Technical Information
- <Drive name for removable media>:\10c6d01b-8d32-4e9a-a5fc-f20dc642bc93.exe
- <Drive name for removable media>:\ituneshelpunavailable.htm.lnk
- <Drive name for removable media>:\ituneshelpunavailable.html.lnk
- <Drive name for removable media>:\tree_view.html.lnk
- <Drive name for removable media>:\browse.html.lnk
- <Drive name for removable media>:\trivial-merge.html.lnk
- <Drive name for removable media>:\about.html.lnk
- <Drive name for removable media>:\168.jpeg.lnk
- <Drive name for removable media>:\2.jpeg.lnk
- <Drive name for removable media>:\pushkin.jpeg.lnk
- <Drive name for removable media>:\210252809.jpeg.lnk
- <Drive name for removable media>:\alert.htm.lnk
- <Drive name for removable media>:\64bit_notes.htm.lnk
- <Drive name for removable media>:\4f0bf7ff71f28.jpeg.lnk
- <Drive name for removable media>:\region-north-karelia.jpg.lnk
- <Drive name for removable media>:\4f0bf7ff71f28.jpg.lnk
- <Drive name for removable media>:\13.jpg.lnk
- <Drive name for removable media>:\pushkin.jpg.lnk
- <Drive name for removable media>:\firefly1.mov.lnk
- <Drive name for removable media>:\spanner.mov.lnk
- <Drive name for removable media>:\etc6_m_1.mov.lnk
- <Drive name for removable media>:\video_1.mp4.lnk
- <Drive name for removable media>:\2015-02-patients-topic-work-related-asthma-jobs.pdf.lnk
- <Drive name for removable media>:\7790_preview.pdf.lnk
- <Drive name for removable media>:\3.jpeg.lnk
- <Drive name for removable media>:\2.jpg.lnk
- <Drive name for removable media>:\iisstart.htm.lnk
- <Drive name for removable media>:\tree_view.htm.lnk
- <Drive name for removable media>:\trivial-merge.htm.lnk
- <Drive name for removable media>:\dashborder_192.bmp.lnk
- <Drive name for removable media>:\dashborder_96.bmp.lnk
- <Drive name for removable media>:\toolbar.bmp.lnk
- <Drive name for removable media>:\dialmap.bmp.lnk
- <Drive name for removable media>:\contosoroot.cer.lnk
- <Drive name for removable media>:\pmd.cer.lnk
- <Drive name for removable media>:\sdkfailsafeemulator.cer.lnk
- <Drive name for removable media>:\sdksampleprivdeveloper.cer.lnk
- <Drive name for removable media>:\508softwareandos.doc.lnk
- <Drive name for removable media>:\applicantform_en.doc.lnk
- <Drive name for removable media>:\ovp25012015.doc.lnk
- <Drive name for removable media>:\correct.avi.lnk
- <Drive name for removable media>:\hanni_umami_chapter.doc.lnk
- <Drive name for removable media>:\lisp_success.doc.lnk
- <Drive name for removable media>:\uep_form_786_bulletin_1726i602.doc.lnk
- <Drive name for removable media>:\file_p_00000000_1371597592.docx.lnk
- <Drive name for removable media>:\thlps_keeper_mayer_1965.docx.lnk
- <Drive name for removable media>:\adhd_and_obesity.docx.lnk
- <Drive name for removable media>:\wrar520.exe.lnk
- <Drive name for removable media>:\jre-7u75-windows-i586-iftw.exe.lnk
- <Drive name for removable media>:\skypesetup.exe.lnk
- <Drive name for removable media>:\notepad.exe.lnk
- <Drive name for removable media>:\utorrent.exe.lnk
- <Drive name for removable media>:\dotnetfx45_full_setup.exe.lnk
- <Drive name for removable media>:\february_catalogue__2015.doc.lnk
- <Drive name for removable media>:\fil_20060629111052.pdf.lnk
- <Drive name for removable media>:\lom602.pdf.lnk
- %WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe
- [<HKCU>\Software\RimArts\B2\Settings]
- [<HKCU>\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions]
- [<HKCU>\Software\FTPWare\COREFTP\Sites]
- %APPDATA%\thunderbird\profiles.ini
- %PROGRAMDATA%\microsoft\vault\ac658cb4-9126-49bd-b877-31eedab3f204\policy.vpol
- %PROGRAMDATA%\microsoft\vault\ac658cb4-9126-49bd-b877-31eedab3f204\3ccd5499-87a8-4b10-a215-608888dd3b55.vsch
