Analysis Overview
Threat Level: Known bad
The file http://wallpapercave.com was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateUserProcessOtherParentProcess
Modifies WinLogon for persistence
Process spawned unexpected child process
Downloads MZ/PE file
Modifies RDP port number used by Windows
Drops file in Drivers directory
Sets service image path in registry
Command and Scripting Interpreter: PowerShell
Executes dropped EXE
Reads user/profile data of web browsers
Checks computer location settings
Checks BIOS information in registry
Event Triggered Execution: Component Object Model Hijacking
Loads dropped DLL
Impair Defenses: Safe Mode Boot
Adds Run key to start application
Checks installed software on the system
Enumerates connected drives
Checks system information in the registry
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
System Network Configuration Discovery: Internet Connection Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Enumerates system info in registry
Modifies registry class
Modifies Internet Explorer settings
Kills process with taskkill
Checks SCSI registry key(s)
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Suspicious use of SendNotifyMessage
Script User-Agent
Runs ping.exe
Suspicious use of SetWindowsHookEx
Modifies system certificate store
Scheduled Task/Job: Scheduled Task
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Suspicious behavior: LoadsDriver
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-27 21:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-27 21:31
Reported
2024-10-27 21:51
Platform
win10v2004-20241007-en
Max time kernel
1013s
Max time network
1213s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\MsContainerwinHost\\NW_store.exe\", \"C:\\Recovery\\WindowsRE\\NW_store.exe\", \"C:\\xvirus\\fontdrvhost.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\dllhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\MsContainerwinHost\\NW_store.exe\", \"C:\\Recovery\\WindowsRE\\NW_store.exe\", \"C:\\xvirus\\fontdrvhost.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\dllhost.exe\", \"C:\\Program Files (x86)\\Google\\Temp\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\MsContainerwinHost\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\MsContainerwinHost\\NW_store.exe\", \"C:\\Recovery\\WindowsRE\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\MsContainerwinHost\\NW_store.exe\", \"C:\\Recovery\\WindowsRE\\NW_store.exe\", \"C:\\xvirus\\fontdrvhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
Process spawned unexpected child process
| Description | Indicator | Process | Target |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe | |
| Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process | N/A | C:\Windows\SYSTEM32\schtasks.exe |
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 5276 created 3588 | N/A | C:\Users\Admin\Downloads\MBSetup.exe | C:\Windows\Explorer.EXE |
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies RDP port number used by Windows
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\mbamchameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\xam.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\service.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService\ = "Service" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\Recovery\\WindowsRE\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\Recovery\\WindowsRE\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" | C:\Users\Admin\AppData\Local\Temp\nse8124.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\MsContainerwinHost\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dllhost = "\"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\dllhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dllhost = "\"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\dllhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" | C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\MsContainerwinHost\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\Program Files (x86)\\Google\\Temp\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X /rid=20241027213308.822240708031 /ver=fa.1092c" | C:\Users\Admin\AppData\Local\Temp\nse8124.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" | C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontdrvhost = "\"C:\\xvirus\\fontdrvhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontdrvhost = "\"C:\\xvirus\\fontdrvhost.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NW_store = "\"C:\\Program Files (x86)\\Google\\Temp\\NW_store.exe\"" | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" | C:\Users\Admin\AppData\Local\Temp\nse8124.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X /rid=20241027214154.8241233218 /ver=fa.1092c" | C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp | N/A |
Checks installed software on the system
Enumerates connected drives
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.lock | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8192se64.inf_amd64_167684f9283b4eca\net8192se64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netloop.inf_amd64_762588e32974f9e8\netloop.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\mbtun.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwmbclass.inf_amd64_dba6eeaf0544a4e0\netwmbclass.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net9500-x64-n650f.inf_amd64_e92c5a65e41993f9\net9500-x64-n650f.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\SET67B0.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\ntdll.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\repdrvfs.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1c63x64.inf_amd64_4d6630ce07a4fb42\netl1c63x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\wceisvista.inf_amd64_07ad61d07466a58a\wceisvista.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\athw8x.inf_amd64_55014eff4ceefbdf\athw8x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_amd64_be4ba6237d385e2e\netrndis.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvwwanmp.inf_amd64_f9e30429669d7fff\netvwwanmp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\Amsi.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\rpcrt4.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netelx.inf_amd64_7812e4e45c4a5eb1\netelx.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net1yx64.inf_amd64_8604d8a50804b9c1\net1yx64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw02.inf_amd64_42e02bae858d0fbd\netwtw02.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvf63a.inf_amd64_a090e6cfaf18cb5c\netvf63a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8185.inf_amd64_7a30f5a9441cd55b\net8185.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\kernelbase.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netbc64.inf_amd64_b96cdf411c43c00c\netbc64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netjme.inf_amd64_752bf22f1598bb7e\netjme.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net7800-x64-n650f.inf_amd64_178f1bdb49a6e2fd\net7800-x64-n650f.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\bcmdhd64.inf_amd64_e0bae6831f60ea5f\bcmdhd64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net44amd.inf_amd64_450d4b1e35cc8e0d\net44amd.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlane.inf_amd64_20caba88bd7f0bb3\netrtwlane.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netmlx4eth63.inf_amd64_3809a4a3e7e07703\netmlx4eth63.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvg63a.inf_amd64_9f5493180b1252cf\netvg63a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8192su64.inf_amd64_66c8bfc7a4b1feed\net8192su64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\kdnic.inf_amd64_6649425cdcae9b5f\kdnic.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8187bv64.inf_amd64_bc859d32f3e2f0d5\net8187bv64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\b57nd60a.inf_amd64_77a731ab08be20a5\b57nd60a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netimm.inf_amd64_8b2087393aaef952\netimm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\SET67AF.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\ndisimplatformmp.inf_amd64_8de1181bfd1f1628\ndisimplatformmp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netnvma.inf_amd64_7080f6b8ea1744fb\netnvma.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netbxnda.inf_amd64_1fff3bc87a99b0f1\netbxnda.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\combase.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrasa.inf_amd64_1bdf7a435cb3580d\netrasa.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\rtwlanu_oldic.inf_amd64_1a82423cc076e882\rtwlanu_oldic.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\mbtun.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl260a.inf_amd64_783312763f8749c7\netl260a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\e2xw10x64.inf_amd64_04c2ae40613a06ff\e2xw10x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netsstpa.inf_amd64_e76c5387d67e3fd6\netsstpa.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\usbncm.inf_amd64_9957a38c3d2283ed\usbncm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\nett4x64.inf_amd64_54eacac1858c78ab\nett4x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwbw02.inf_amd64_1c4077fa004e73b4\netwbw02.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwlv64.inf_amd64_0b9818131664d91e\netwlv64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl160a.inf_amd64_e4cbe375963a69e9\netl160a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\nete1e3e.inf_amd64_895623810c19146a\nete1e3e.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | \??\c:\Windows\System32\lhkpi-.exe | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.log | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwew01.inf_amd64_153e01d761813df2\netwew01.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\msux64w10.inf_amd64_5aa81644af5957b3\msux64w10.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netathr10x.inf_amd64_2691c4f95b80eb3b\netathr10x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Xvirus Anti-Malware\database\whitelist.xdb | C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\PresentationUI.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Serilog.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\de.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\kn.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\ig.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.UI.Style.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.WebHeaderCollection.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Microsoft.Data.Sqlite.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mwac.inf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sw.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\checkbox-checked.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-string-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-multibyte-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\it\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Prism.Wpf.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\sidebar-btn-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.WebClient.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\it\WindowsFormsIntegration.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\System.ServiceProcess.ServiceController.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\et.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\System.Windows.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\vk_swiftshader_icd.json | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sl.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\mscorrc.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.UI.TrayNotification.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\SQLitePCLRaw.provider.e_sqlcipher.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Data.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File opened for modification | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-process-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.FileSystem.AccessControl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Reflection.Emit.Lightweight.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\cs\UIAutomationClientSideProviders.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\System.DirectoryServices.Protocols.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\System.Xaml.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\resources.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-math-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.Mail.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\de\PresentationCore.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\it\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Runtime.CompilerServices.VisualC.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Runtime.Loader.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Xvirus Anti-Malware\database\heurblist.xdb | C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\hostpolicy.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\hr.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\lt.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\Microsoft.Win32.Primitives.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\PresentationUI.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\it.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\survey-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Xvirus Anti-Malware\quarantine\vk_swiftshader.dll27-10-2024-9-43-33.infected | C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Private.Uri.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.ServiceProcess.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Services.deps.json | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Diagnostics.Contracts.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.UnmanagedMemoryStream.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\System.Diagnostics.EventLog.Messages.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\es.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\CSC\MBAMService.exe | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| File created | C:\Windows\ServiceState\EventLog\Data\fontdrvhost.exe | C:\MsContainerwinHost\comagentFontsavescommon.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\PCAppStore\download\SetupEngine.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\FastSRV.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\a0b8965f84345db720bf8220c4f848d4027635f7e1837ca5daa6870ba861476c.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Roaming\service.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\Fast!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\nse8124.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Malwarebytes.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes\FirstRun = "false" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Malwarebytes\FirstRun = "false" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133745383110440432" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Malwarebytes\FirstRun = "false" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{50538523-AA2F-40D3-9B58-DB51D5BD3D4A}\ = "_IMBAMServiceControllerEventsV3" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{23416CFE-018D-418E-8CE9-5729D070CCED} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D8258E71-3A7A-4D9D-85BB-C7999F95B7E4}\TypeLib\ = "{2446F405-83F0-460F-B837-F04540BB330C}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{118F4330-CAF5-4A54-ABB0-DC936669ED2F} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BF153224-DA64-41F1-AA87-321B345870FA}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B860FC17-5606-4F3A-8AE5-E1C139D8BDE3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0468FE5A-FFDA-4F57-83F5-79116160E9B8}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D10B0F61-43AA-40F4-9C6C-57D29CA8544E}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4D6484EE-AA00-472F-A4F0-18D905C71EA3} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B38EDC4F-A2CD-4F76-8607-F123FE4031D5}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F3968E6D-3FD5-4707-A5A8-4E8C3C042062}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{A82129F1-32E1-4D79-A39F-EBFEE53A70BF}\1.0\0\win64 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{738848E2-18E4-40F8-9C08-60BC0505E9E9}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{18C5830A-FF78-4172-9DFB-E4016D1C1F31}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2E423AF9-25D2-451E-8D81-08D44F63D83F}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E230930A-6CC2-4B9D-8CE1-03F86A8EDA05}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{08932AD2-C415-4DE8-821D-5AF7A5658483}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1691A7E8-B8D1-46D5-BB29-3A4DB2D809C6}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{81701AB9-0B9C-49FE-9C79-C3C4DCA91E7B}\ = "ICleanControllerV7" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{738848E2-18E4-40F8-9C08-60BC0505E9E9}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{767D2042-D2F6-4BAA-B30E-00E0CD4015BD} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8A574BA8-3535-41F9-AB73-FA93F8A7DC3B}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2D611EAD-3FEE-4343-98B7-DB35565577CE} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E3D4AC2-A9AE-478A-91EE-79C35D3CA8C7}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{090D2E82-C71B-414E-AF6A-6681A92FF2B3}\ = "IRTPControllerV7" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4BDE5F8-F8D4-4E50-937F-85E8382A9FEE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BFC6C7E6-8475-4F9B-AC56-AD22BECF91C4}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1C5B86F3-CEB8-44E3-9B83-6F6AF035E872}\ = "_IMBAMServiceControllerEventsV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4E0F1EE6-E7CA-4BEE-8C08-0959842DA615}\TypeLib\ = "{783B187E-360F-419C-B6DA-592892764A01}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DC97FF29-5CE2-4897-8175-94672057E02D}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{46AEAC9A-C091-4B63-926C-37CFBD9D244F}\ = "IRTPControllerEventsV5" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B243B0B7-0567-4DA5-B8E4-A4CE22A4F2B6}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ADA09B8D-A536-4429-8331-49808442D24B}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3F967173-2B83-4B7F-A633-074B06FD0C64}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CE7ABFE9-8F8F-4EDD-86BD-9209FD072126}\ = "IScanControllerEventsV11" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2A153977-1A37-4EF7-9226-9E128FA51AE1}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E41AC038-1688-417F-BE23-52D898B93903}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{89AE2EF4-3346-47C7-9DCF-ED3264527FDE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{36BABBB6-6184-44EC-8109-76CBF522C9EF}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2A153977-1A37-4EF7-9226-9E128FA51AE1} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{72F290D5-789C-4D8A-9EBE-63ECEA150373} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E95BF32A-DE84-4E41-B836-E2A7BAB962AF}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{698A4513-65F0-46A3-9633-220A6E4D1D07}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4412646D-16F5-4F3C-8348-0744CDEBCCBF} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F81B1882-A388-42E5-9351-05C858E52DDC}\ = "IPoliciesControllerEventsV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C367B540-CEF4-4271-8395-0C28F0FDADDA}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{CE9646CD-EB6F-4835-9BE1-364F8896D71E}\ = "IMBAMServiceControllerV12" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{560EB17C-4365-4DFC-A855-F99B223F02AF} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2A0F9375-1809-45ED-AFE0-92852B971139}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2DEBAD4E-3BAF-44F0-9150-BCCCC3801CF9}\ = "IMWACControllerV14" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{34544A67-823A-484D-8E18-371AFEAEC02E} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{02E9FB91-8E7C-46BF-958D-EAF5002A59B8} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.MWACController.1 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\ProgID | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F128CCB-D86F-4998-803A-7CD58474FE2C}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B3DFEA6-6514-42CF-A091-C4DFFD9C2158}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4F3822FA-CCD5-4934-AB6D-3382B2F91DB9}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CC4D9C86-78F2-435F-8355-5328509E04F1}\TypeLib\ = "{226C1698-A075-4315-BB5D-9C164A96ACE7}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6655E528-3168-47A4-BF82-A71E9E6AB5F7}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3F967173-2B83-4B7F-A633-074B06FD0C64}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B44D50B8-E459-4078-9249-3763459B2676}\TypeLib\ = "{332AFEBA-9341-4CEC-8EA6-DB155A99DF63}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B860FC17-5606-4F3A-8AE5-E1C139D8BDE3}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C\Blob = 0300000001000000140000002ad974a775f73cbdbbd8f5ac3a49255fa8fb1f8c2000000001000000620400003082045e30820346a0030201020213077312380b9d6688a33b1ed9bf9ccda68e0e0f300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3232303832333232323132385a170d3330303832333232323132385a303c310b3009060355040613025553310f300d060355040a1306416d617a6f6e311c301a06035504031313416d617a6f6e205253412032303438204d303130820122300d06092a864886f70d01010105000382010f003082010a0282010100eb712ca9cb1f8828923230af8a570f78b73725955587ac675c97d322c8daa214676b7cf067dae2032ab356125dc6b547f96708a7937a9592180fb4f9f910369a7f2f80b64fba134ec75d531ee0dd96330720d396bc12e4745042a1051373b54f9b4424fe2d7fedbc2285ec362133977506ce271882dce3d9c582078d5e26012626671fd93f13cf32ba6bad7864fcaaff0e023c07df9c0578728cfdea75b7032884dae86e078cd05085ef8154b2716eec6d62ef8f94c35ee9c4a4d091c02e249198caeeba258ed4f671b6fb5b6b38064837478d86dcf2ea06fb76377d9eff424e4d588293cfe271c278b17aab4b5b94378881e4d9af24aef872c565fb4bb451e70203010001a382015a3082015630120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d0e0416041481b80e638a891218e5fa3b3b50959fe6e5901385301f0603551d230418301680148418cc8534ecbc0c94942e08599cc7b2104e0a08307b06082b06010505070101046f306d302f06082b060105050730018623687474703a2f2f6f6373702e726f6f746361312e616d617a6f6e74727573742e636f6d303a06082b06010505073002862e687474703a2f2f6372742e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e636572303f0603551d1f043830363034a032a030862e687474703a2f2f63726c2e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e63726c30130603551d20040c300a3008060667810c010201300d06092a864886f70d01010b05000382010100ad00de0205232e063262b46bb19416e41140de2bfa59c135efe0aa8f2b41b9d1f38739001df23db5a7470c0606c691f3075702d4edbd17c1909abf4875a2074f30dd4a6a42b50d3d15c00ffe845bc63c99cc5752b1d86e12d59692934b94e507e88982086a7a34d49e64e13d876a92909a63a14bf88fb6ea34d305be20c2de06e28c9f738b9f4d3985cace19369d85c99ec9f8503fb67e88a1efca84068b50b40a5ca61c44f1fdc8614060f26125aa07f4c7c27375e40c0b428d04e55f4448995b7b898196a7889d4b0d62e804c4d7feb4e8b26dcaecc01cbc385b1ddf85ce5b7ae3494b6cb9a7ddf405b249ade1c5146bc2ccebcd7fd65869bac3207e7fb0b8 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf5140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa20f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e1900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD\Blob = 0300000001000000140000001c58a3a8518e8759bf075b76b750d4f2df264fcd2000000001000000c2040000308204be308203a6a003020102021006d8d904d5584346f68a2fa754227ec4300d06092a864886f70d01010b05003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3231303431343030303030305a170d3331303431333233353935395a304f310b300906035504061302555331153013060355040a130c446967694365727420496e633129302706035504031320446967694365727420544c53205253412053484132353620323032302043413130820122300d06092a864886f70d01010105000382010f003082010a0282010100c14bb3654770bcdd4f58dbec9cedc366e51f311354ad4a66461f2c0aec6407e52edcdcb90a20eddfe3c4d09e9aa97a1d8288e51156db1e9f58c251e72c340d2ed292e156cbf1795fb3bb87ca25037b9a52416610604f571349f0e8376783dfe7d34b674c2251a6df0e9910ed57517426e27dc7ca622e131b7f238825536fc13458008b84fff8bea75849227b96ada2889b15bca07cdfe951a8d5b0ed37e236b4824b62b5499aecc767d6e33ef5e3d6125e44f1bf71427d58840380b18101faf9ca32bbb48e278727c52b74d4a8d697dec364f9cace53a256bc78178e490329aefb494fa415b9cef25c19576d6b79a72ba2272013b5d03d40d321300793ea99f50203010001a38201823082017e30120603551d130101ff040830060101ff020100301d0603551d0e04160414b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304006082b060105050730028634687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63727430420603551d1f043b30393037a035a0338631687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63726c303d0603551d2004363034300b06096086480186fd6c02013007060567810c01013008060667810c0102013008060667810c0102023008060667810c010203300d06092a864886f70d01010b050003820101008032ce5e0bdd6e5a0d0aafe1d684cbc08efa8570edda5db30cf72b7540fe850afaf33178b7704b1a8958ba80bdf36b1de97ecf0bba589c59d490d3fd6cfdd0986db771825bcf6d0b5a09d07bdec443d82aa4de9e41265fbb8f99cbddaee1a86f9f87fe74b71f1b20abb14fc6f5675d5d9b3ce9ff69f7616cd6d9f3fd36c6ab038876d24b2e7586e3fcd8557d26c21177df3e02b67cf3ab7b7a86366fb8f7d89371cf86df7330fa7babed2a59c842843b11171a52f3c90e147da25b7267ba71ed574766c5b8024a65345e8bd02a3c209c51994ce7529ef76b112b0d927e1de88aeb36164387ea2a63bf753febdec403bb0a3cf730efebaf4cfc8b3610733ef3a4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f10f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa2140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Scheduled Task/Job: Scheduled Task
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://wallpapercave.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff866c5cc40,0x7ff866c5cc4c,0x7ff866c5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1728 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3036,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3028,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3648 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4840,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3512 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5124,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4944,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5092,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5380,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5504,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4804,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4580,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5748,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5164,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5040,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5724,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5036,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4736,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5332,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5500,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4920,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4976 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5072,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5992 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5376,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5436,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5612 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6128,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5984 /prefetch:8
C:\Users\Admin\Downloads\Setup.exe
"C:\Users\Admin\Downloads\Setup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://pcapp.store/installing.php?guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X&winver=19041&version=fa.1092c&nocache=20241027213241.572&_fcid=1730064747984455
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff866c5cc40,0x7ff866c5cc4c,0x7ff866c5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6124,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5428,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\nse8124.tmp
"C:\Users\Admin\AppData\Local\Temp\nse8124.tmp" /internal 1730064747984455 /force
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6096,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4936,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4516 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6152,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6160,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5552,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5488,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5240,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6376 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5320,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6508 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5600,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4476 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6492,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6120 /prefetch:8
C:\Users\Admin\PCAppStore\PcAppStore.exe
"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default
C:\Users\Admin\PCAppStore\Watchdog.exe
"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X /rid=20241027213308.822240708031 /ver=fa.1092c
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
.\nwjs\NW_store.exe .\ui\.
