TEMP%\aucheck_parser.txt.flowencryption
- %TEMP%\chrome_installer.log.flowencryption
- %TEMP%\dd_ndp48-x86-x64-allos-enu_decompression_log.txt.flowencryption
- %TEMP%\dd_vcredistmsi3fd3.txt.flowencryption
- %TEMP%\dd_vcredistui3fd3.txt.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153358.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153358_0_vcruntimeminimum_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153358_1_vcruntimeadditional_x86.log.flowencryption
- %TEMP%\dd_vcredist_x86_20220928153442_0_vcruntimeminimum_x86.log.flowencryption
- %TEMP%\fxsapidebuglogfile.txt.flowencryption
- %APPDATA%\microsoft\windows\start menu\programs\desktop.ini.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\gmp-widevinecdm\4.10.1440.18\widevinecdm.dll.sig.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\sessioncheckpoints.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\times.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\virtualfolders.dat.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\crashes\store.json.mozlz4.flowencryption
- %APPDATA%\telegram desktop\telegram.exe.flowencryption
- %APPDATA%\telegram desktop\unins000.dat.flowencryption
- %APPDATA%\telegram desktop\unins000.exe.flowencryption
- %APPDATA%\telegram desktop\updater.exe.flowencryption
- %APPDATA%\mozilla\firefox\installs.ini.flowencryption
- %APPDATA%\mozilla\firefox\profiles.ini.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\addonstartup.json.lz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\extensions.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\alternateservices.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\broadcast-listeners.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\cert9.db.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\compatibility.ini.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\containers.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\content-prefs.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\cookies.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\cookies.sqlite-shm.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\cookies.sqlite-wal.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\extension-preferences.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\secmod.db.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\addons.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\prefs.js.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\compatibility.ini.flowencryption
- %HOMEPATH%\pictures\desktop.ini.flowencryption
- %HOMEPATH%\music\desktop.ini.flowencryption
- %HOMEPATH%\videos\desktop.ini.flowencryption
- %HOMEPATH%\documents\desktop.ini.flowencryption
- %APPDATA%\thunderbird\profiles.ini.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\abook.mab.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\addons.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\blist.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\blocklist.xml.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\cert8.db.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\cookies.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\places.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\extensions.ini.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\extensions.json.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\formhistory.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\global-messages-db.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\history.mab.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\key3.db.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\localstore.rdf.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\mailviews.dat.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\parent.lock.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\permissions.sqlite.flowencryption
- %APPDATA%\thunderbird\profiles\5sfumjqc.default\pluginreg.dat.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\securitypreloadstate.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\4biyo3ui.default\user.js.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\favicons.sqlite-wal.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\idb\3561288849sdhlie.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sessionstore-backups\previous.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sessionstore-backups\recovery.baklz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sessionstore-backups\recovery.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sessionstore-backups\upgrade.jsonlz4-20190813150448.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\gmp-widevinecdm\4.10.1440.18\license.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\gmp-widevinecdm\4.10.1440.18\manifest.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\gmp-widevinecdm\4.10.1440.18\widevinecdm.dll.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\gmp-widevinecdm\4.10.1440.18\widevinecdm.dll.lib.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\session-state.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\favicons.sqlite-shm.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\state.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406013430.39c8d187-e7b6-41f0-8919-3c3ad3614730.modules.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406013537.136d2301-e9c9-4685-88a8-34350d6f8b5f.health.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406050005.97485753-1b2b-4e3b-953d-ac3ea5457f3d.new-profile.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406050073.b7c5e8c3-95de-4c89-bfc9-c8e0264d6d25.event.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406050105.38b30436-e66d-47e7-ad31-6c8f4f754428.main.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\datareporting\archived\2022-09\1664406050106.58d05602-57c3-43da-8c92-63c175048e33.first-shutdown.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\crashes\store.json.mozlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\bookmarkbackups\bookmarks-2023-08-30_11_ukwbceqzcyihwn6n3vgyrg==.jsonlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\4biyo3ui.default\times.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite.flowencryption
- %APPDATA%\microsoft\windows\start menu\desktop.ini.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\idb\1657114595amcateirvtisty.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\search.json.mozlz4.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\formhistory.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\handlers.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\key4.db.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\permissions.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\pkcs11.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\places.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\places.sqlite-shm.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\places.sqlite-wal.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\pluginreg.dat.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\prefs.js.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\favicons.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\.metadata-v2.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sessioncheckpoints.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\sitesecurityservicestate.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\times.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\trrblacklist.txt.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\user.js.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\webappsstore.sqlite.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\webappsstore.sqlite-shm.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\webappsstore.sqlite-wal.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\xulstore.json.flowencryption
- %APPDATA%\mozilla\firefox\profiles\e9nnxrwe.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite.flowencryption
- %TEMP%\~df459859f58e5ec8b6.tmp.flowencryption