- %PROGRAMDATA%\microsoft\vault\ac658cb4-9126-49bd-b877-31eedab3f204\2f1a6504-0641-44cf-8bb5-3612d865f2e5.vsch
- %LOCALAPPDATA%\microsoft\vault\4bf4c442-9b8a-41a0-b380-dd4a704ddb28\policy.vpol
- <Drive name for removable media>:\10c6d01b-8d32-4e9a-a5fc-f20dc642bc93.exe
- <Drive name for removable media>:\correct.avi.lnk
- <Drive name for removable media>:\64bit_notes.htm.lnk
- <Drive name for removable media>:\ituneshelpunavailable.htm.lnk
- <Drive name for removable media>:\ituneshelpunavailable.html.lnk
- <Drive name for removable media>:\tree_view.html.lnk
- <Drive name for removable media>:\browse.html.lnk
- <Drive name for removable media>:\trivial-merge.html.lnk
- <Drive name for removable media>:\about.html.lnk
- <Drive name for removable media>:\168.jpeg.lnk
- <Drive name for removable media>:\2.jpeg.lnk
- <Drive name for removable media>:\pushkin.jpeg.lnk
- <Drive name for removable media>:\210252809.jpeg.lnk
- <Drive name for removable media>:\3.jpeg.lnk
- <Drive name for removable media>:\fil_20060629111052.pdf.lnk
- <Drive name for removable media>:\2.jpg.lnk
- <Drive name for removable media>:\region-north-karelia.jpg.lnk
- <Drive name for removable media>:\4f0bf7ff71f28.jpg.lnk
- <Drive name for removable media>:\13.jpg.lnk
- <Drive name for removable media>:\pushkin.jpg.lnk
- <Drive name for removable media>:\firefly1.mov.lnk
- <Drive name for removable media>:\spanner.mov.lnk
- <Drive name for removable media>:\etc6_m_1.mov.lnk
- <Drive name for removable media>:\video_1.mp4.lnk
- <Drive name for removable media>:\2015-02-patients-topic-work-related-asthma-jobs.pdf.lnk
- <Drive name for removable media>:\7790_preview.pdf.lnk
- <Drive name for removable media>:\alert.htm.lnk
- <Drive name for removable media>:\4f0bf7ff71f28.jpeg.lnk
- <Drive name for removable media>:\iisstart.htm.lnk
- <Drive name for removable media>:\hanni_umami_chapter.doc.lnk
- <Drive name for removable media>:\dashborder_192.bmp.lnk
- <Drive name for removable media>:\dashborder_96.bmp.lnk
- <Drive name for removable media>:\toolbar.bmp.lnk
- <Drive name for removable media>:\dialmap.bmp.lnk
- <Drive name for removable media>:\contosoroot.cer.lnk
- <Drive name for removable media>:\pmd.cer.lnk
- <Drive name for removable media>:\sdkfailsafeemulator.cer.lnk
- <Drive name for removable media>:\sdksampleprivdeveloper.cer.lnk
- <Drive name for removable media>:\508softwareandos.doc.lnk
- <Drive name for removable media>:\applicantform_en.doc.lnk
- <Drive name for removable media>:\ovp25012015.doc.lnk
- <Drive name for removable media>:\february_catalogue__2015.doc.lnk
- <Drive name for removable media>:\trivial-merge.htm.lnk
- <Drive name for removable media>:\lisp_success.doc.lnk
- <Drive name for removable media>:\uep_form_786_bulletin_1726i602.doc.lnk
- <Drive name for removable media>:\file_p_00000000_1371597592.docx.lnk
- <Drive name for removable media>:\thlps_keeper_mayer_1965.docx.lnk
- <Drive name for removable media>:\adhd_and_obesity.docx.lnk
- <Drive name for removable media>:\wrar520.exe.lnk
- <Drive name for removable media>:\jre-7u75-windows-i586-iftw.exe.lnk
- <Drive name for removable media>:\skypesetup.exe.lnk
- <Drive name for removable media>:\notepad.exe.lnk
- <Drive name for removable media>:\utorrent.exe.lnk
- <Drive name for removable media>:\dotnetfx45_full_setup.exe.lnk
- <Drive name for removable media>:\tree_view.htm.lnk
- <Drive name for removable media>:\lom602.pdf.lnk
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- DNS ASK oc##.#tartssl.com
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe' ' (with hidden window)
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regasm.exe'