C:\Users\Admin\Downloads\xam.exe
"C:\Users\Admin\Downloads\xam.exe"
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x29c,0x2a0,0x2a4,0x298,0x2a8,0x7ff85499a960,0x7ff85499a970,0x7ff85499a980
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x15c,0x160,0x164,0x138,0x168,0x7ff69ee88a60,0x7ff69ee88a70,0x7ff69ee88a80
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1952 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:2
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=2420 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:3
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2492 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:2
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Users\Admin\PCAppStore\download\SetupEngine.exe
"C:\Users\Admin\PCAppStore\download\SetupEngine.exe"
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4616 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe"
C:\Windows\SYSTEM32\SchTasks.exe
SchTasks /Create /F /XML "C:\xvirus\startup.xml" /TN "Xvirus startup"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installing.html?guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X&_fcid=
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8488346f8,0x7ff848834708,0x7ff848834718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2036 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4684 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4668 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3200,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5008 /prefetch:8
C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe
"C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe" /fcid /instdir C:\Program Files (x86)\Fast! /startup 1
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -command "Register-ScheduledTask fast_task -InputObject (New-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files (x86)\Fast!\fast!.exe') -Principal (New-ScheduledTaskPrincipal -UserId ($Env:UserDomain + '\' + $Env:UserName) -RunLevel Highest) -Trigger (New-ScheduledTaskTrigger -AtLogon) -Settings (New-ScheduledTaskSettingsSet -MultipleInstances Queue -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries)) -Force"
C:\Windows\SysWOW64\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp" > C:\Users\Admin\AppData\Local\FAST!\Temp\dskres.xml
C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe
C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installed.php?guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X&_fcid=
C:\Program Files (x86)\Fast!\FastSRV.exe
"C:\Program Files (x86)\Fast!\FastSRV.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff8488346f8,0x7ff848834708,0x7ff848834718
C:\Program Files (x86)\Fast!\fast!.exe
"C:\Program Files (x86)\Fast!\fast!.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1333032805180835731,10103534736416082049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files (x86)\Fast!\Fast!.exe
"C:\Program Files (x86)\Fast!\Fast!.exe"
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" ui\.
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" --annotation=plat=Win64 --annotation=prod=FAST! --annotation=ver= --initial-client-data=0x2b0,0x2b4,0x2b8,0x2ac,0x2bc,0x7ff8484ca970,0x7ff8484ca980,0x7ff8484ca990
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2044 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:2
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --mojo-platform-channel-handle=2352 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:8
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=2312 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:8
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --nwjs --extension-process --first-renderer-process --no-sandbox --file-url-path-alias="/gen=C:\Program Files (x86)\Fast!\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:1
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=3964 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:8
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=3716 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:8
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=3956 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=436 --field-trial-handle=1956,i,17175935579408903515,11900268959221369373,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=440 --field-trial-handle=2012,i,4432446905295843956,2916576048740532845,262144 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=6572,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1432,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5060 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe" C:\Users\Admin\Downloads\Setup.exe
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap22421:190:7zEvent18397
C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
"C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe"
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\MsContainerwinHost\XbzxyZcOnpQflcdDpiS9CmpLat40p7m47ZcP1aBzUSB3men3gAnTOw07Azp.vbe"
C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe" C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
"C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe"
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\MsContainerwinHost\XbzxyZcOnpQflcdDpiS9CmpLat40p7m47ZcP1aBzUSB3men3gAnTOw07Azp.vbe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\MsContainerwinHost\pHO8PqclKXULkE03ccrG.bat" "
C:\MsContainerwinHost\comagentFontsavescommon.exe
"C:\MsContainerwinHost/comagentFontsavescommon.exe"
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 9 /tr "'C:\xvirus\dwm.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dwm" /sc ONLOGON /tr "'C:\xvirus\dwm.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 13 /tr "'C:\xvirus\dwm.exe'" /rl HIGHEST /f
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\ctlfsvbb\ctlfsvbb.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES8006.tmp" "c:\Users\Admin\PCAppStore\CSC7229ECF31CE545F488664294CA102F65.TMP"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\dus0jc3d\dus0jc3d.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES816E.tmp" "c:\Users\Admin\PCAppStore\CSCEAFDD75D858A473E848B237E8F7E123.TMP"
C:\Users\Admin\Downloads\Setup.exe
"C:\Users\Admin\Downloads\Setup.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pcapp.store/installing.php?guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X&winver=19041&version=fa.1092c&nocache=20241027214044.495&_fcid=1730064747984455
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8488346f8,0x7ff848834708,0x7ff848834718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,1107544968018399582,6931012724261148286,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp
"C:\Users\Admin\AppData\Local\Temp\nsmE01A.tmp" /internal 1730064747984455 /force
C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe"
C:\Windows\SYSTEM32\SchTasks.exe
SchTasks /Create /F /XML "C:\xvirus\startup.xml" /TN "Xvirus startup"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=6620,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6776 /prefetch:1
C:\Users\Admin\PCAppStore\PcAppStore.exe
"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default
C:\Users\Admin\PCAppStore\Watchdog.exe
"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=423FD5C7-8559-4B8C-BF1F-C9D05C9F0FD3X /rid=20241027214154.8241233218 /ver=fa.1092c
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
.\nwjs\NW_store.exe .\ui\.
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x294,0x298,0x29c,0x290,0x2a0,0x7ff850e5a960,0x7ff850e5a970,0x7ff850e5a980
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff738358a60,0x7ff738358a70,0x7ff738358a80
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1908 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:2
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=2420 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:3
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2460 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2496 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:2
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4540 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x324 0x2fc
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4876 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6900,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3068 /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4904 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4888 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6916,i,13753889364828467229,306782819924289917,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6072 /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4340 --field-trial-handle=2212,i,9247180632878327680,488974009205986388,262144 --variations-seed-version /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap12861:190:7zEvent28034
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap7900:190:7zEvent29690
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap3859:190:7zEvent14973
C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe" C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe
C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe" C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe" C:\Users\Admin\Downloads\a0b8965f84345db720bf8220c4f848d4027635f7e1837ca5daa6870ba861476c.exe
C:\Users\Admin\Downloads\a0b8965f84345db720bf8220c4f848d4027635f7e1837ca5daa6870ba861476c.exe
"C:\Users\Admin\Downloads\a0b8965f84345db720bf8220c4f848d4027635f7e1837ca5daa6870ba861476c.exe"
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM firefox.exe /T
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM chrome.exe /T
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM msedge.exe /T
C:\Windows\SysWOW64\taskkill.exe
taskkill /F /IM opera.exe /T
C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe
"C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C schtasks /create /tn MyApp /tr %APPDATA%\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn MyApp /tr C:\Users\Admin\AppData\Roaming\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Users\Admin\AppData\Roaming\service.exe
C:\Users\Admin\AppData\Roaming\service.exe
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C schtasks /create /tn MyApp /tr %APPDATA%\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn MyApp /tr C:\Users\Admin\AppData\Roaming\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
"C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe"
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\MsContainerwinHost\XbzxyZcOnpQflcdDpiS9CmpLat40p7m47ZcP1aBzUSB3men3gAnTOw07Azp.vbe"
C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe
"C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C schtasks /create /tn MyApp /tr %APPDATA%\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn MyApp /tr C:\Users\Admin\AppData\Roaming\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe
"C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C schtasks /create /tn MyApp /tr %APPDATA%\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn MyApp /tr C:\Users\Admin\AppData\Roaming\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff866c5cc40,0x7ff866c5cc4c,0x7ff866c5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1880,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1832,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1824,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2332 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3412,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4564,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4704 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3708,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4640 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4020,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4584 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4864,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4660,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3468,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5004,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5272,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5276,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4680,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5412 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5544,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5472 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5548,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5508,i,8642059207731717174,15569156050386402659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000138" "Service-0x0-3e7$\Default" "000000000000015C" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
"C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe"
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\MsContainerwinHost\XbzxyZcOnpQflcdDpiS9CmpLat40p7m47ZcP1aBzUSB3men3gAnTOw07Azp.vbe"
C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe
"C:\Users\Admin\Downloads\c658854ae75c8f001ab83644793d6c692f50aeddc29d2c593d6c02c5361add51.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C schtasks /create /tn MyApp /tr %APPDATA%\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn MyApp /tr C:\Users\Admin\AppData\Roaming\service.exe /st 00:00 /du 9999:59 /sc daily /ri 1 /f
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\MsContainerwinHost\pHO8PqclKXULkE03ccrG.bat" "
C:\MsContainerwinHost\comagentFontsavescommon.exe
"C:\MsContainerwinHost/comagentFontsavescommon.exe"
C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe
"C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe"
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 12 /tr "'C:\MsContainerwinHost\NW_store.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_store" /sc ONLOGON /tr "'C:\MsContainerwinHost\NW_store.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 7 /tr "'C:\MsContainerwinHost\NW_store.exe'" /rl HIGHEST /f
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\tlhdxhzl\tlhdxhzl.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES97D7.tmp" "c:\Users\Admin\PCAppStore\CSCE1F308A6F13247AD847C9ACDCA46A331.TMP"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\jor2dszy\jor2dszy.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES9CA9.tmp" "c:\Windows\System32\CSC656D626A24FE46149452B57F8B0E95B.TMP"
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 11 /tr "'C:\Recovery\WindowsRE\NW_store.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_store" /sc ONLOGON /tr "'C:\Recovery\WindowsRE\NW_store.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 5 /tr "'C:\Recovery\WindowsRE\NW_store.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 12 /tr "'C:\xvirus\fontdrvhost.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "fontdrvhost" /sc ONLOGON /tr "'C:\xvirus\fontdrvhost.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 11 /tr "'C:\xvirus\fontdrvhost.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 8 /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\dllhost.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\dllhost.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\dllhost.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 7 /tr "'C:\Program Files (x86)\Google\Temp\NW_store.exe'" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_store" /sc ONLOGON /tr "'C:\Program Files (x86)\Google\Temp\NW_store.exe'" /rl HIGHEST /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /create /tn "NW_storeN" /sc MINUTE /mo 9 /tr "'C:\Program Files (x86)\Google\Temp\NW_store.exe'" /rl HIGHEST /f
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\MsContainerwinHost\NW_store.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Recovery\WindowsRE\NW_store.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\xvirus\fontdrvhost.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\dllhost.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files (x86)\Google\Temp\NW_store.exe'
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\UzSHyrBt7v.bat"
C:\Windows\system32\chcp.com
chcp 65001
C:\Windows\system32\PING.EXE
ping -n 10 localhost
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow
C:\Windows\SYSTEM32\SchTasks.exe
SchTasks /Create /F /XML "C:\xvirus\startup.xml" /TN "Xvirus startup"
C:\MsContainerwinHost\NW_store.exe
"C:\MsContainerwinHost\NW_store.exe"
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe
"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17300657180.ext
C:\Users\Admin\AppData\LocalLow\IGDump\X86_03\ig.exe
ig.exe timer 4000 17300657343.ext
C:\Users\Admin\AppData\LocalLow\IGDump\X86_02\ig.exe
ig.exe timer 4000 17300657382.ext
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wallpapercave.com | udp |
| US | 104.22.53.71:80 | wallpapercave.com | tcp |
| US | 104.22.53.71:80 | wallpapercave.com | tcp |
| US | 104.22.53.71:443 | wallpapercave.com | tcp |
| US | 8.8.8.8:53 | 71.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 104.22.53.71:443 | wallpapercave.com | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 104.20.94.138:443 | www.statcounter.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.94.20.104.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 104.20.95.138:443 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.178.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 142.250.187.198:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 142.250.187.198:443 | s0.2mdn.net | udp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| GB | 184.26.133.60:443 | www.avast.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | static3.avast.com | udp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.201.98:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| GB | 184.26.44.174:443 | s.go-mpulse.net | tcp |
| GB | 184.26.57.29:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.133.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.251.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 184.26.44.174:443 | s.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| GB | 184.26.132.163:443 | www.nortonlifelock.com | tcp |
| IE | 18.203.166.1:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | mhubc.avast.com | udp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 13.107.246.64:443 | mhubc.avast.com | tcp |
| IE | 54.73.19.51:443 | symantec.demdex.net | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| IE | 52.30.233.14:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | oms.avast.com | udp |
| US | 8.8.8.8:53 | mstatic.avast.com | udp |
| NL | 20.50.2.44:443 | mstatic.avast.com | tcp |
| IE | 66.235.152.225:443 | oms.avast.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| US | 8.8.8.8:53 | 174.44.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.132.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.57.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.19.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.233.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.166.203.18.in-addr.arpa | udp |
| GB | 23.200.208.174:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | udp |
| US | 104.17.209.240:443 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | trial-eum-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clienttons-s.akamaihd.net | udp |
| GB | 2.18.190.133:443 | trial-eum-clientnsv4-s.akamaihd.net | tcp |
| GB | 2.18.190.79:443 | trial-eum-clienttons-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | rldr2lacck7ikzy6wfmq-ppmpar-3a88b21e5-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | 138-199-29-44_s-2-18-190-79_ts-1730064729-clienttons-s.akamaihd.net | udp |
| GB | 2.18.190.79:443 | 138-199-29-44_s-2-18-190-79_ts-1730064729-clienttons-s.akamaihd.net | tcp |
| GB | 2.18.190.136:443 | rldr2lacck7ikzy6wfmq-ppmpar-3a88b21e5-clientnsv4-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.208.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.209.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-de.onetrust.com | tcp |
| US | 8.8.8.8:53 | 684dd32e.akstat.io | udp |
| GB | 184.26.44.174:443 | 684dd32e.akstat.io | udp |
| GB | 142.250.178.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| GB | 184.26.81.115:443 | sync.teads.tv | tcp |
| GB | 184.26.81.115:443 | sync.teads.tv | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.81.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.209.201.84.in-addr.arpa | udp |
| GB | 216.58.201.98:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 172.253.115.120:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 224.17.227.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.115.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| NL | 195.181.172.6:443 | repcdn.pcapp.store | tcp |
| US | 8.8.8.8:53 | 6.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | 23.1.32.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 104.248.126.225:443 | pcapp.store | tcp |
| US | 104.248.126.225:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | delivery.pcapp.store | udp |
| NL | 195.181.172.5:443 | delivery.pcapp.store | tcp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| NL | 195.181.172.5:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 225.126.248.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.45.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 155.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.46:443 | apis.google.com | udp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | xvirus.net | udp |
| DE | 135.125.200.225:443 | xvirus.net | tcp |
| DE | 135.125.200.225:443 | xvirus.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 225.200.125.135.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | d74queuslupub.cloudfront.net | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| DE | 18.154.63.27:443 | d74queuslupub.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 27.63.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.226.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.62.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:80 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| NL | 195.181.172.3:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| NL | 195.181.172.6:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repcdn.pcapp.store | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | ev.pcapp.store | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 147.182.211.77:443 | ev.pcapp.store | tcp |
| US | 161.35.127.181:80 | veryfast.io | tcp |
| US | 8.8.8.8:53 | 3.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | 77.211.182.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.127.35.161.in-addr.arpa | udp |
| US | 8.8.8.8:53 | repcdn.veryfast.io | udp |
| NL | 195.181.172.6:443 | repcdn.veryfast.io | tcp |
| US | 8.8.8.8:53 | 69.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | evcs-ocsp.ws.symantec.com | udp |
| DE | 152.199.19.74:80 | evcs-ocsp.ws.symantec.com | tcp |
| US | 8.8.8.8:53 | evcs-crl.ws.symantec.com | udp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | xvirus.net | udp |
| DE | 135.125.200.225:80 | xvirus.net | tcp |
| DE | 135.125.200.225:443 | xvirus.net | tcp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| US | 8.8.8.8:53 | cloud.xvirus.net | udp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 8.8.8.8:53 | repcdn.veryfast.io | udp |
| NL | 195.181.172.2:443 | repcdn.veryfast.io | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.18.190.80:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.206:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| DE | 18.154.63.27:443 | d74queuslupub.cloudfront.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 104.248.126.225:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| NL | 195.181.172.6:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| BE | 74.125.133.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.16.238:443 | google.com | tcp |
| GB | 172.217.16.238:443 | google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 157.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | delivery.pcapp.store | udp |
| NL | 195.181.172.3:443 | delivery.pcapp.store | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| DE | 135.125.200.225:443 | cloud.xvirus.net | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c73.gcp.gvt2.com | udp |
| PL | 34.0.245.166:443 | e2c73.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 166.245.0.34.in-addr.arpa | udp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | d74queuslupub.cloudfront.net | udp |
| DE | 18.154.63.27:443 | d74queuslupub.cloudfront.net | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 104.248.126.225:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 104.248.126.225:443 | pcapp.store | tcp |
| US | 45.32.1.23:80 | pcapp.store | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 45.32.1.23:443 | pcapp.store | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 147.182.211.77:443 | ev.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.227:443 | beacons.gvt2.com | tcp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| NL | 195.181.172.2:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| NL | 195.181.172.6:443 | delivery.pcapp.store | tcp |
| NL | 195.181.172.6:443 | delivery.pcapp.store | tcp |
| NL | 195.181.172.6:443 | delivery.pcapp.store | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 151.101.130.49:443 | bazaar.abuse.ch | tcp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c3.gcp.gvt2.com | udp |
| JP | 34.84.111.50:443 | e2c3.gcp.gvt2.com | tcp |
| JP | 34.84.111.50:443 | e2c3.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 50.111.84.34.in-addr.arpa | udp |
| GB | 172.217.16.227:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c17.gcp.gvt2.com | udp |
| NL | 34.90.241.47:443 | e2c17.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 47.241.90.34.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | 230.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.weglot.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | plausible.io | udp |
| US | 8.8.8.8:53 | cdn.weglot.com | udp |
| US | 172.64.149.114:443 | cdn.weglot.com | tcp |
| GB | 79.127.237.132:443 | plausible.io | tcp |
| US | 104.18.38.142:443 | cdn.weglot.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 54.83.239.11:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| GB | 79.127.237.132:443 | plausible.io | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.239.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| US | 172.64.149.114:443 | cdn.weglot.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | downloads.malwarebytes.com | udp |
| BE | 18.239.208.106:443 | downloads.malwarebytes.com | tcp |
| BE | 18.239.208.106:443 | downloads.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | data-cdn.mbamupdates.com | udp |
| BE | 18.239.208.77:443 | data-cdn.mbamupdates.com | tcp |
| US | 8.8.8.8:53 | 106.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 52.38.159.216:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 216.159.38.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 34.237.251.91:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.127:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 91.251.237.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.208.239.18.in-addr.arpa | udp |
| US | 34.237.251.91:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.106:443 | cdn.mwbsys.com | tcp |
| US | 34.237.251.91:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.127:443 | cdn.mwbsys.com | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 34.237.251.91:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.106:443 | cdn.mwbsys.com | tcp |
| US | 34.237.251.91:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.76:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 76.208.239.18.in-addr.arpa | udp |
| DE | 18.154.63.27:443 | d74queuslupub.cloudfront.net | tcp |
| US | 8.8.8.8:53 | ipv4.am.i.mullvad.net | udp |
| SE | 45.83.223.233:443 | ipv4.am.i.mullvad.net | tcp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 8.8.8.8:53 | 233.223.83.45.in-addr.arpa | udp |
| US | 18.209.182.66:443 | holocron.mwbsys.com | tcp |
| US | 18.209.182.66:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 66.182.209.18.in-addr.arpa | udp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| DE | 135.125.200.225:443 | cloud.xvirus.net | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 52.207.119.97:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | voodooshield.database.windows.net | udp |
| US | 20.40.228.131:1433 | voodooshield.database.windows.net | tcp |
| US | 8.8.8.8:53 | 97.119.207.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ussouthcentral.services.azureml.net | udp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 104.18.38.233:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 8.8.8.8:53 | 131.228.40.20.in-addr.arpa | udp |
| GB | 184.25.193.234:80 | www.microsoft.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.25.184.in-addr.arpa | udp |
| US | 34.234.192.192:443 | iris.mwbsys.com | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:53 | 37.89.66.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.192.234.34.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.193.31.41:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 41.31.193.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| BE | 18.239.208.45:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 45.208.239.18.in-addr.arpa | udp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| US | 34.193.31.41:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.193.31.41:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| NL | 18.238.243.16:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | ocsp.trust-provider.com | udp |
| US | 104.18.38.233:80 | ocsp.trust-provider.com | tcp |
| US | 8.8.8.8:53 | crl.trust-provider.com | udp |
| US | 104.18.38.233:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | www.intel.com | udp |
| GB | 23.211.239.194:80 | www.intel.com | tcp |
| US | 8.8.8.8:53 | certificates.intel.com | udp |
| GB | 2.18.190.79:80 | certificates.intel.com | tcp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| DE | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | 16.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.239.211.23.in-addr.arpa | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:53 | csc3-2010-crl.verisign.com | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 184.25.193.234:80 | www.microsoft.com | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| GB | 142.250.187.234:443 | optimizationguide-pa.googleapis.com | udp |
| GB | 142.250.187.234:443 | optimizationguide-pa.googleapis.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| GB | 184.25.193.234:80 | www.microsoft.com | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
| DE | 135.125.200.225:80 | cloud.xvirus.net | tcp |
| RU | 80.66.89.37:80 | 80.66.89.37 | tcp |
Files
\??\pipe\crashpad_4928_EEWUOXUSSNNNYRSI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | a44cb30f88e535a8fa4e1aa5eeb6bc13 |
| SHA1 | fa4c661360d2dafcc96d6088ccac0edc3323a5cb |
| SHA256 | 4d20a098921d15b20d0aaa72cfe8fb516a3c604b60db6eef452179bfed67ce54 |
| SHA512 | 5e9bfc45ba2d4987097e3427664be9d5ba41ebf2997395eb1817508638bf24f43c1cb7cea553a17695e4d2251f43f565d72cf5ebf98e72f801753649c965b876 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f3279bb8c124379c8b1d2c34404e614b |
| SHA1 | 88a6da68920a8fe22f02ac0cbd1feaf163903302 |
| SHA256 | a6b331d573c436be8a1f70d22a704088e05984c393c59cff3763cfeaa64eb3b4 |
| SHA512 | f848e3d221d4848e494466f7135570cb79f93c5013f5b0bc80ee00223a6660c199e10c504c575bdecbe22aed294848aac468c0754bb6db5bb34ae638e2b440be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6bfdc14f0e5f1ba70c7e1fdfdbe9576c |
| SHA1 | 5b899f59b1c2d932cf590a9cfb144f5b4e59a30e |
| SHA256 | e6be6eeca0325ee2f575a7e669818aa04bee5640ec8e597d8e0c78473ae95a56 |
| SHA512 | 3fda3377de481e75adae95f333aa26cf5dbe91b7516d9d0f208d783af8462fccadb656a50cd68a1d52ccd568229f6c58c718e3d62d5cafe55ce0ef2a7eba616a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 616da17d762ac1238ae16b5a42396d41 |
| SHA1 | c1191627e3dac3d3d6953b84bc7280d7657495de |
| SHA256 | 704a2d3c385967cd0b335d07e66033c17f6ee7f3705cf49dd93cbf9b409643c1 |
| SHA512 | 09be7f7b74a9dc6fd37b83bc67f616dbeb13570a4fe26b4f58cfaf2dabe16fc7fa115fe75f48d25a2dde7ec5ed6d20a7f79baef073ef303fc12f454e5d95ec3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 738151aa359de67a6a846b968caaa54c |
| SHA1 | 12ecaa615e7282152b6b7a017caa1df9909fe493 |
| SHA256 | 282285f2a21ec768d66259d0706d67f2e7d64d1e1ee224e380745e4652bc03ce |
| SHA512 | 09ebc600fe29a253e5b4732c62b1fb66ede1f42ec6e18ab25ba5f37de9ada7735e22cfc324ac35c16822f53e57c8c036720f01341e81b521e5c6194a62e63640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d5c4467bfde36a65feb6bf76a7902cc4 |
| SHA1 | a6cf6445f8a845e12ebbde366ecabb1820adb275 |
| SHA256 | c874d5cfc3fdbaef8e33e0e3304b2f09483002bfe6b35c78b6b35ee6cde0c0f0 |
| SHA512 | 4c826281baabe1dd1656b15b6171f18da951c8c7eba5345da333bbf5fc78bb7a0f38a4aef596b0aaa090cb046b02be844f76e196dd4780f640e9f322a8fba299 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\5ef43740-e1cd-4bd4-a458-7c9447db3ae9.tmp
| MD5 | 41c32b6519820f7d6857031687c9aaf3 |
| SHA1 | 6fbc7321988458c105eb894fdcef37ae9d9c137c |
| SHA256 | 67e647421604bd6ccc3ce8dcca3e9eb26cb2d8bf42740d79b2547906b70baf81 |
| SHA512 | 8516f15d42226cc093b53ec68a16f640e03f736101060279e044c01fb96ebc9fdc6d18091366726679aa1d882321a3501424c7fdd6580c8433a59067f69803e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | f85a52738e1eecbbd780234b719227d8 |
| SHA1 | fcf516cf198dabbe8297ff497a7c56cb436aa950 |
| SHA256 | fd104379d8348961292f3730ea6a8663f5aa69e40294f399613d5b6370a9bccf |
| SHA512 | b5b80abe111c8326cc336bd08b3354f7616a9fd0416009da64e608c86e94a9c38ddd92ae94c7e2f00df5c6485a43a302daa51672f671504c792dc6ff0e9276af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 54f20de8a9081fccaa118be5bf3aa347 |
| SHA1 | 9a6f5952bca06500c4df3f5a26a54955e55ccc14 |
| SHA256 | b47847a633f51ffc2135e83796b686532acbb5876025eac6d20a083502315834 |
| SHA512 | 488522b5d5dc119f11e33f295fc3a2537cfe8360287ba619eae02d70629d6bacf7ea9f8e85a05a1b9d84a0688922e97c7d754c42d5428363253765fee35f6d63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 5830feed3e34072f13cdbb9c3d433a5a |
| SHA1 | f2f9f9b1912cedb68aca907f320abecdf8303513 |
| SHA256 | 1e6d79f76ccab623a4f200df039f9f70c02a61f41fd9475f5dbda5a4fc2ff96a |
| SHA512 | 009536aeddbb09f2e21cd8c0adaa4bece6c96399f73f93e0cb73919f80c79c959d6c0184636afc56ee197cade57d7d02b9f19a59e18d8b94618dd6c141720515 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 230ab95d87a717be265134072eb17c25 |
| SHA1 | 71a3d3dd6f952057ba0c6025d39c9792ff606828 |
| SHA256 | 3fdfeaa675697f08f1c7c0fd6b77512f4bf9465e670637e8e332e65ebb9db068 |
| SHA512 | 9b0636421ad14161f211e846521149ab0a7c866e77db309dba79718487835204cee3821c9f4678e48e134614be6a02421c155a34b7c9bc424012137705960b11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | 9ab049e4fa2e057058b33715b6caeae5 |
| SHA1 | 16958cdc71f415bdec24f1359e40f66c4960c767 |
| SHA256 | d147489e927ae1eacc5ab01c03e52653593dbc4bf7112c040ce26c370cb6b2d8 |
| SHA512 | efedf364b2601eb5e7369f5e2a2b359ac83908a1cd07bbc10e52b76bfccd3339bfa6f4cd5c9f55bf934f477a12da878f3de07971109fbaef341592ef6a62ae70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be113202fcacd2578148b3616675ba01 |
| SHA1 | 05eee05e34627b304a4f779dc17596f63065ddbc |
| SHA256 | 6c8db365e3454c2ede4c0d840c52ad55ef2776735a8ec25620e43cbfa47beb0d |
| SHA512 | 610be30e2675d569731d526191c55a03d58d095c464fb54805ccfde3b5bfe0cbc9622726263a6b93773ebc2acc6c73f4087c35f3b590d037a1ffff9dac8597b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 28ef72b6e7d1f8d62a01e5f20015dffd |
| SHA1 | 2bd8a019c77121ac2547a24a6dba5ed2169e4410 |
| SHA256 | e63b5a2eebf43e9f19ff04ccc9ee1bd04df4865ba85b2ac82857b0b299ba426d |
| SHA512 | 29aaa3876ba72ecf3242850b393cef1037f87adf39f77025b9e012cfcfce97a740e419db0150f228c16a50bff2b59edfb5c764cd722a35ef3d2ebac2667682c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e4baba006ab1752a8b796ea52a62f86b |
| SHA1 | 664ea89dc18ba52fe460ae91799cfb553e431ed8 |
| SHA256 | 408f330bc4b0af468ecf6918a6eff5c198bfd94e30ff70eaa512c62918dbdf0b |
| SHA512 | 95cfc1bbb49f274862ac382db58dc019b971f4c160b344babf74719ce5d3449d0bbc32c591f427d83c1dfde72a4b32e7125cc6aee1d6254e375a124c3aca2957 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 6fdd2c4091feffaa58f50528ccdcf6a7 |
| SHA1 | e580ec81b7de305b86a1e077fa53fa5d74e8c760 |
| SHA256 | 29b6b3c1bff5693d8c12dc5d7aab7fcee5330d871bc8024307c703fc99501ef1 |
| SHA512 | 34632208ba1302bbbfba8080311ec2576e8d5a18a650452bcc4f224872c4c514c256c3d1c4f0786b265491b6df171d36311dc3cbaffcf6e3b4a387a64a83d77e |
C:\Users\Admin\Downloads\Setup.exe
| MD5 | da8990cf87c4d8196842cb0cde07ff0e |
| SHA1 | e1f51d5a5a2515490b1235ee44353f5f4c2d4039 |
| SHA256 | 1875f6b350be2fe27a03daa54acb5900aa76e36bbb4046c42a971e48fa8f7524 |
| SHA512 | 0184b555fdd12a9fc3e033af8e7913b78e4c25efadbe55ac9a0c86496456b3c6c6eea2be1c3b364ae75b7e163e348e909a1e5ac0e40fd3f24d0966897f39b76f |
C:\Users\Admin\AppData\Local\Temp\nsl6C24.tmp\System.dll
| MD5 | cff85c549d536f651d4fb8387f1976f2 |
| SHA1 | d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e |
| SHA256 | 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8 |
| SHA512 | 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88 |
C:\Users\Admin\AppData\Local\Temp\nsl6C24.tmp\nsJSON.dll
| MD5 | f4d89d9a2a3e2f164aea3e93864905c9 |
| SHA1 | 4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a |
| SHA256 | 64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb |
| SHA512 | dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6f3d04fe564dcd95b18357f460ff1372 |
| SHA1 | d5847353ea71e4ae811f18d991b348139cd471f8 |
| SHA256 | 1083364d2dee74150d9bfdfc062a60e05e03882d0437fd9b67b44bb3c095cfa7 |
| SHA512 | 21ef07ddaaabb6889dd8fe6c91a24774c9592a8ed36b334aad724ce9f6c7edd6aeca6d91b2823c07c30960f5d719a54b59fdd4518f591db67f8c59affc16a221 |
C:\Users\Admin\AppData\Local\Temp\nsl6C24.tmp\NSISFastLib.dll
| MD5 | 9c7a4d75f08d40ad6f5250df6739c1b8 |
| SHA1 | 793749511c61b00a793d0aea487e366256dd1b95 |
| SHA256 | 6eb17c527c9e7f7fea1fdb2ea152e957b50a56796e53ce1e5946b165b82deaef |
| SHA512 | e85235307b85ffd3aab76ff6290bee0b3b9fd74c61a812b5355fe7b854d4c6b77bd521e52638d28e249a43d9ec7aa6f2670af2b1c671091492c7fe19d6f9a4e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2094f121556127ef3a17e90bc63bc7d0 |
| SHA1 | e8af02ec0b2bec4089fd9c07a54b1882e018e8a1 |
| SHA256 | 838e4b8b6bb2e39d05f7b406e64b058735bf40fa854c181ceebf4f6b574e1e6d |
| SHA512 | e6bfdc1ce37308f2aeff0d49caefa8dc62490bad1b00aa5465d02c9adf4e19e16fcc65c3d57c6fd9db88b2e93ed1fd9b61133ddfd7af938ef0b323d52ec4b2c7 |
C:\Users\Admin\AppData\Local\Temp\nsl6C24.tmp\nsDialogs.dll
| MD5 | 6c3f8c94d0727894d706940a8a980543 |
| SHA1 | 0d1bcad901be377f38d579aafc0c41c0ef8dcefd |
| SHA256 | 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2 |
| SHA512 | 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355 |
C:\Users\Admin\AppData\Local\Temp\nsl6C24.tmp\inetc.dll
| MD5 | a35cdc9cf1d17216c0ab8c5282488ead |
| SHA1 | ed8e8091a924343ad8791d85e2733c14839f0d36 |
| SHA256 | a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df |
| SHA512 | 0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 980ebd34ef8cdfa9900dba4fe367d2f7 |
| SHA1 | 35955645e6324fce99a971a5a80ecae0fc21d971 |
| SHA256 | d5384308d29f2f9478f0d1354e9f94053300496f3b7cd2f88f5f8d00dbe1482e |
| SHA512 | 470cce060f4dcca34b26c8c3b2d3d4024c12fb4631ed8251e942e7e992149a422f30526b27f9f55c13d5d9581f022d3b18439893c6b0455180ae70c0fb24430a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2e89d90bb4277c662e5a2a704983ab26 |
| SHA1 | 25df811cabea24fbc6647fc36c088dc99195f00a |
| SHA256 | 755b3281e5b0c6b201ee29e511a5059b63e705447a352b6643a23d3b884213d8 |
| SHA512 | 8f77f3b9700d3c626c2254229059ad087faf3fe8edc8d4f652d682de2accca78dd092a2e6b1e02e684cf2887e8c311f86ee7771c47a8eb4b2418461adbbeb429 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8dc89706ac7229aed5f3c5261b3ce862 |
| SHA1 | 54cc2c3d72e0422edd189cce06bc58eb0bc8fadb |
| SHA256 | 96a016370977edbdca5f0252054ed4fe9ce067b2c18e25e0c9e9b1d4c2c4e1e1 |
| SHA512 | 245ca3cf108fdcffe4873084a156644be52951bbe9970491b934edb2bceb193705dd62aa130e0221fe27e372776d272c1b8236dc8350e970f6e31c85dbd7c98f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 72a3bd330cd058174fc4f12b2d68467b |
| SHA1 | de8952bf3d1bc95fc778975f298c98be3a03fe52 |
| SHA256 | 6ee8a6320563d218387b5695cc6677d9c89c96aac637f2f5992fb58bc4ac39a6 |
| SHA512 | 1d99853eab0ad1d969fa38bd3fb328e421d80d4e76c1776406f0e52f8f0bb2b2730813ec973699e0fa171e32373d72bd680313f9090eb6721af7e785bb3896b3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\773CFF2C7835D48C4E76FE153DBA9F81_15174A80589B8DAF9768E9131F4845C0
| MD5 | 220694d3acc7c2093811d7aec3f51bea |
| SHA1 | 2a8525170e719a0a53f67bd593267c52b09b42b3 |
| SHA256 | ec201403cfd24431b7ce52d080c7d095c4ac69bffe11bf6cbc95849512ccc68c |
| SHA512 | 4f9c4593037069953fada53634c7b33ec4de31c484136d4b9c3b015bd6556ea8587e59414cd2bb20ecfff168132385ccbd39097799cf92e8ff06b67afff81d20 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\773CFF2C7835D48C4E76FE153DBA9F81_15174A80589B8DAF9768E9131F4845C0
| MD5 | 2095762aa9c5c3723d18eda58a5bbc11 |
| SHA1 | b8a3b066838f7155919e91f11e369704669b43ed |
| SHA256 | f52aec49b34cb91ad7d9cf965c4fc2dfaeafc683eeeec17578f5b86ad1d8528a |
| SHA512 | b7babd5d015cc18c0c3fb2156b508128a7f27b436149dcff1aa46691ac2d98e9ad09232f7597183512de9f8f26885d6dc84aa61e0cb6003e898ec5d6f8afa6d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_C39E9DBC666D19C07EEE7CD1E11AF8BE
| MD5 | 9fa74727e591b0483a3be81ebbff35be |
| SHA1 | 27e632e8dfa3b0ff66c7934462f3524277dd65a9 |
| SHA256 | e8ebedfce0fcf0a4067ec146ebab178119595729a4f3702bfe114e1a06022732 |
| SHA512 | 8f2667297d8112cbd99e15265e0e948c4d8e76a150a8b4c9f97449923c0da22e74bdf7906e8bb13f05a4b62e6cdb089590973a4aaccab3db9dc6d88176e2b737 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_C39E9DBC666D19C07EEE7CD1E11AF8BE
| MD5 | c9874f32b7c63c19a0ada11cea60bf93 |
| SHA1 | d47d2ce81fd229dcec877918c8469a356dc67038 |
| SHA256 | 80166ce9d1951e1e8b23bafcfd9070fb700445ad60226d6949971223f3c861fe |
| SHA512 | e2bc86fecc472fedec2b91a959eab1f43842d96b91e57e4d4a9566dc501365689cea5931c406ab3de667df43dcfa44f13c59c41abc92505875981be113ba50b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3ea6778c45e6f5e3c57747cd61e0634c |
| SHA1 | e731c49fb06be12491f5ae0d93084517a1e39386 |
| SHA256 | 3085e4b05979784de134252e45ecde3741df5b0277a999118664347704447dea |
| SHA512 | e58b3cfa7d56507a69c1d09daf1758c14943924cfe4cd5e6c7eb6fbdd4607963ce9aed3ba11cfb04d0710cde84c478a858ed65abd7ff6b071c3e27433c0cc236 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 80e1ebe03793d5350782a21276591a71 |
| SHA1 | 7d08279001d268400d68a839d4912832d41d21bb |
| SHA256 | 0bef4e51c4da890cd6e49906388010a36673478b55b23d700de1e868ef2592ac |
| SHA512 | e000376ea5c5b5bf200f9d678d208f78aec946078ee61b19f67a94408d5ef608d8a85ca46a942cee0c3b0f77b123664e45bdd48dafad662d445e62e014748343 |
C:\Users\Admin\Downloads\Unconfirmed 523354.crdownload
| MD5 | ee826a11eec5f15201aa12168ab8f6b1 |
| SHA1 | de92d7e6c70439e283801a592ff200eae0ca781f |
| SHA256 | c0e2e1e4d71c468132bab2cb332f3bf7b16aaa2a032e47ca88065e05ff7e2724 |
| SHA512 | 7719f5581e5b3e351beab5ae0c75d47ad5d433d77f60767a263307bc2288dd280fec132a243e081d3ce9fef4fa5bca1fbde0728c86e72a65f26b86fa7c339812 |
C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info
| MD5 | 82d7ab0ff6c34db264fd6778818f42b1 |
| SHA1 | eb508bd01721ba67f7daad55ba8e7acdb0a096eb |
| SHA256 | e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db |
| SHA512 | 176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77aa4969dabe976b6cb9221f8c217fec |
| SHA1 | 02b772a8d18b03580b36492baf86b8d22f74faaf |
| SHA256 | 90aa410676848c1e4d50691609b84a926b52c3c67644e0cea7c368d641eafc66 |
| SHA512 | 8afc141b6eff3b64673bb4284c9187dd42576d1f0645fc141af0734e2326029559ecbfddb672cfe06a8a8cd6089934b0b7652309440ca5a30e4fde4c4fb4aae4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 919a8d35f976791803c4b96b3b6ebca1 |
| SHA1 | 3439536d6763f1b954fb0eee233a85c320a35176 |
| SHA256 | e78b0da1c8dd1e8d811a1a89ab40d642c7ccd3ee76cc76f25e3ab54bc879f256 |
| SHA512 | 95022cdff15c246bfbe942b725edfa0dc59ad4f2f9c0b16c600bd739bbde49d80b6226e94cf24c4f911080490a5a69075d17e462186635a3a5116f5573684b09 |
C:\Users\Admin\AppData\Local\Temp\nssB0A0.tmp\Math.dll
| MD5 | 85428cf1f140e5023f4c9d179b704702 |
| SHA1 | 1b51213ddbaedfffb7e7f098f172f1d4e5c9efba |
| SHA256 | 8d9a23dd2004b68c0d2e64e6c6ad330d0c648bffe2b9f619a1e9760ef978207a |
| SHA512 | dfe7f9f3030485caf30ec631424120030c3985df778993342a371bf1724fa84aa885b4e466c6f6b356d99cc24e564b9c702c7bcdd33052172e0794c2fdecce59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 621d6aeb0e1365b4c7acc8333f648685 |
| SHA1 | 7f296c69043f95eba5de20f9495aa829d86d7d21 |
| SHA256 | 42899b09f27e11d0f25ce2bfbb43886a69ac7f3885d389a935db4627ec810e28 |
| SHA512 | 928b41fbd116d9d011d5b968562a0f292fe7ac300f3475c2102510e7dfb87397f662675fb534fada0e81278a4465401cf14486c1e377cf9eec67bfce02e0b2f3 |
memory/4568-1052-0x00000229723E0000-0x00000229726C0000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Extension Rules\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\b1dfcd8a-8156-4159-abbe-da45451079d0.tmp
| MD5 | 728fe78292f104659fea5fc90570cc75 |
| SHA1 | 11b623f76f31ec773b79cdb74869acb08c4052cb |
| SHA256 | d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20 |
| SHA512 | 91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5
| MD5 | 03e9f614a008075733c76883156b568b |
| SHA1 | 5f9cb1b06928487c4b836e9dedc688e8a9650b0b |
| SHA256 | b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416 |
| SHA512 | 7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 8e433c0592f77beb6dc527d7b90be120 |
| SHA1 | d7402416753ae1bb4cbd4b10d33a0c10517838bd |
| SHA256 | f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af |
| SHA512 | 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f1569e21f47873e7d5b224c4c3e72daf |
| SHA1 | 44eeea5f38be924284deadffa20dc7a77c7e3a20 |
| SHA256 | 957b8cce8850dbab671ceb4373a13dcf1f5948754d911d1a41547100504a4f45 |
| SHA512 | c1346004c2afb84a462ad8abd1d25275848cbf633efdf9ef6e1db3c4bc414e694d0578fd4c6e4685570c85ac9f1dbbe85b919263b97fa8f73c5bf6a6a7d5926a |
C:\Users\Admin\PCAppStore\download\SetupEngine.exe
| MD5 | 85f2849f25944fc15e58521a52b800ff |
| SHA1 | 718d11673de4743835523983ab5e06f88785a03d |
| SHA256 | c4942bad2eaaca0bb5ed7e6900d6c85f12f0db6de790072838ce3f854b9ad677 |
| SHA512 | f5723f93695e84fc41f48f0153f024249e9abc9fd03d788af1c31d6084acfbe4c85a76de55ab8be4f68d16807bc0381c269cc3834510d538e9710f528b04beb7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 47e9405d15e058b0d4fdc9c34cf1f6cf |
| SHA1 | d77f74bc3512658f9934c29d76bd36d1f8580456 |
| SHA256 | 69d50223fade35e11461a20432cb1376bcfb06ed4231d232ab1def3e7472ec8c |
| SHA512 | c3e4e95063921bd1918b37868363c4362b23e8f52d222706b46dc4d57e1ba7fc96bd8708fe3ab0620d9f12bca4bad746d1500fc8d096a788781caa4c0446eb4f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State
| MD5 | 71f5a2da3c6c279c7a5faa412e017c72 |
| SHA1 | 66d2b28d08312ffa1f1f79315fdc852e73bb87c5 |
| SHA256 | 49ffaac75f7e3379a46a1303e8dcac5f54fe3bb2b4cc4e959544be2ef255eea1 |
| SHA512 | f6bdaacf2a913c376ef0905d301a8ef0fa369a541861e4944720ba33d8c31a5e01d685ea9b42256923f6f6837b2911e20abdec0d2e6f5df6cf11e8d6d1aa1228 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State~RFe59163d.TMP
| MD5 | 3e5509c8f6248dfdc68c28637816776f |
| SHA1 | 188c90e9910df9edc86f3ad9380196c8e08dadbe |
| SHA256 | 82bbea2f055328a792b665d3f364b8c7306e162e98db5127fa3f18b9ec47b4f5 |
| SHA512 | 65be6e19a03284b7bdba252de4424bfa61984c14274e69a8d96b439173ba835da144fa3bc1b8643354f0168c1861129e7f508255730b5e9d84fe7e83cd46898e |
C:\Users\Admin\AppData\Local\Temp\nsfF88.tmp\modern-wizard.bmp
| MD5 | cbe40fd2b1ec96daedc65da172d90022 |
| SHA1 | 366c216220aa4329dff6c485fd0e9b0f4f0a7944 |
| SHA256 | 3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2 |
| SHA512 | 62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63 |
C:\Program Files (x86)\Xvirus Anti-Malware\Xvirus Anti-Malware.exe
| MD5 | c2860b112891395493d548eb362a4619 |
| SHA1 | 02a560da5f06bbb3a1d6a03e342b32d3eba92367 |
| SHA256 | 6d4d5525e6cb7626cf689698c14e9284c32ff15af23dd3ae332ccf87c2baa998 |
| SHA512 | a7dda102ade086f4b7ea7afd0f34a88c8dae3ba811bc8df76fca368d99b08d42a9ddf6d7cf10e42b83b7e9ade7ac8c6faed2e9e9bfa41eca26d4bd83bafe8a9b |
memory/1268-1400-0x000001F5849C0000-0x000001F584BA6000-memory.dmp
memory/1268-1401-0x000001F59EFF0000-0x000001F59F020000-memory.dmp
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | 2a24b8f30368bc8db7ecfb42c924f0b6 |
| SHA1 | 32fc2436e948c4976f7a4558e5745a26350df546 |
| SHA256 | bc169589538c83b0156934a1c7b14b30e05907ff2f01c11ad21efe58731a38ba |
| SHA512 | 60af3872838eab68aab8a63a1a27f39256c8dcb89fe59737dac22c10403da3840c28a7e82e2e08c8548ed7955c481755f0262c594a1ff280ceceef15e5632e02 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | 08979cd46c82562841cd2235fa5e5d44 |
| SHA1 | 2169474553f8c3f7b56871f1dffcbc90b365dd5b |
| SHA256 | aa43c711fa80957b4bfd3dd2d73071eef7fd79f861b06de0aaa8712ab1e463fc |
| SHA512 | 39af4127d14aac6499f3e6a4820742f6aafd2bc236b0182666d5934730071db0a6abf1a1a75aee01e8c3a81cccf52e4e9299dde5a4479596ff3b33e36177186d |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | 114f98b99e0f9f565825322141d3558c |
| SHA1 | f151781e33508f93ce0daa2b94a196f24b667e7d |
| SHA256 | f1031050ff6606f81013b6c9d25e97603e4114b801dc4273a14c25d75ba9eaaf |
| SHA512 | 69fdb63599af62826e18331c28a2e55ac367d60dbbda2da6213bad7535b9e8c20d2d31504b8a74954caf6c7dd89ad915e5b845f20f246aac93851c76a7759e72 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\ooifu5y5.newcfg
| MD5 | 254d76004c0392ffe2ce42b1919f6bae |
| SHA1 | b8a31763b6d96889a63706b1145ca0679ad9b680 |
| SHA256 | 191c859919c2b9cb2947aa7b83d4a33c6a3289c576bdc22b32226e9ecf498572 |
| SHA512 | 912e92c3d0aa7e6ab57daa82657fd6def26e4816547baac629ab03db50669a514c5c08c39d7628438c6266f7007e3afffef0f7d2a3513e643d2f89bc5f13b16d |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\23uzj2my.newcfg
| MD5 | 24dfd63bacf247b04d7f676755e80e35 |
| SHA1 | a0e51b32a515f7c636344b4b3e688dd3895a74c7 |
| SHA256 | 9645e2da8dbdd49ae5ba1de1115c6381f405b6a07cc2b85e3bbc2c1478683db3 |
| SHA512 | 46c6caae65be42fbb05d4947b0c8ba3db589d03b3bf8ab191623997cc2807ee3c42e46791930f0fbd8c679efe6ca4e372bb13952810f66af836cf32072a51747 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | 2560f4d21257c7d29263444269356efd |
| SHA1 | 1067791b51fb554a68258ca733e41317a604aedc |
| SHA256 | 7e51786727d1d6b31a059b69b758e988d1b70eb7f5cf11d1bb1da3040823692c |
| SHA512 | 5145f0d15dd21017289d0484068c276e432e1f7c31c38700941c8cfdfc912d31c28d02b63cdc35fb5e491e8891fdb278185ab41ec828463730e72743f8da1a6a |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\csmxegw0.newcfg
| MD5 | 320a8762fca8428c63a5c669c2c9bdc9 |
| SHA1 | f5a3146b0c5d6b04697f2715e84e39c5e165ba36 |
| SHA256 | eab1a8b8af2addb8ea25ae5827396692b7660e6c0c80b8bedea0796a783d7366 |
| SHA512 | 5cdc592c7dbf881ed4e6ce35a8642d2899f109b0a236f45a7b338317f465a692ca4d6dded5a34ab3e5e3116651d06480fc4f327064d9dc7a00af0197b089aa6c |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\caz45h1z.newcfg
| MD5 | 06321edfde3617fccfc23e290270f430 |
| SHA1 | c6c84f618c721bd2c2f1c7ab94d78f4035a2bc92 |
| SHA256 | a4fc6a8aa6a9259b9a3f806d577fa7af16cbef9a9e37c58ebcc506c498154c97 |
| SHA512 | 38c52b8147d565dd2aad61db0adee38632e4009bf6b2a116209c07c2ef86e2cfbc0db28a7c23e92f3a1e457d92e83f7a56cae27aa9517092e0e671565adfef39 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\gx4iql1f.newcfg
| MD5 | 79484cb4f9dd17af6e57276ed1961383 |
| SHA1 | 528e88cfa50bc61bea20d51ab4192c59581548df |
| SHA256 | a657f5ef9830a41cf71cf5b3f59e651215d01aad8db3104ff66a65e205758683 |
| SHA512 | ab97e9b85ec33db0a0e155ef5e5db216a2440d3a914ee03c0ec386d116598b8c0f39e338b8ce75be4618cd84ad609a8d0fa64f37cbb1e191d87057e50bf76fc7 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\dqv0ousk.newcfg
| MD5 | 6bbbf82e7c208dc670ffac13507097fb |
| SHA1 | 8447bf9f100ec2ab8db310a4c98f0b54e78ae27a |
| SHA256 | 250cd673a1e0106b69b141f0e127885584c713807d92bf3000e239bace3c891f |
| SHA512 | 49383547bf71eefc0d7ec130b247e74e404e34193069242c69163cf31eeef0e90b1cb7c4b0d1058d56bc1ba64d13cacfcb9873b3daeedb66d50fee2889ee26d2 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\tl43rtdw.newcfg
| MD5 | 52dc876de1e687ac628ae4c69a32fa1a |
| SHA1 | 194ef9a78ba8a8f00e2e07ffcaa866e5cef1260e |
| SHA256 | 5e9e74f44e769566cd3824215975509ea9e4edb5e9718fb1cbd9b71e59442477 |
| SHA512 | 34842afe108bb6181d9ffee73627254ca119fe2e4f58a0a553d83178ec511c235930e7ced9229e22bdc2b9ac3cbd96332f313c05bdd9b02e627244ff19f10005 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | efe39b3b37178cc04ed4e32f967afa95 |
| SHA1 | 4c2367cdfead578dd19c53b0a39d985c6436e29d |
| SHA256 | 32b8f3503cd5dc6de4922ffc271a1d50dd74e9e8885704ae04708f98c08ac487 |
| SHA512 | c5a4625632f77ef79243e2eb2b3742132e83bf049f1566b2d8e4cd9050f3fae6919a3e258d473c4d9c2d1fdd09c5db6f1326ad840278f6f8d7ab2461b4e2382e |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\e1xdmztx.newcfg
| MD5 | bb2eadbf91bb5200a606f811c445c010 |
| SHA1 | a4b3e2e2a712e1e76d30ff58f389eb82e4b27901 |
| SHA256 | 9e5bcffc29c57449754ae867ae9b1e77a6c05f80cba1d068236066d406ad4d80 |
| SHA512 | 4e4e3acf81f37ebe072643e6ccda6f3edbefd0bf6df1e0d0c2c58c873206f11b7faaa73ee4d8bb6a381c752f80685c2cfa66b0eb56da7770489a58c4f78b1a79 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\kywdahyr.newcfg
| MD5 | 5bbd0bbf6aaa892e11db56f593279d25 |
| SHA1 | a48e0e2ed49087271033a0ece5992ade4e815bc6 |
| SHA256 | 183a120009439dcc7a0b97b284017c27330ef3c03e9ce1a444c8d3b32c28421c |
| SHA512 | c2161c7ceeac1238fa400ba0c3d39065c840f97a70d182a10e8b8bedc87eac6cfbad3cc148bc89d5247c39470dd4e86b49cebfeeddf9bee456b59cbbee449b8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\rv51hgiy.newcfg
| MD5 | d4a77a7c3d79b22fc882bb6debc9ea59 |
| SHA1 | a75f7eaef9aa746ed9502b3884adb52ca53f6681 |
| SHA256 | 1ffcaf298a653e2d39e8cde806860cdf136ed8f99613da6bf16f8bb7d8e4a208 |
| SHA512 | 23fcf58b583b426982a8530d3723532f382a82866d630bdbc73ccb86cc8a7383a65847309d8ee8d0f4a244eee8c89be1f4fc6414a28929f94371ddadafbec919 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\pv1y5dw5.newcfg
| MD5 | cda88d1196ab98c63d05fb1ef70fddad |
| SHA1 | af18f9255e48a705767c7e086491d4d971a6a2d3 |
| SHA256 | 9172500c8dc7fd4401c47cc25c4140d7283109ecb1cd11f10cad3f4e8df40e92 |
| SHA512 | 9d298380410526836ce79543a8d71abf69a7ab1961724d1356d1ed1ff87bb847f7d39636c4362bdfa8a448b346b1cf8237254f109a7f1114971e4fdbe98a850e |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\oosopigp.newcfg
| MD5 | 0d6dfa28e1f32a3b8a920beca3aaa22d |
| SHA1 | 2bb007b269e3b6df5b240759984d1ecf22d22547 |
| SHA256 | 8f417f9cdf29aa3fb57d60d3ead2b9a2b2171854e0b750d120b9e4521d51c71b |
| SHA512 | 7aa8d18fc3290e78a75e7d3fdf9e4b2d28ee69479d7976bf823e04f989eed9139a796fa216b82e3ea9b517c389331d035a8e6da05a32e597cff96787ffda3ae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e40b56bf-ad3b-4099-b217-11e8d1d0a903.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\mb233y3d.newcfg
| MD5 | 91a8b76d86e5adcb3b3d4ea06a5576a2 |
| SHA1 | 9f897fd728d90165ec6376fd5cc04b2fb3b3b827 |
| SHA256 | 27e07c949703f9141f4a78afbfa04a91b51d2201c51d9606f9b5d8f7820eb419 |
| SHA512 | 825055336e394ee91ce3963f0b7eaeff150b4e5a4213ff8f0dfb7d5bc3909157411222f457338743442ae4e710e136c7a9b54bdd53bb0b59d63d5fc4206b1038 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\nyssequp.newcfg
| MD5 | e6d98b7063827013bede95c6ee0f3ad4 |
| SHA1 | 865cda5b49808f0e20967159b9fd3bb6116857d1 |
| SHA256 | 9e8c4ccd006a5e6ca9da403db36784488223beb71d0462e0a9d2ac6d6f514855 |
| SHA512 | 21153484ad31f088a3fe9e684eff22698ffcbc14e88a5ef618bd5d5b705fbeed3846e647f316c055f8c0eac93043fdf1bb6338a5f352960f75c491a3a1bd2118 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State
| MD5 | c96ddcc4c732d26731ec0be1f858983f |
| SHA1 | 04737bcf5df1d6e168a3470194e4b9db72749c58 |
| SHA256 | 42c981480980507f46bbac16ef31da763fabc4f02c7e57f9ee71fe8acd60c8bb |
| SHA512 | 26573c01f84660d94083b9cbcf999ec9e7e995df0763893c4c7c28ee4d7e0706120423c3eca397a82ea70327b83053140a197d6f771c916f55afee92eea3df44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a1297b7bc531fa11e4549ee4fa97ca5 |
| SHA1 | 5457f344439b8ca549906f6ea8c26571c8767189 |
| SHA256 | 4036032a294d36b233e9b1f0c6b0ab47420e4f7f9f6170c6c778cb145d9bebb3 |
| SHA512 | 7c36f64e55cac41ebabb075fbe8d2af40387a570bcb9dba057293bdbfcf90042a9bd3c04d61142ca86c2949e3a0abfdaed3bef0ad793b3a0cef1c6543147d94a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 63a385918e683dfae25f60e18c025ae6 |
| SHA1 | bb19e4be5c3a37048bbc584b3bc8d7f3a76aae5c |
| SHA256 | e8e115d3259ce2a4bbe223742fcd2415630745a626ce0b5efbc57db80730a27c |
| SHA512 | 87c74a1cd947eca6f1f105e1c5dfaed3df9cf75ddad30955fc0e3b54d68236eb78355e04b78f1f17c4f5003466f47773e261db9a504ddcf308c61d9bfe7d7447 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe594155.TMP
| MD5 | e6cdc916f391c2f3a9433f8dbf21cb52 |
| SHA1 | 75b3fc062535e5c1b56bf4354a18294f80d9bac5 |
| SHA256 | 357534d81c7db1e87c2bbc32e396170d64208b595906999ed37994a9afd6004f |
| SHA512 | d36c0ad17f6d7a0759a15c8ecc68b7f2218298a163e7509eeea7bb0dca5caa3999d090400deb857f1758d874cd9596e946dbc94c942778c05208df56b9c73cf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0551fa5bccf479739e61131c5ffc481b |
| SHA1 | c218e2d3a1899037fb2934b38c449ae00e77913a |
| SHA256 | ca179cd8420fd7fe0fac786f23a0a7bd558640b547991cae26a7e7561585e991 |
| SHA512 | 7fe412fa92fbbe7bb242788c802fab58db29d1740c162ac40e3b779b453c6a02929dc62320f65e35ef40927697024af4e60ea1c1570eaafa522d168c0f254344 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 116e3c5f95ee6b4641507206f0701a64 |
| SHA1 | 344f013b8e5e9e5a2a279b016b4734d494779f20 |
| SHA256 | 19c35408fc55b12d11cbfef7eba03e557dba9f1774c831cf81929e7c2fc89989 |
| SHA512 | 9269308bdc02cf7e61358c99e32605579967392399a9d8a985b203c3e436997559e463d46d10a2e61f428bd613d231a4d7f8922191d494376eb34379d0b25ba9 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe594cde.TMP
| MD5 | 38e21cfad04e91a9138edea7bd245db7 |
| SHA1 | ccdd6cefe7845ed72e3741b16df0a4efd013f2bc |
| SHA256 | ec52872331e4f014a12d8c1c8b485ca5feee20e723e1da77db67cf79ebad618a |
| SHA512 | de151bf7bd09555a55346260dbbaa30d4ef055b4100b3a73b4938f3abdd6e471adaa1ab77d09bfac5d1f14664e84a172ae41f0bcb011055b315e2d5c8b776691 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ce31f8fff7d16664802d914b744f0293 |
| SHA1 | 708c091064a5b7397f9915a96c10d842e84317e5 |
| SHA256 | e9e7a9f08482417b0c89efa6c874e7fd94cad6ceeb42aba04e1df5342a3a2e9c |
| SHA512 | ba9abdc6266865109b6de1672232bceabe134e8fd7cddb00d4c7e2dda4c5819217d165fee8cf1f16cee99c1511e153eef63195d9de68fa4d50ebc1ab5926d7bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c3850955b5245371f86c66175c021d8f |
| SHA1 | daceb526ea84dd475fc41596a5013589822592aa |
| SHA256 | 24d8e388ec9fdc4f70a833b647544988094f9773f1eee976ecb02bf8724cbc86 |
| SHA512 | e82a5e605f7493b0b216789e39da420f58ae8ec873316066f0dacd1c8f18aa2e4e64c9f336f3f293731beb0df9d784f64ce09797faf3830fb520a168ed78f029 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d3616a8ca9849537be9634b130462bb4 |
| SHA1 | 2e1e61534d034c228f370eaa615bc15df2b17034 |
| SHA256 | 8a72f37aeaab831f23708d94b6e4ea63dca3e3eecbcf52cf20cf350334da4fa5 |
| SHA512 | c3c5f61fb33eb9d6aecfd01783810a4b48fe6df5a47d84e6c6f1a5777b0fcd68f39b292f0428331ca162f4ecc5c9e2f71773daca4cd95f0499922b98d050f4e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 523dc1e34093ee182175b1033be05fdb |
| SHA1 | 1548d807ab2e041f2fb1d0cd36b9ae4383679421 |
| SHA256 | f28ce898a064e13be3bf0f48d483415f449deba449d560b499cb5cb29253f3b6 |
| SHA512 | 545037abec5b45544b1ad16922d2c5c6796e0c9ed2f52e83ebb2cfc71c2bd3d9d8f7182c1bc7465e7377121435301b4526da28e9aca8e1c130fe62ffcdac4a73 |
C:\Users\Admin\AppData\Local\Temp\nsfF88.tmp\Banner.dll
| MD5 | a1b9bdee9fc87d11676605bd79037646 |
| SHA1 | 8d6879f63048eb93b9657d0b78f534869d1fff64 |
| SHA256 | 39e3108e0a4ccfb9fe4d8caf4fb40baa39bdd797f3a4c1fa886086226e00f465 |
| SHA512 | cd65d18eca885807c7c810286cebef75555d13889a4847bb30dc1a08d8948893899cc411728097641a8c07a8dcc59e1c1efa0e860e93dada871d5b7acc61b1e5 |
C:\Program Files (x86)\Xvirus Anti-Malware\database\heurlist2.xdb
| MD5 | 79f93d30a3c2951147e12b48c72629c5 |
| SHA1 | db8e3db25b94934917d3006686488efa0b487450 |
| SHA256 | a2a9a4e8c0de5951fc0a0324380c11a0620b8567a6a43dd416975ed25e30e576 |
| SHA512 | 52521263eb186c6939efc54e3ed8feb07af542a1b1d336619e5bb17427be8daa0f6a0664438eaf1e68c9ca82069d3660c7c9e0806f730f1b755772e2a8d8f9cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f2f71317814d201ee85a60407d3e6562 |
| SHA1 | 8b878156a969217670e020db5c45652cd798880d |
| SHA256 | 48b9f0d25ce13ff4bddfb4807b9134bba5c30795e14173bf35775e5f3397b62a |
| SHA512 | 3e5809d8b90aeb31ac4e15e287ede51b45663b04c45f4e0c33d6c853ab190ca01ff76e18f5bc9f0ceecda721b668033df2a762363beee87e27640ab7803f593f |
memory/6496-1903-0x0000000004970000-0x00000000049A6000-memory.dmp
memory/6496-1904-0x00000000050A0000-0x00000000056C8000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\4d17f348-d258-429e-affa-6b06514836c8.tmp
| MD5 | ad335f3b44a26711bb45e9839c504218 |
| SHA1 | 0bb910264f349451ea7a57249d94732890ceebe8 |
| SHA256 | c5e64728391ebd9e4d201e0643bb6fee4656493bbea293dec6b146e8b969222f |
| SHA512 | 46b994a6626975b06718d6b863ca346a707536c5193d41e94bbcd69e282852b4f31682061d5e0accc9847d238f99b070cbf78e6ae735b35d62e0ba3dd3dcb2fd |
memory/6496-1914-0x00000000056D0000-0x00000000056F2000-memory.dmp
memory/6496-1915-0x0000000005830000-0x0000000005896000-memory.dmp
memory/6496-1916-0x0000000005910000-0x0000000005976000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_dhvpqj5u.i0b.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/6496-1926-0x0000000005980000-0x0000000005CD4000-memory.dmp
memory/6496-1927-0x0000000005F40000-0x0000000005F5E000-memory.dmp
memory/6496-1928-0x0000000005F60000-0x0000000005FAC000-memory.dmp
memory/6496-1930-0x0000000073180000-0x00000000731CC000-memory.dmp
memory/6496-1929-0x0000000007100000-0x0000000007132000-memory.dmp
memory/6496-1940-0x0000000006510000-0x000000000652E000-memory.dmp
memory/6496-1941-0x0000000007140000-0x00000000071E3000-memory.dmp
memory/6496-1942-0x00000000078C0000-0x0000000007F3A000-memory.dmp
memory/6496-1943-0x0000000007270000-0x000000000728A000-memory.dmp
memory/6496-1944-0x00000000072C0000-0x00000000072CA000-memory.dmp
memory/6496-1945-0x0000000007510000-0x00000000075A6000-memory.dmp
memory/6496-1946-0x0000000007470000-0x0000000007481000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8115b6205ab2d9eb93a2ec3a2ee6334 |
| SHA1 | 3d2346f8188267c0da8c179a1a57581d1cd86c79 |
| SHA256 | 004bec59c72276b6b9dc7933c825068499ae946dcb70c31b4776845f3548389f |
| SHA512 | df6dbad247211b467f0fa3128f18cbca22540632e8dc1d8df23487d0a0ba7697270f26cb950251c0ae676f44ec9f2598439495c5c53a59e80f3996cbad19bf61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 50008e6195692588f2ecb85761c2677e |
| SHA1 | 73ae18d42bc35a60b3de3890558f4d82739a7831 |
| SHA256 | 22a3613a6490bdf74489baf79ca08306bbca94217db59ed5eddbc49cbe998d6d |
| SHA512 | 58433df180a84806f6207c204afac11cc6f4f621807253a272e3e5610526dfe234058c0b3ca0d0feeb233b35ead4599d39aa62297472359fb15d4e0a42c1c29e |
C:\Users\Admin\AppData\Local\Temp\nsu8E3D.tmp\nsExec.dll
| MD5 | 675c4948e1efc929edcabfe67148eddd |
| SHA1 | f5bdd2c4329ed2732ecfe3423c3cc482606eb28e |
| SHA256 | 1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906 |
| SHA512 | 61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 0e5621e4ad1c37555a9d17c177f918f7 |
| SHA1 | 9dba9620096cf17313406c5a8733d998b22d7d96 |
| SHA256 | fc4f3198bf5dbfa3a577fc8a5abd63832279a539790d0d786792b0d944988edf |
| SHA512 | fd1ca81b1e28dc4c75cb9263127ffaa10ca443a2fa018b420c777f808f269e58aee48babcc3ee348733d437796c8d4f70c60d161a3708a100957a3b4b70178fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2190521df4105d8659272e5f0e33d827 |
| SHA1 | 8b7443ed49038ff301ebdeaaceaa435d2149bb46 |
| SHA256 | 627a2cb9ca83fcd5abac58086cc7558e399fce79b5429d420590c5ea6f91dde7 |
| SHA512 | 30b508370fa2df79cbeb3f3d8ff684d33e4dd95bca27463614e1d6cb95308366917c1e956b005263a29f7ac97b5c5b399905e70da83fcf61f013c745ff562a6c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 586260b141bebe1a5130a84c3eebf7d2 |
| SHA1 | 103502d5be6f5b0324c4c0f801d1602091780d8c |
| SHA256 | 620d8994dab1d88cc9894258e012a6ea498f9a517fc0c813cdc2576835254b0e |
| SHA512 | e504c4ec0a74a944c4ec209ac462b8b2bf5a9e4cf968728fdc28f8c2aa1613c29a4488cd19157486b10c1d5de27c946f8a2b37f9c88f78b38c6f41e9f7cbb75b |
C:\Users\Admin\AppData\Local\Temp\nsu8E3D.tmp\SimpleSC.dll
| MD5 | 7b89329c6d8693fb2f6a4330100490a0 |
| SHA1 | 851b605cdc1c390c4244db56659b6b9aa8abd22c |
| SHA256 | 1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d |
| SHA512 | ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a |
memory/7884-2009-0x0000000003250000-0x000000000336C000-memory.dmp
C:\Program Files (x86)\Fast!\uninstaller.exe
| MD5 | 7b84320c38dec82dd5dd432f2bd40b93 |
| SHA1 | 9d0050434cf6f3b71bd404eafc77fa9a3e3e1924 |
| SHA256 | 301d71a9350673254bb2c7e0f2954217b46b876d9af393029bbbfe5f852a41e7 |
| SHA512 | 8569263ea8e405f11bd0d2d99949ec5f84f593d8a2210c2a82aabad5b98969dd79414f0072cf3b79d6ffd0703dcb73fbf72a2c56a75315fa4d89b50c024fdc28 |
memory/7884-2198-0x0000000004B80000-0x0000000004C9C000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 3777e1d4b387039e95954a1d5a723903 |
| SHA1 | 11e994df923afd1541a40cf33a6b1b907d8e13cf |
| SHA256 | 768cbeb31d9d7f83167babd24a0e7de4f526cd083d55a9ff6035267e0a22548f |
| SHA512 | cf201fcf225780a534834b66d21282b474777fefbf407a573e1a242b459b1f3f5f7318fcc615e7b19b6eeaee90876b5652330cdde4a94a97d9ea7b86ca9320a4 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State~RFe5a04c4.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 98bb5445dacac20558780576f2ed3c05 |
| SHA1 | 687b4ff21d7357980048f2416c779dd5b3f08f8e |
| SHA256 | de760c687528df3f59198bc26b1f66c6c964bcd38590c1a25f397bea5a72e104 |
| SHA512 | 2db994414a018f63f214f25119a682c3a57ec6e397940adb04751036bb8088fe3bad4272e1e086c8a943f31afb4e21e4f63e1913ddba1c3fea9503ff4b199e34 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Code Cache\wasm\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 259e7ed5fb3c6c90533b963da5b2fc1b |
| SHA1 | df90eabda434ca50828abb039b4f80b7f051ec77 |
| SHA256 | 35bb2f189c643dcf52ecf037603d104035ecdc490bf059b7736e58ef7d821a09 |
| SHA512 | 9d401053ac21a73863b461b0361df1a17850f42fd5fc7a77763a124aa33f2e9493fad018c78cdff63ca10f6710e53255ce891ad6ec56ec77d770c4630f274933 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b13e5ec429689499ae4d6a4531551c10 |
| SHA1 | 7660dcd54c817faf960c186c2b87e48bba13c928 |
| SHA256 | c86c3e512ba8f67ada9583b14acca0abf4206bf805518662a0f70ec17956dd27 |
| SHA512 | 65a5ec390fe8c29004e52cca8d2c11b4988cc90ad08298bbdaa6cc878cc88ca64bf080c3677715e64455e023f4afedc872f824d6bf9b7714cdf912851097581c |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | 1486c3cfa887dd6bf1a9fdf7bb633f40 |
| SHA1 | e2808990cad11f3e6c238f937f5ca212690ec9f4 |
| SHA256 | 0054b3cdc51d141e95cafae7a64fcee1255088f6b2d9bedc8a7e4b49e9adbcdd |
| SHA512 | 5567a8353838297a6c1ed7503ebffe486139280f1f9d1dc5af989babc4b502dab7518da2d2857e19db356be25647becb4b847fd7790981def8083860c73c4ac9 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | f3de62c54b22058b62ae0de88072e783 |
| SHA1 | 1fe15d711a799dafd2c7f47f56e63273c77aa6f2 |
| SHA256 | 7d9d3df2cb6ed26d083cb05763ec754f9ce63e13a78a1f8b97244114f7f88973 |
| SHA512 | d39ef06f0273ae7df0bc7bd273983793f163d7ce2883c5bf11f8cfdcd034c79d4f6c613771a3726e1d62ae1181f722c4f91cdc0f0b20c4b17ba6d87167871551 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe5a1994.TMP
| MD5 | d86360428ce25eb734b7c2d6689d514d |
| SHA1 | 73c4675a993b246e6873eb8ccabda342b3a7ee35 |
| SHA256 | f1160b95f11c5323c34e64d62cffd66b09c5c7f917dafe2cbb7e27db00dbc2db |
| SHA512 | eec5fe7651426c0fd9431cbd693918d21e925fd6e8a6a485e1f74219994b57fa989bb031f5ef0f167e7e4ce228f47adc4b4a3f070d0fd347b7f4d3b48e6bfeed |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | aa9593c4ac4cea93eb2f720858c9c897 |
| SHA1 | ba0669c9ff13a6f2faf77de4bd199ef8164929a3 |
| SHA256 | 0eaf6a2a293ffb68f4408fd49f5353cc45bfb4383ecd727bdb6ba18de0ebd02d |
| SHA512 | 4457ec7384402257c96ddcc2cc9b6fec20522c39c97a09432f924742630888aaf4d9d4e83e11097c6f1262ca9218609bbc7be97907f57dd456143edd54aa106e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c545b22fb5cb6b5b8281fe1727683724 |
| SHA1 | ca65dfb1e194fc1682a293d34f27c73955f46d02 |
| SHA256 | 3781aa2dced657b6257b66fdd41017a06d23e7e65dde02b2e40aacccb0bc5b02 |
| SHA512 | 250a17ee6d6423fa8042d16f87d459987d4a8aa165d7d1c181238630cc7898711aaed4d7df091ab851cd29c35bec52e0a7736d88a153bdb34126cd0b4e5d42a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6778b7e97fc0b0f610068854fc24232c |
| SHA1 | f79a85e196a5f4a0774f4a6796e5ff0454042e83 |
| SHA256 | eb93b9fd239ee5014acae3b957740f6bf32558e90a37b83434e08d8110ba3800 |
| SHA512 | ffe0cee0f49cbf852ac507248f0a9ff5b384e60177526415f480b501a4bfc25b252f7c0425246741b01d8c0ff7674cb03a36e162a6cd7e98417ef715da93e7be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a259a.TMP
| MD5 | 8ef837a1fc2418ae37ff04b81398bea3 |
| SHA1 | 6c4cdd8de9fa4d5867ac8eabb1b1568ca9fdc2ac |
| SHA256 | 522b4c399bea7de2c6ffd911c9fd1b7b3499b9f5272a6410afb62f906e1cc4ad |
| SHA512 | 54144f8e08f316109fa1f53c3954c23fbcd69f7df5fb40582b17f5e6a8267c2fe130a1fd3e19b867882eb5db1ae3cde5fc6f28a16162ae073a3562a319b3ab93 |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | 83976b6c1b43efdf7b3c714e02481b9a |
| SHA1 | 8de4f0f1aaead4f1b4671d417f01ead30976f25d |
| SHA256 | bcea0362e256edf5d4a598f44c5259153f85e0c078c9f1041364eda0ff8f1c7e |
| SHA512 | a23a654752ba60fae8c4fd40dfb8e09692aaf0451cab9192d6f8f8ea6ee198f7c097cb65e1f0ab09d2e84a00a597727133b468e44da46ce26b4f1fa79088a83f |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | 6c025d3349ee8c429db7cd8b54ba9bc4 |
| SHA1 | 7fb09a2fe85514f2722940cc1a7f4b402de527b5 |
| SHA256 | 55f69927d0dbc8932ba4c584d8c892454061374822a43acdaef639c878e9f26f |
| SHA512 | 7d2173eb24dc583a98d81fac9a78ee9f8590256c7b8d2ca8fee44dcacf190fb29becd0fc821287c545e2a9318f410c9a205f1704950b53dd942ae10626618c3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1140fbb61ce02f694b0d6ac7068d1c46 |
| SHA1 | d118bfd10c1681a27edd444b3532dccaeb202be7 |
| SHA256 | 1172387dbc8634897c42a653dfb3c5be3af2edc29defb6537879d3c23fc1c98c |
| SHA512 | 2df57f72da239ad2c82073ab66631c09e8b17a338b019f34dab9123977b256dd4fa2ef56816eeb98ddd13be27ad267e50fd1558cd71b7aabe496367cf376f1a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d19d50d41ac9d6bfee8c0ad21ab7e0fe |
| SHA1 | 042638c86c47dcaaa7045f624b3755d4526a3cac |
| SHA256 | b7fb22282191a1caf2584dc5927bcf7e4093d4c2d96439ec2ed9ba6f98ab3b80 |
| SHA512 | de8f89774bebc3e03a2e4513ed9450cda10ccc0e9c583fde7a941302d92164568a53fea83c47c68d58011cbeaa563087197221fdc9a2f59e07230388ca9a1972 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a0cd0839fce2e1b98631838c75976c5c |
| SHA1 | bd7fd0a9a2775b22a1c51e1b0c46274d8be1350c |
| SHA256 | a7712a09b3eaa232b55e56fe5092e5cb99268c49da58802620c88e857e04840e |
| SHA512 | 460c1cb46cdf9a8b8b55d4d09ae0cb60032ec8540a5e17adfc42ac96d239b9f17f6f7cadcbc1945d8f9dde7494d5825c67839203f337afb6877ae881d388ad55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4bc74da4f15a67a23a3818f975cfbf56 |
| SHA1 | 56f42a8ffa2779b42a003e6d9e1a8b98387c6156 |
| SHA256 | b90c015a1b3d19ea0976533d915c3a4137b2134d6395dc42e83043c0d9a5447a |
| SHA512 | 077daa997d8c1164c945d81a9149d2fddf844eb2a800d9838296f0778ca7973ca82ce860ed6d8816a905f09391feaf33ba4925e2ce69721efa14846fcbaf76fc |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 8697daa1d467544bf5983bcdd7ffdfd7 |
| SHA1 | 280531b976182872f48f9ac9047af0ad3a79efc5 |
| SHA256 | 87662e17ec2d0369020dba3ce493027ec8a8a06b2d962b43685b6710ee947a95 |
| SHA512 | a28ba993463b10a935ebe171bf3eb6fcdb00add481ab73f56c0bd4c68ccea65332695d4a56fd91c78692fc0948055f5de1c8198267292f51bbcaa1c469f5b122 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | 49784ac8c5d7085e7633767fd88a5943 |
| SHA1 | 6a551c92abfe2d855949a039a0421e44ed58c151 |
| SHA256 | 5c2523b5594a33327dfcb7e9294f263a7142cc6c42bc5638e785490e91b92dc0 |
| SHA512 | a4eba22410f81038d732fe6ebc91cc822f139cb05ceb0360113c2e4c2646fcf698a3ef9bd72f085135d452906d214e6d4e384f4aa1d942bb07f5eb18cb6b6c39 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State~RFe5a374d.TMP
| MD5 | 89fcf0058de34e86335fb167ad4b5b65 |
| SHA1 | a167a61157b4f310b7f39d9b23c953f31073e1dd |
| SHA256 | 7109ac8457a5549d45e9e7bb67bd9506d01a4dd35bc8189a0f8278538063ee9e |
| SHA512 | 24bd811496f20c5bb7d5456f770f16975e7c4ef2f6d8ea944c6f45f7391fd3fa3983811d829d466cf4286c44d21508f02f319b2378ab4044d282f91841356755 |
C:\Program Files (x86)\Xvirus Anti-Malware\database\viruslist.xdb
| MD5 | f7041ab626a0961fdb3c83e2657217db |
| SHA1 | 5429ece8fe0cb867f8e858c3b43bcc77867f7c8b |
| SHA256 | 317465f02ec0f13cd34414ae606142683f8148b089e3697469c661ab62adc9a1 |
| SHA512 | b2ae29d286d291d9dba73978860637ac8094e92e431a59788a361e64f2f0a9a41ed799613a83dcea26b8cdc2327e275b92d9af217c7e58e79b53ada21a6f52d5 |
C:\Program Files (x86)\Xvirus Anti-Malware\database\heurblist.xdb
| MD5 | d07377976836df58ce860a1326739771 |
| SHA1 | 89e1c8d7f3d13063f3928be28c5efd294d71d43b |
| SHA256 | b7f1cdae502506c15151a1bcbc72defa0eb1486347f593109a61d2e3199cee92 |
| SHA512 | 31a941af50393d497dc68b871876d21fb15f6a813fc4dbefca46f1eb4272c61a9aaa32f7d49b9723521b1a6fc63ba4160d5e1ac9d2c7f38f8890e2ead385bf8f |
C:\Program Files (x86)\Xvirus Anti-Malware\database\whitelist.xdb
| MD5 | b4558fc44e0371fb05b8f0579e7d217e |
| SHA1 | 386757c41409f3832f42a8f297976f12223730ca |
| SHA256 | 7af7264724e3b8438c9a7c202604e9833d4b707c93df09dee898c14620b360a7 |
| SHA512 | ccfb8484fa61e5e01142bd22a23d494fbf37d5265dde1726caa2685ae27db076fa17b57db9ddd60f2895a74b8e72fadd89f67de24e3e4764aa63361457b0c911 |
C:\Program Files (x86)\Xvirus Anti-Malware\database\dailywl.xdb
| MD5 | d4179da30d92a12ae24a9a7a135c8d10 |
| SHA1 | 7ae6c15d888e2b1150c7ae51b1dedfda183fd619 |
| SHA256 | ba0b5b1d761610a69c78182a7f1e09d526bb193a6354e2450c0f60fe2af2a9ee |
| SHA512 | 724f3b99f3cbdb4c6a034d33063f1c5436ee974bc7ab3e24634a419120448eac2227f6c5c0768159c522d91fb818c3e3054e9c12f76e8e50f6c227d7b93865ca |
C:\Program Files (x86)\Xvirus Anti-Malware\database\complist.xdb
| MD5 | 4fddaf72e2c9f534079b8a976e0a741f |
| SHA1 | 4311f2268a9df5a814c610f7888c98e0502a14df |
| SHA256 | 72f75d6ed4f2ff5ce06e86e2f1308470cbb8c1ffa3f708a7c9aa873485644d27 |
| SHA512 | e176593709b59632c5a7db0c2e4289fb6b314ee2266e51f33861b650773d99d077d4e36e219b2ecf6e27c538e6230c9539cfd03937d0f89604ce4c0c3a53b57f |
C:\Program Files (x86)\Xvirus Anti-Malware\database\malvendor.xdb
| MD5 | ec5107c5da71408b827e995902488837 |
| SHA1 | ba80987a375a48b328fc296cfdb51442c61be2bb |
| SHA256 | 120eca3a8d98f0b15b43cf4c6891606b27107aa869152234a23dd23f06d973e8 |
| SHA512 | 6347d52ecd73f13285c0fb6b70f08accc90e716e45bc40f9c9fbd38b3cedb13985a335aed14da2dbab97ad224e7a57cd4e4741203a9eb905ec887b0c7d612778 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3fd75f7da53aa8af754bab5b802b128 |
| SHA1 | 97326620ef82186671bee014576f2e06a95a5e23 |
| SHA256 | f271114d841f79d1a96f3b7986d147ced770b5242a51fffd231864f9f0371ebb |
| SHA512 | 7237f52dfc8bd75640be5b9ddb63dcdd8ae09bc0a50a97b72e654ad0e37d4f34d1a63f39532809a11408a44aae68aef978a94d28274234a6d29772fdea5cb831 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 978e207c7d0673f2c9597bbf3a1ff1cc |
| SHA1 | 16b10872f2e3cde6357ab45f316e2b5f108cbdeb |
| SHA256 | 4e35febe611643af816e824887489531a0413d345b363121e552f0ee2c8c30d2 |
| SHA512 | c281c5364ba49fe98118e16afe85193bf55bd92d9964a63d8cc3b6183b668c835b06e2d84ce2f5c53143edac89ee2d5cd161ed09949572f3a31a70623b484572 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d395ed1f019ee47db39ce8cd66044468 |
| SHA1 | 8afad0a06a61f4e1fdf81e53a344675ea677c869 |
| SHA256 | d42a64411f0ac7e9c77bd8f5794e5bef131b4cd99949f55fda8f2b404dbce0d2 |
| SHA512 | adb0a5002c026cea9403a8fc1e0d5abcb31c67eab73c0874ef8d9d3303b2feac6d0bd91aeaf9abfe8288fbb2c72ef9a2db92ff46956f97a9d4177a948b4b29fd |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 22019ca8c5ef582f18bc9d2a09b6cd69 |
| SHA1 | 6a87267dc7e6893107e7ece2bcec54b627dd3f7c |
| SHA256 | 82b3b171974b3a37e89b3d1387d0c0dfd1d99cd47d5854716816bd1feb7bcb80 |
| SHA512 | 1c9cdc0ea3e1e7deb46dfb8b07fead6b44756af2e96845eff1a047f70cf5c375560d1c21d4cd4da23ea9d7d6ea4a223f137ebfd387c30ab675e7317a23c2da62 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences~RFe5a6b9c.TMP
| MD5 | b32a435fc259f7a62a8da13f082e87e5 |
| SHA1 | dac5eb5eff8bc58314b3ca0a381a6a68b7bbd4a2 |
| SHA256 | 7fc46200eafbe7face15b4090e0c7306e271ace3b3a5ca25e5cbac60237bef9c |
| SHA512 | 5c12a799507728b45775e15872380cf9f924bfac74e1bdba7a30727a02021c43df61dd5f287de7d46c4c1fd8ec41260de61f0468ed59f1d9748315360a12b861 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity~RFe5a760c.TMP
| MD5 | 1be00138fae30d74e7f9496d10d14654 |
| SHA1 | b26c11f6dabb15cc9fc1d9aeb2f591b8f7f90fcb |
| SHA256 | b52cffcef1b6a9e762ce2da61e9bd9259cb5b078a3bba56325d957a86c4023bd |
| SHA512 | 1ce65dd55755daff476c4079938a8974c76eb5e5ee1c2f73f7bd1b3930df575b7c285ae5d0eb7e22c5654ab6d65863d9618a1fb1ebe909f2b685cdf54cd5774d |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 8bffd17147f5d5d78a0e67ee7803e311 |
| SHA1 | e3f51d6a819fccc468c011f35d5c9ed9ddf7049c |
| SHA256 | 6464d0381e987f0017acb3d9b096228aaf4549340d7ded5d04ef4fb16769d15f |
| SHA512 | 62a2cb39260d047bef6d2010914b88a342c9ebfe037c369c8ef6b990d1fa2436b0f82282a021171797d5c2b747559d41c7f34e793b24ee885067ee0ed6cfa489 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 0b9010912e83b8caa70c880b1064cab2 |
| SHA1 | e25eb46b225edd83ebb11759c3a49d3cdc030416 |
| SHA256 | 7831af375d43609ed0a58bc2a5a9be6e114b8deb7ec5b0e360c6590fb974f751 |
| SHA512 | 7188f102421d6f3f3fe33425346f798ba547c12d6878977b5bd50518e972cbdffb74470b726c3cda485a239b37833ff5e50d5ce7ececbc861d156a2367564f84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab7f05a1c8294a64d6bc3cd607e4a43d |
| SHA1 | c01c39699127ae0746c920c87d57609a09a1fb20 |
| SHA256 | 410a753d3e7699f957eda3b4518144b2b3d7c16feeb793ce796408d20399df20 |
| SHA512 | 462044acbbb5e8392e454c356071995fda781d5fece2b3aad522511e038be09b5bd72f4ff45a51c97aaebb3f81e67a1a7ce048a5fedbd91ae4f00c9b6b13317d |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | f3cc14776db43c58e88c454645fad976 |
| SHA1 | c4b6aa742d22294c6065b35dd90c1238ac4d11a7 |
| SHA256 | 01727336438387863dcb440ab739149d1875494eb3edc8327725683d60ea3c2f |
| SHA512 | 8bb7433560ddc690561c43c98c452612ffae87899c2d05be6ef1f1f1745bbe4870bdc5035e541366efb0620e67ad93c6175f1a4aa34baf8a9996fc4790107c87 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 036598238f23c20c8436dce2397227ca |
| SHA1 | ff59bb71ce5b966e1d6a9cd7723944246308c146 |
| SHA256 | b2df5b09f655ade1a8c8fb16dd2c9edc1a9f12c15e1ad0b59826e6911296c759 |
| SHA512 | 4ec6fd63fd0ab1fb023b3a74f3ba4347c6c1eebc47e429cb40f8b9bd7d0e77689cd47adf1a8bdd7ef3f55df7a6c0d07e1fd2479a6b7d895de892738a984a57e5 |
memory/7804-3080-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3079-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3078-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3090-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3089-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3088-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3087-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3086-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3085-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
memory/7804-3084-0x000001D9348E0000-0x000001D9348E1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 886cff23375aa6e3e6809df879f1e639 |
| SHA1 | d02ca80e1e965a0047ded22c655184195660d5e1 |
| SHA256 | 83c019bb86dbed80c3b3708d2ee46df5725d2204778948774ae8c19b70f4e4d9 |
| SHA512 | 74caa2111993a03fd32112efac212e813046df609c8f42123be77526492427401874c7eb0d9dc8d21e5b687c526e22bfbfd51423a3ebfcdc07ea815760b35d17 |
C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9d1ae29e454d29cd362b8fe9f0d392d6 |
| SHA1 | f351293c38ab12178de41dff5b0aa8bbfe2fdf97 |
| SHA256 | 9aa79d72f7a5f833ddb3feeeb4aa64aeccb0b614e1ad1304b156b71431364a25 |
| SHA512 | 5156f68e9801df224e0715c3eb08ccdd34f4496c4923569dfdf5988c73fa766ab353b0ed7ad6f304c4de24f55dcfc6fa1d0c4c71cf7ed9c84b0d62e57cfe220b |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\3hpxflwn.newcfg
| MD5 | 0b5652915a7fee593b7dd4e5e2f1acdd |
| SHA1 | a2629c22741e1774d6f973523c8749f89a4113f3 |
| SHA256 | 17df5b446179106296b49e20cd672ed0771c9df573aed4783c4143448f3eb06f |
| SHA512 | efc2ce1e4288a39bb29787fd8a37ba4a3c841c0baf29a508a28c66ccc0d540a676a8fbea6f8b61557507b8a1c16af8b806e11a18e28da23f70c3f59b46a1e2a7 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 7c3516d3e83c7598fc5a0aa0f8cf0b68 |
| SHA1 | e07b628982158621451fd07b6ce5d8f4f39e6154 |
| SHA256 | 77a43cccc5c99a9971a4af49efde65ddb40b459fe58a5bfb8f4c106089a942d5 |
| SHA512 | e05527dad07c75864895a3359f9b9724cfc5102bf22540accd04a8a2a0e90d43d7474a3df7d571a9d4b11d7ed0b5198fcedce589f71df7c51af4a37aee8e8f8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 756b206bc41013d2cc16ec2a0c460a02 |
| SHA1 | a51704d88054207f732bc835d9c7e1a7bdc8c3c8 |
| SHA256 | 232511d587faf89b65a6f91dbe36404486ff0f6980af05aaca6569b97357747b |
| SHA512 | 773fbee24ae9870f781c105e62a3e228d112605ccdce79c73cf331e4a5129de81b98bea9c35fb8a5c2d0e2f8c9d6935b198a0ac2afc7212289ed20a99be0a615 |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\user.config
| MD5 | 5d8a7fcb186ff0c0d0518021d528616c |
| SHA1 | e0096493291b121e0ab7e04cbc7ba1734e5a810a |
| SHA256 | 60cace242c707013ac5f3ca91c39740ec98ccf723977833665d96fac7d336eb7 |
| SHA512 | af620b42e4ec73216c87193d5d93c0efe8e86131a645bf12bd5a0791bd1fae67036fb3ae46d4ddee7bb290d4135de77f61fc4e9d8fb5b22c01738dcd612d5b63 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | facb9a9759aaaec64d4eaf2b6caa3425 |
| SHA1 | 025100734ae0ac06caba7beedfa7ff2176d5cddf |
| SHA256 | 24da3ebc091802463b6acc0ffe46856819b522952970c8fa842ea1c2644282aa |
| SHA512 | e21477d04b7bd2b3865200891094362a781d5ec2b69251b265c8de7ca4a01d1c249985d7996b945e43d9088820112b195ae9fe2f559e792e4a866e468855c23b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 67952eba595b586c175bf424523eeb13 |
| SHA1 | e239fa0609e1d5c5fb53fa5ba7862ffc0f50290b |
| SHA256 | 4ff4aac20a3338d829cb09e98ed8e50bfd5415d5e86b058d0696a5c1d5592ab4 |
| SHA512 | de716dee4761cc7092ded75ac69a4c94d22bfe03fa0aaf83e307c6a7c8c155d3dc3b10e6e0bc12239027f04375c07b1ee711b132ed0b80f2a1c4a638e7bab46e |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 9537771261558a7cbed5467095044ba5 |
| SHA1 | deb9ee5f884dcd5f717feb81fa3a58c7e249e766 |
| SHA256 | 8c02d970e7ec8e08e4566bbaa434b588e941a95e0985971c187b1bcbd7434f0e |
| SHA512 | 67869160d82c4bcae0f266539b700064e71d603e002c286299127a84df0e50e9af5a721b40edf4e5a61c9ee9197572d61065bf4d4eb02ec5ab1007563ba9d388 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9047dd1c22872c5d3da501286b765842 |
| SHA1 | 7bde77f3de39f8324ef36ec00d5eb25155bc670c |
| SHA256 | 979119b6646df53803af1df7f490596bfbc401dd3a515bcb0d79da97db38be09 |
| SHA512 | 791d84c76d13172693747e54e8595c9783843625a0b5b52aa364bc62c029cfa668b9b2e941f485cb6bec3fadf821953dd7148dfb2ade70de272e1f2a61636442 |
C:\Users\Admin\Documents\xvirusAR.doc
| MD5 | 322b33205a930bd4fc9b23b4e9dceb35 |
| SHA1 | 80a87948b9321298f3c9da6cd89c4767021a55dc |
| SHA256 | 93799737c9501a445a63dc6eed17ad714c7695f2f5d0786c20b8383f496bfa8d |
| SHA512 | 6964dc2e7a4d2028ac0db4fcac8a4aa036c67841c427afe05749e41fc98aaa5630b44479ee3bbd641777dd29ec433f4a7203877bdbac032a6053f891ff49fe5d |
C:\Program Files (x86)\Xvirus Anti-Malware\currentlng.dat
| MD5 | 78463a384a5aa4fad5fa73e2f506ecfc |
| SHA1 | 649df08a448ee3fa90f3746baaf6b0907df42c91 |
| SHA256 | ba118bf7fc9c1aedc1edb28a0aa86e0b43b681f222af6616e13c43be87815b06 |
| SHA512 | 5a4acd4a4031752345b08526d089f78613752ab168d089524052e03e1da17df5b01853bcaee4c352a576a4684ed0b8e874e7665a4c19227269c8a6688d7d8660 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 88268014010071b45d07ffc0ec5d4ea1 |
| SHA1 | 5c3d77abd17eae3e705b853a985c97f54fecc738 |
| SHA256 | 91050b4a3b6ae28e89f0627499d7a53c4ec304bbeb54719782be4a3fdeae66e1 |
| SHA512 | 992d8ff466bd098182c925d22f3406a3814345bec997deb743c32e1d0ed11b741fe3cbee7913c13cc61285c5d4c4780d3a44d7247c468548f3489339d5fc7df4 |
C:\Users\Admin\AppData\Local\Temp\Tmp4F2B.tmp
| MD5 | 880d1ce466d1bc8f530dcc30713b329c |
| SHA1 | 918bf67df54e12d7bcb467d78d6ad7c79a21df25 |
| SHA256 | 55ec32e302dbb50c530c0bff5d18c5a38f629d93b312053867d43e3b04b84517 |
| SHA512 | 346cfe5a276fa89c06348c17356fcc79ef0451a7cc7902d927b2ccd18aecf7ed353059437d5e66bf0301c596e92d3151b1ad42aafebc70c847cae0278eace8d2 |
C:\Program Files (x86)\Xvirus Anti-Malware\database\dailylist.xdb
| MD5 | eef1f449a6e43d8c9c3fbb0b5c0ece71 |
| SHA1 | 83a929dd87980a91f02c2ba196bbe0bd0cc71b65 |
| SHA256 | 71e56e4e835832896cfb05c525d9a48312f42a5db62c4c27c451200fcf5f0da9 |
| SHA512 | c6f843d1a42865921c7bf807fc424896892c32b5046535e4bd951f6d81c5d4dec981b764126a8d10d68ff692c14b5b927fc931e73c142fd81f376f9131d8544d |
C:\Users\Admin\AppData\Local\Temp\Tmp5047.tmp
| MD5 | 49d01d2bb54cc8ae70bd59e699d846fb |
| SHA1 | 7edf56b8de4ac9528c00621671291125a5885827 |
| SHA256 | 18f4d98ff0638cc308214ca4e22530bbbc95054206f40513cf51ef4b52896620 |
| SHA512 | 39277022f55b93da13293b40260595d949df9e9507603187e11c1f1429d0ced8e86bd651911e4b1a7447beec54f8205169167f113f167f6fdb8fccf7080b793a |
C:\Users\Admin\AppData\Local\Temp\Tmp50B6.tmp
| MD5 | 7a3f40989a178e0836e1b2ffe7e2f0fc |
| SHA1 | b34db2b72d63f33dbef80fb30e094cc0a91d6322 |
| SHA256 | 28969cdfa74a12c82f3bad960b0b000aca2ac329deea5c2328ebc6f2ba9802c1 |
| SHA512 | fff202f312fd00eda106601b2e7abeafe3edf1395753c76a088ddd7de34092dbff7bf054053f837abe555bc7bff7f680cd1ed22bf83b476b6c1812b61fa602a6 |
C:\Program Files (x86)\Xvirus Anti-Malware\localwhitelist.xdb
| MD5 | a3c6d5a2c50d2223733d8eb9b346b3c4 |
| SHA1 | e8f001970f008d214dca0f48194a4d6c396dd455 |
| SHA256 | e1c2b886533f90fcfa26b3bfdefd499736ef9bcc100243e9b0e96e9ef79eda82 |
| SHA512 | 7bf477fd609908c0901949b427ffbe0e7e44f7f75a39f09f7c0164758846ae3a0e89e5a8c5eb88899856f04305aee9c558402df0828381fe9aabb5a922974523 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 7ddad6ab6f08828a31caae5e31f42d65 |
| SHA1 | a1cb88648c202c1f2bb7a68c6222e1ce9b179192 |
| SHA256 | b5328554b7b5ddc83ba7357229e0fd8a25ae503834393902a465c39908d759a1 |
| SHA512 | 5f7cadc76dcbb03c4cdec336dc3d88038ee47c15fd1f2623d5d1e27690f955c5620787a39f80011a0a9b07185e765d557cf5f20863fee8e8805550df656d857b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | abff7c60ae8822d24caf35fb2d334999 |
| SHA1 | 3a5d7fa53bb3e598566c232da75a2f3a44fbbf7f |
| SHA256 | 13973fb5b9c2d5247716a0efc5b4834a7dbd2917fbc0540a350d2854a98899ef |
| SHA512 | bc99b4b34a112fee97ab35e887d9801303863afa50c5b24ede19b2887447ca8bfbafcf90bc31d1159fa5f4e345ec5a5942505e1cd2c6a052634e5e7066d8cdc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2395e95d6dbbb2c941419c3951d40e9 |
| SHA1 | 7bffd207f8253bbf508eabb3a59bcfbbb7c04eb4 |
| SHA256 | a57e495e64b8b0cf55845778a5cb8a0527a20066507dd192861bcf4a5611d844 |
| SHA512 | 809b6fabd218fd659eb1dc3b0932763ea29834c1d9bb36d23fbca57c6f5a7665cc13b1557288aa971e6e4467af192abd3b8d0e816064fad0d08e6642ab30e4de |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 1b20fe7fe439f22d7f60b276f6aa7abf |
| SHA1 | 364fa9f1dfac40ff1ccbf04f98526164f5874934 |
| SHA256 | 21730f6e5617139c4f8f49f2c44691150e6e3b7adcc5d0bfc905b9add8823d6d |
| SHA512 | d9777d23269cf0cfd9928472f611f29ced01844ec6420f4524ee859eb734992466c1d9999cc9ac03c31af89bb998a4ce8e804277dcb615e17253d52750783da7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5b919ba669db1240b6540f3b1872f8d |
| SHA1 | 4fa4d5e192aa1b76842f00cb4e9c5c2767808fd3 |
| SHA256 | 8df09448ff0e65c82fc56ff1798ff1fce42cb31d5da945757fe84221cbc9addd |
| SHA512 | f8103219c84797d165eb9f53655ed95d05df52d7b667cc40d20e6fcc129affa229f3e03cb491932a76f03a511615d569ed19a67af49589ebfcb475db97412050 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | c8ad04f62b4c4259be51ce4f21982171 |
| SHA1 | ad01e57328a2167cd3493b65c5a489f700bc2701 |
| SHA256 | e2255d01b7929d4362de90186f0da838999d43bc24e0254f37534047ff2853c6 |
| SHA512 | c102d911fd9d594e3dad854c4cf8c0a4ed46635cd80eb43081dbfb475052f38524acb1033210c8f8b74bafe0dea4cafbb76e5195686df16e8fad918c8f01c32c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 86046ac1cc9a6827ee92b22241d3bfbb |
| SHA1 | 5241f1af7c57991533393dc3a5a288c8dfb4635c |
| SHA256 | 79949623157c767b8e8096fd357a42d1df8f5926134e32e3f557948a9a0eb8b9 |
| SHA512 | 0371a5074591acb48d33307ee2eb46bba027c537c4449839fc93bf198b9791b4ee04b85af961ad56aa9e539a397ce8d4a4adba652309a51af249764de2c90cdb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31c564f9febb19eaf01272c32f1829b8 |
| SHA1 | bca71337a6d27986df264550c947a2ad699fc3ef |
| SHA256 | 970544839daf6cb9390fd4fb1c0bf970bd5d1a0ffee38b7ca80effaccaf49fe2 |
| SHA512 | 1439a383cf6075be8dc85a4949fd46985d837170ed5f22d139a1f7a196b1e016febff3b38e1aef5fa5f6d55bfb6c21e7afda37ea1dfcc5a4d27ed3dd9f06164f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 4fdd91f20c76536ab4ffcab7c9ecf777 |
| SHA1 | c3238eaef5ef0a48a26006026a40b4147371628b |
| SHA256 | 94438b3b722db271e08c36cc9e4369bea25051611a37295b5c25423b6f7250f6 |
| SHA512 | 3fbeeb60a70fdf4400dc050dd00cf23ef5b361391c16a1bda2595e25e9fa80490a0cb195ee7f3139512d7e83101aef1f0ce4ed8931dee11ddccc51c960a3fc2d |
C:\Program Files (x86)\Xvirus Anti-Malware\database\reglist.xdb
| MD5 | 581fc52a4747cde5ac82cbc0326ce1af |
| SHA1 | d4ec8e035adfaffaba3a1a0e32745c5b000be10b |
| SHA256 | 41fba7fb50bb1ecb798d26c7d47d64e331d8acc42e31759a0ede169ea975d046 |
| SHA512 | f5d9ef7650cdd57c7c7358c19067e9a909adadb2217318328c53e7917c12bd0787b4c1e613956b3b4dce731bd5c97806d292959a943a62f7daf5ec08afd83581 |
C:\Users\Admin\AppData\Local\Temp\Tmp1FFF.tmp
| MD5 | fa1395878a522bcf722dee5ce8528bf7 |
| SHA1 | d08267e28ebeaf81b86c4630cee85fb9638666bd |
| SHA256 | cb39a4052bd6e8223f2818ac7c853837ad2e6310f4ce3ad2befbb1b1c6bea780 |
| SHA512 | 15fc67b07eab5d83db2abfc819d18903dd4b60f2677eb1c498b1b58fa392bad882654a0c106830e50de8f99b58cf1ea592cc989a187ec5b09a09028083ad06cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7d82e2fab76ccb5d1eb8fb1e61d6243 |
| SHA1 | 71a7b4abc0903222b9026fd5cb730170bfec5141 |
| SHA256 | 88a90521e42d7cb29b630586406810144fbc2445358133db2c2c869b8c8bc0cf |
| SHA512 | 55e3edc1afb81eb31f10d9e1bde2865c7288fe1efce19b81d05f29d363a6e58a4fc97ef2dba662fab8a64b4fcc49d7f641a99d10f15e69907579dc0cd57365aa |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9c5eb12f591e8edc9967b9f67644fbcf |
| SHA1 | d4bcb6111b80598fdd9f97fa9fdfb6d38eaae5e3 |
| SHA256 | 5b360ad93f594c84446e4b73f6e971c0dc1006f28dad86ddcff048924dd51cfb |
| SHA512 | 0c7439bd371769c6c2c7815bd5a60545ecf88ac9498e7d0409dda5459ca2306e207dd2dcb9b4112670c8e3ccfb09d42b0c751fb5a3f1d9655ec92d8613525bdb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 62a0592922c932c13ff20de96fc7fc1f |
| SHA1 | 387122a7d148d0af92159e107c45f378287e125b |
| SHA256 | 3d992d1feeccd8122487d859df0a993f090c7e4a60e7883de57c5cd611f696c4 |
| SHA512 | 98f833cf4ed4e4a2c789610fc2adcc391b1f35310497676b2959bd7be6a522c2a06a9e9c54a26de7b31fd1d9d5380e7ba38afae7c7d4d0ea6438255c6153528d |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 1148537b2e432350f8dfc2683b9bf574 |
| SHA1 | 8fe2e4ffd9b2b2c84fd5fbfcca3c2dc353b67519 |
| SHA256 | 6a52c55263d99285adb0517798335fefd1a56edfee60ff733d05412b9f31a157 |
| SHA512 | a9aefdd7550badb7a2a0acbc1ec182a8326b98f9a139ea6e041a3d271ad506811c5e889c428351c474e12d9f45054e6c846a421d0ddf9f9d9bfe3d9e28f8f5ee |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 0dfe38d392727f96903f03f681ff71c1 |
| SHA1 | 5fee9d6625026fa602f846e823fca6b40cea0edd |
| SHA256 | 4a61ee3ec4ee5f6b1106bf21cef34929d2a24e843f031b1c3e0a994d024f7b13 |
| SHA512 | 3b4bf2aa45a3c86eaae53768182a5fe34f974ebbb46234d90c0dd0cb0d47189c8344cfdf8b14835bad55952027b786f027a729df8ffe3ad58b1735ce8227f692 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbc5ad08f3302f1b6ab693e264bb824d |
| SHA1 | 4b25c019830fe6d60f99ef0060e18b672eb0199f |
| SHA256 | b0b0b26a40b66b6c92c52724a59a454423d270b2c95f42a20001671a60f786bc |
| SHA512 | c13fd8402a7fc9771a602bf29d51c6ff04e27551892d1bbb4faefbbab516faf79aad4037b2362b8c09d6e62c5fca6c38b7afb20e850a9445fb96be96cf59343f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 0d14871f7ca7165f34dd157d209f4457 |
| SHA1 | 5594a1c0573dac85ded178e1bc745c8482179818 |
| SHA256 | 9fefac70edc0adbcf255841652b50509afa904b3d66a999f3af6c17e524b20de |
| SHA512 | ea1193feaa2f67a438477d74ac3fcb6e43bcc9444e9f4aecbd90069c9c1e343ce254c4a5db1f27d6b919321490113a29f93fff42a766cbe811dabde339719d80 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | d3309d394b5732cffd1b642b6fadb98f |
| SHA1 | 83b5f4c088357398a3fb29e78345591f781b8bab |
| SHA256 | 3af6660fdc39041c31931829a362f5a84716a9d400ee2b26fc4573aad846298a |
| SHA512 | 4b3b4aef687551cac11818f2d32c9597086f805685417abe9c845269bf5fbcd1668c05c6c52ba94e132979f9b40f3bf255c0751c592b47fa2d7bc3edd9cbcb65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55727003ef2cf8cfca4582b4833790b8 |
| SHA1 | 98cec891da14d8ffc7c2464a7e91801de815e4b3 |
| SHA256 | 899ae5fd1fa8511dc3513515b380163b3e4daa061b9a32ca15efd1d74ab85dc3 |
| SHA512 | 87d0ebc64e7f88f6c6c23b9413dbfe240ecafad916282a6b867901080c03e960900cecd268db480002cb736e4d6e1aeb4960dafb260cfc9ceac07dcadaf4cc77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e
| MD5 | 0e3d96124ecfd1e2818dfd4d5f21352a |
| SHA1 | 098b1aa4b26d3c77d24dc2ffd335d2f3a7aeb5d7 |
| SHA256 | eef545efdb498b725fbabeedd5b80cec3c60357df9bc2943cfd7c8d5ae061dcc |
| SHA512 | c02d65d901e26d0ed28600fa739f1aa42184e00b4e9919f1e4e9623fe9d07a2e2c35b0215d4f101afc1e32fc101a200ca4244eb1d9ca846065d387144451331c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18c9a2e2fb96424531e96af64381e8e3 |
| SHA1 | 683a74ac8edb9f8d32e7fe9199ab06e2a1d38323 |
| SHA256 | d15eeceb533380a7d2cbacc74a623aaf6b6bc995902df0bfe9af6abda7237c33 |
| SHA512 | 8322ef4de23fb565ddc6c5643a5bae79374dc5301edff4b3dcb5f06c35785b8b9efb618a09f89fa9bbe69d78b252812cd21ec54fdebc2a891372c2b33a49d3cc |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 268ae0a8c7528812ea31efa69fd73d1d |
| SHA1 | 15ed5118751ddc653731c268552d71cf389df7b2 |
| SHA256 | a58be55ead8fbb95aff15c45ecb35f208004fe3b2aca59c6c501c86c919539b7 |
| SHA512 | 8e0e737cb234a2d02ad1af5230d0649edc379f821bf0a9cd7b2aa16a24911b3c0ed286a675d38fa3b42c16de1637f4b05ec606fe377343dbd438f8fd39cea9cb |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 9459c3f0c0ce6a712eb8110e5c638d7a |
| SHA1 | 7af05a530decab9e7250aaa6701c64514dd2d53c |
| SHA256 | 888b99ca7d2fd7b07f662041c00aaa206c099559c718eb8ab6d44ce936130c3f |
| SHA512 | 1e6de13857114066d1c53577afbdb3b219c6e7452ee179afc739ea5d006df0eef389f73a71ae088a558bced929a0ae88561fe65808bdf50478a55dff9a1e7f84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de0630628e0ec52738785a8620d35bda |
| SHA1 | 84bc0cab8142fd845eb9abaae1cc798832db07ce |
| SHA256 | 090ff3a37991e1b28ee2ba1e45a9a88638e0673b7d9acdf05a70deee0fafd61a |
| SHA512 | e6db373547b69a179bcacf58eb2c095aef123ef0ccd9187a59867cac01153b2b16748f131572dcf8c5aaf8e737e4733dfff0fdaa192fa38dce5e7d1ea469a382 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 645122589bbdd9cc4485a272f1e13aaf |
| SHA1 | 537910e59f0465ec0eb9a33c3684a0949f2d3ef3 |
| SHA256 | cc5472777c0ff58c10eff1d0e9527ed24bcaa51713d7cb57ed43bf639193cfcd |
| SHA512 | b617ec49bbe525eb4623a762bdcbd6d41e9f2cf599bc6857b073f569d329d7eec986447f24c48e4a94d0722bfe7489773b0d67a546816343e6950bf7758bce10 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e6521f44d25de0aa8ceab0adef0c6c98 |
| SHA1 | aa9d12ed42d095c6b6c7bb516f3eb5874494d309 |
| SHA256 | e977931ce46974e116b13514d844ca002833a87023388a2ed070fc3ce0d541ef |
| SHA512 | 5469c4d74ac5d5d52271944c723c010540a86b55ea68ad37533f7fc974287da787b76526fefb1ff0418d8ec7890fb33203a0127ac98720f83615a4e6f97c1d93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | afa39caedafdf49d43dc297b3341c752 |
| SHA1 | 23bdd86dd81fa7b89eb727c4fcb20837626fa085 |
| SHA256 | ac96f3d6ddb3b50582d3e3b82df64a33c878fda75615900ac10048a1445eafb0 |
| SHA512 | 325918d4f8561d11936f8c104b285ae0503dd696336962777e623b12b0c6c9fab2e492d656a920a57f2eb0694db448d48ee80e5bb27f88d788452af0478832a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f347d93d3fcbf2281758e12be3b5f067 |
| SHA1 | f1957a2aa80dae7ac3cbbcae0a8fd640e4809903 |
| SHA256 | 225f16a463949c44a228f84cece7833838509336f9d2fdd0e62eadda8660ee66 |
| SHA512 | 0b92cc9f3017735c22331774d44bc602d5cfbf3093a45ba1b06d75a84689a11d951c08cd34418a39282823fe5cc396648779f55c6ddc01d5529b3e9e46c118ed |
C:\Users\Admin\AppData\Local\Temp\Tmp5FE6.tmp
| MD5 | a0748bcf69ad95b84bafe3992013b4e2 |
| SHA1 | d2849c2ef107c41b070c3b1b21c3396591d18059 |
| SHA256 | aac59adff9b197f6707e85f4704c654fd60a97c3ed68ee3e6e693e91ed8f576c |
| SHA512 | bbc5460d8eed26488763ac5c564fc38ab83ac94631767282d3db727451fb7736d805fe4c21113cead5b723c915dbbc23151672442e186ced06af0f78d8da5dd1 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 08151f7d35af5e1fec822e437ecfe7bc |
| SHA1 | 49b592878d1a4deb2ceb978f368158d76eb73942 |
| SHA256 | 570276763845671de3b37244a808d31649011ffd5a030432ea1bb9450c0f06d9 |
| SHA512 | b790876f3e483b15a83f724698e5237e125b95e216d190febed9708692920561d07f7d7007518d0525c81d23ac34ad860fe131e9800de3b2c3fa37b56495543f |
C:\Users\Admin\AppData\Local\Temp\Tmp63B0.tmp
| MD5 | c45acfeba919eb4b31fac76a8bde8660 |
| SHA1 | 0d761db561d186704dad45eba83305f1fadd092e |
| SHA256 | 1b591a3232a16f394ba15ad5cf847b04ce94d60eb2c053dc50c0c544d8bbbd42 |
| SHA512 | b844ae974fcfa7a1a87cb32aa9554b33ad09abdb0328ae241966be6b19677517380f6cf818697b3e70bb7a259ec6e0da37fc4dde6effb59cec0085a5bc215f74 |
C:\Users\Admin\AppData\Local\Temp\Tmp68D8.tmp
| MD5 | 77d52ba4dfa7c0db55f2d6493503c923 |
| SHA1 | 843bbd5e823e3063f856351746868495ebd08181 |
| SHA256 | 23a18681a4a277b9bdc2af37033c7783497a224baf9209ef2309fbd52cf6f053 |
| SHA512 | 4554c2a376e7d72348e4bcaf331781fe11b052e55fefbff972c21c69080cf152fca805e25424b56ffb21dce8b61073dc7bc38e7dc71c63d4aa669313c2ee8841 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\updatelog27-10-2024-9-34-35.txt
| MD5 | e5c24d93ef66dd3bb805618dceb477a3 |
| SHA1 | f13ff17d8931cabf8070c12f203d182b0dd2070c |
| SHA256 | 11cc46c2be7d6e53b2c4b8cacb0be9d6582cf4505c3f5263cacdcbcca19f5232 |
| SHA512 | e3f09f5de15e1d2126bddafad74b254c970ff1bc16a03a7ae839ff387d8ba1955e3abcebff6983bfd062db1a5d0f4fe405926cf22ab6b1bc49995915518c9985 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058
| MD5 | 3b5537dce96f57098998e410b0202920 |
| SHA1 | 7732b57e4e3bbc122d63f67078efa7cf5f975448 |
| SHA256 | a1c54426705d6cef00e0ae98f5ad1615735a31a4e200c3a5835b44266a4a3f88 |
| SHA512 | c038c334db3a467a710c624704eb5884fd40314cd57bd2fd154806a59c0be954c414727628d50e41cdfd86f5334ceefcf1363d641b2681c1137651cbbb4fd55d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b
| MD5 | 9861a206357e3d6f815ad89865611ee5 |
| SHA1 | e7b21cb7c33e252040c160f22a99f91f025d89fe |
| SHA256 | dc9312f657eb060b4c9658b536ac6ba53a4030a0aa6aef626b7929461455c7e5 |
| SHA512 | b16327d0e3293cbf17d5164cde0c0a51a535d754741d6c421ce38206ea1024118f4b075803f9b83e1af400a97096ad33b2e624a1fdb13d6341944cd16dc1c6fc |
C:\Users\Admin\AppData\Local\Temp\Tmp72CF.tmp
| MD5 | 2ddb2963f2fddb480d99bfa60c0accaf |
| SHA1 | 9d4c1cc30fe51dd85b45f65c54982feb889397d3 |
| SHA256 | d88cc84d5b1c596bc62fb44500efc9d3785d80e2080ffd1eb80b9a31b073e136 |
| SHA512 | aef63f4e574d26aad510befbaf6d5103338ca66131122cdeedc1fb75f388e1883eb748e53974d971426a16058699850d8547ea3d0601bf29578aca72ad76eb35 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-36-47.txt
| MD5 | 30d4379e3f094283e775639cd8df511e |
| SHA1 | f37fe686ad1aa756cec8a5ab2e1177970bdb86d2 |
| SHA256 | f569a6e013b97a982a2f3a3a81f21dee461ffd733632dde1cec872178d68c4fa |
| SHA512 | f72709ee58739653beb33061c4f50430c0cdbbaaebd652d224b75cf296d562cafdc56a1d72a12198c14f4a9ab81173bfd56dced3a86cd96b2c4959b8dcef2625 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-37-08.txt
| MD5 | 3ec74d0bd38aebcb59cd4ad07d2ea3e5 |
| SHA1 | 817777d3665219b933a48e84284d315e058e8466 |
| SHA256 | b44525c6cd3efd90d1039494c141aa1297d30e8b250c1e1e554a40f060eec735 |
| SHA512 | bc80f4ec6ef51b5627f6156c1d58cc8f3ce9c0aae39de1570cb3710acccf00dba9b4c9efa28376c8f355acf9eec0d2e4c090296c96dc0cc6156073fa9429554c |
C:\Users\Admin\AppData\Local\Temp\Tmp730E.tmp
| MD5 | 9a05f50d632a171921fad690687f53ac |
| SHA1 | 691192672ae2b0b6f15ab94d715401ab783183bb |
| SHA256 | 7e23a31ad1c1d5057181e8fa1e199be87a4126fb87a7249989c86ef5eb4ffec8 |
| SHA512 | 949f8ab067489c46002f38f38b86aaf31e485ef57f881643274fb95b2c5877b6ae6d9600d3908f29b1ad3bfc29768dd6172c257884baaa8c138a3a225118e4e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | febc3cc76c42f6ab4b9a046461414c2a |
| SHA1 | fc68f5b549d2b6e5e4b50216588cb8a18265c12a |
| SHA256 | 7d3e2a785dd52221bdaaa389e81264280946e1fefa7cc6bb7d424ce8ede53ed1 |
| SHA512 | a0de00dca604056b229c876a03adf26433b3cd72ea18e6a815e76030719ed90dcb42fb9118de9fd73b1c6fe032a6a6b2c72b53ae426c76a7ee3b2cc57c6090b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 504d15333ac58f69efa1685ae617fc68 |
| SHA1 | 7e006ef594533ddc58eb8b6560b8537eb0d3af6f |
| SHA256 | 967f3fbb4b7265258537ca29223bf83f89a264910644044e9584565b01c4cf2c |
| SHA512 | 17ebe5853fa84709d7a7047734b9e23e9cabfd16a2efd4deb43be7669a47516bfbbeb3609daf4ea0abba3592d48542e8109bcdfbec9e40f43e626bebabf0a2c5 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\84KCLP1T\p[1].gif
| MD5 | d89746888da2d9510b64a9f031eaecd5 |
| SHA1 | d5fceb6532643d0d84ffe09c40c481ecdf59e15a |
| SHA256 | ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 |
| SHA512 | d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e1015412ef234bb2c4a9a453cbfe46dc |
| SHA1 | 34247c5f6efb4af3df9265a799d772cb3517d3fc |
| SHA256 | 2b33168ae1c7ebfda606a962a3c098931d7785bc36dc5f6611a13139f6631fc7 |
| SHA512 | dd23f18c0fc7c995abfc1f63f70fdc35b7258f62d3bc67fc358a8d7d8e1ed910d3ccd136753fada32f43f96283ed527e53f7a939a44907d810e2e00e2a8f176b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67f32cdb7f681e7eaeb8c83ba6147ee1 |
| SHA1 | 817c8f1fb4072179b9bf12c083e9101623e3c874 |
| SHA256 | cf5684c4dbda54f7761c8ebe05c65bd571e844de91c8df00d1b0b3faefc9cdc5 |
| SHA512 | e94d6884f66047dd6c0692eefaef9c6bece7672e4b9d84de93cce650fbe6b7cbcd72965d61f9635f987161119aa54ef57b2eaa087901a37d79d67294dfe1f47a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2af878ea6a19f0d6417a9e1d944e0ba2 |
| SHA1 | d3dccbb246a53470923e86340ed86f88d172ba5a |
| SHA256 | b4863ad5dbdf6c622a8e88accd59094542db6e4d3d1a783486243b69eebaa4bc |
| SHA512 | e3534bb23a9e6d959d5003cb2e7f558cb865f7a621bbb265091b7821914578e47b0508244adb80b34a891ec6c486933a5ec180befa357ca986c4c98fab34aabb |
memory/6180-3969-0x000002DB93F40000-0x000002DB93F54000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d3ae23f97b75e8f7d754dcfe6b938539 |
| SHA1 | 3f84d69773013bb2c9d7a3d12dd20e809d7cfd8e |
| SHA256 | 4d9b1fa547b9a713e199992065907ec7925b670285cf0e208d626dfe4dcd605f |
| SHA512 | 045aa5c1f7b411821aa7cddd91cb8294d0c81a2d2aaa5b7ac458cb4e386c76890a75cabe86e5c1a623565343259799b8d944627f7e6f368cdd4e23ddd9599ce1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 942005daee803d34151f99dec8f6a880 |
| SHA1 | de3818e9d71927350ea512e8f72681c49bfa403c |
| SHA256 | 2df22e6e3935621cc73f25cde1f329ed6e4c82b7d761a1af0aec9bb1e983a78b |
| SHA512 | d9e089fd5c5d4bd48bb00265a062ce2eab036c8d82702d6c1e7d796597b40b59cae6d2f76394f685e6ec0a1832b8015dcfb29a0aa72059915fe0b0c3928ed90c |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-38-28.txt
| MD5 | 18a20c90202e8e8a7c2956a57a3e4643 |
| SHA1 | 5eeaf630d3030fe8edeae1e4aebb0d4ab17b9a56 |
| SHA256 | b11b6f3ecd792c17f87931e1863d5104151e31457b0c99640df87ced7500dc08 |
| SHA512 | bd0a3e171fee609f50cd7b2c9cac8f5552e286f753e076d1d35cad4ed07e84ab166c3d70e9e77622af931ea2f8e3494565791ce85e138f97c07c2a6a7134c326 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 623fc34935cb055ca75c1f126feedaaa |
| SHA1 | c9b4bc912271ec86b6ffda8d2b788d7c248069b9 |
| SHA256 | 05d9ad78cc632992ed4add225da8e60ee6e4fbd20465144f907cea2c61faf003 |
| SHA512 | 2ebbc78606199aa56efb9594a110dbd273b894370e2466f3937141151db00e48b4fbc6a3845c67aa842974d45e3982d0d4ff59e4d4e45abe0b4c8cfbcbf13674 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | 565e029e01792b778bfe6a0c24f2308e |
| SHA1 | 50dcda6e9ddc819bbebc052eccd61b66fd6c3275 |
| SHA256 | ce07bd402fcec563fc16c3e7d82ecdfb4377028ab8bef16ea81b8b9ced3098cc |
| SHA512 | b426f5dce73a721a404cbaf4cf3697ca67654aba08b93e2cf413db7121a784fd3b87ba77f659a2c2582520cfcd967b7394c35ee6a625e79f61afb28d2a1f2bec |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | d8afc348f512fcb6ececb14d7e194f8f |
| SHA1 | 3071e98779aca3d1accdcbc48105f63e6c5869d8 |
| SHA256 | ccc36474b1227b16525aa3fe4e4ce54becb7f28cf2cf62b0d55a41c22c677afc |
| SHA512 | 04aa8cf04914c429cf26870e3e731e8d6f626b262611334ae386ec414198a364a870e8ae5975ea5b633c9a1572c1388cfff3c94cd2c8d84df575a013ac268fa7 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | ca537b74614af1bc5a294ff3a96fa437 |
| SHA1 | 6c793f478686fdccef0bb15e091f57651a85e8bb |
| SHA256 | ee9706bedb03c3c355dc3945a6fee7e8a2a58f33bca975db878532e427577783 |
| SHA512 | ee1bfebda5aa261a08bac0e6b33721e4a488f9b0e2928bad08ddad724a41e9614366482c99054fd852e6ba2d4db78d9b17624c2b353203f9281cce5701feaa1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 193a00ae00e5ced58f57c2b9b44403ed |
| SHA1 | b8355bea682fdcdd70e4dd5bc616e4f894b1538e |
| SHA256 | a456216dd90091cb604774b6fa6303b87b3a2764cfe9e3a2957b8a5346e746e3 |
| SHA512 | 4df40f2969fc5a855d2a2f58f3f4648412391ee1e1e9954b7af3b28c78e5acf4ef193eb587eba736f400c7cc6dfc3c170677e108e3e3a86ec4e8abba57b9748b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 4135a6e8632fdf46f16f4e5c9b2f3781 |
| SHA1 | 9b51723257f5bed0058cdd33f8909e9d1966ba4b |
| SHA256 | de8c17a33e1042125d191d3e6967e5988aaad1da36ea42b88267751e56ad40ad |
| SHA512 | 794b27cc2f033ce6036788037da37a21a3d7682d8c58971f81c71a71401149082ef860662ed3295a1e42bca7749bd4cc015d0cf897cd838f3daf2c85d06101b7 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 6c3f38f6a5145a197465b93014914fdc |
| SHA1 | 7be3159a48202ee9f0e71c334ed54a5521b7e1cd |
| SHA256 | 3bdbc9b879c34c0553174444d10220574382249bd4821b82ebdd76a08498d809 |
| SHA512 | 989f52770207eda9d7944483cc48760cb1d630a8d5cd531fcc0d2211057ae2bdb3e22f0013801be3a4d5c90a6e8c2e59d131754171bc121fcdcd71a1dc14849b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 7f3701cda9559554408216a33f5c0b26 |
| SHA1 | 0726a9c436e3b4f5a04c1c74f6082197c85fa98d |
| SHA256 | dd0751bc5e5b3d11e91785e7e292461aa0c9c4657a6a97b3976d5bc9e57b308a |
| SHA512 | d26cb4b377815267d1a05a9379ed26d9dcbd9304718698ea7b3aef140de5f09c1282096df1c073cd760e457ab7e052d103b1cb3d04a7d3c2c4672a846147f9d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 331a339d0bbadc9cd5d0694c865a2d1c |
| SHA1 | 6b660d777d8586377a000d22b9effcdcd791e0d3 |
| SHA256 | 1916980020b3b587a1a78721c936567fdcc05607f0640472d9da07df6e596b75 |
| SHA512 | d937241090c4afb023a86c9ac89503fa40f936ef9707a2f0c38553c4579e63930819549a7bf65930e45a71881ade988d8a4471945195192fc60a2be7916713dd |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | e1215afa5609a58a784680c3f81c7a7c |
| SHA1 | 55d6df8bb4481451f08b92aa6eb627a42cf7d8fb |
| SHA256 | 3a2009a0caff7790a81895f29853047dacdfec077c2e451c7082594f953ae4a7 |
| SHA512 | 57527e66300622adf5c5d99fa6a50c947d977c590b0fba32d39b89b15ccc1db26272ce555dea02c186288322eb9ac6bb8be5e74c3a0227d08d947ee19bc69826 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 61d3bd90872ebe5ab50e49face821db2 |
| SHA1 | 4445e74e29b19d2c9620993d651c54eabe979a4c |
| SHA256 | 6713ec871bada86cde6f522da9c8a14aef3bd800170307f28c97734e1617b5dd |
| SHA512 | c45c99023138907c0db285340a4fd93a0be39050d829ad2648bcfbc1fdad0d73fdcb469c83263ccd8ed765755abdb71d44b98438fb3e85b6bc76ebc11f24cb47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c8601e68dc9db3f6f01e2ff87224a5b |
| SHA1 | aa1a2af4b02da638be16c7f9b69bbfb160040c78 |
| SHA256 | 9e95c0a16f7bdeaea0fe356f05964b5aae83e5054b8664301d1ba5283b406877 |
| SHA512 | 7719158be7e6a7a849557c1c517ad1d3c162f4785a72dad82caed3643ee6d428770bb59f91c054870a2eee5139ee378308e81adb5249a4a2738698591ccb76b3 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 3800cd48cf8432a9a302c420f1223d6b |
| SHA1 | 8216b7c58a6aa52ccc4940d7c311b5717bb03cfb |
| SHA256 | 0093f126acfb73c672d5a153d9f56e923600e69f3a2bcc14d1096fe5cee7ba6c |
| SHA512 | f9ab638f8e252ab07e33b0c4ac364530336d88d41b9a8695f4ffb756fcb0c4e30efa3d32472aaee08e4b2a6b50d707bcfab8ef3f58f03051fb92bac13f5523e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dfaedf0b250a6c09a63f633e694dec12 |
| SHA1 | 333bf67848c00563cf557ba635d3d1d98fb3ed75 |
| SHA256 | 1126d6f8f6fc6c53c72b03b84155830a9efd9211abbfb417a5c59dc8cf652778 |
| SHA512 | 4804f0205014d9b868a1a8440961f65eaa47a590bc978f0687a6beb4733d84d358f21dd39e2bca394ffcc33c8ca95f709efc4145ec0a1ffce72305f13dc20f61 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | f4669fa398182fdd8315a6dff7b93aa4 |
| SHA1 | e8ced600cf7acf13d701a5e1883a721df5f6519d |
| SHA256 | d71420dbc3d2f0f4252d70194deb99a6c6ec7a0c3e93a3580efb078d93bf4380 |
| SHA512 | cb763bf32a3c8edb64054772a73e7454967d9178414ec9c78aebee32c829d26f0359070d80749aafe369d3396c7654554a00f6aedcd31e01cecafac02fe041d0 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-39-34.txt
| MD5 | bfb8de676737b04c565d0b4d7f69ce67 |
| SHA1 | 282d8442f135c5813afece71e6e2aec2ee660c6d |
| SHA256 | 64a9fcae05c792b2402c84daa9d9944726dc62daeccbf7c67e96c647659360b1 |
| SHA512 | f62fd609fddfaf6ab36bb84e13554b7665158698cc2b3e4638c22a22e73106982c08694d9ba1b420fe4fafd9f31a2ad50154b6a58d5086668e2b2c2ff356dab8 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 4c4acf4588d0cd9c020f2cb8d518109e |
| SHA1 | efbc90da8786b39d1a05feedf233cdc03ed0da4e |
| SHA256 | 9f5230198e3477a4cf4cae4f2be76c14a5e082087bb1d6bfd1eb8d44156ebf68 |
| SHA512 | ad8a29ad52b3fd096e14718d15cbd05ba1e884815cbae15dbfe7913a4dced74bd6c2f8eacc8db618661000c9d6908e4e6239f7eade350f9c364585f431f67abb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b6a9ffdaa1fead215908705054271429 |
| SHA1 | a9a28a8ac4c468bb2fe71ed21273348be6b42707 |
| SHA256 | f4b908ccb20b5b99e21522ce4c8693197ed058c51d5828d1b770fe9009d7dc01 |
| SHA512 | 25b50bbb708f3a2baf391d2ca650812b574a74ec06fa3f647df4578867f631a7778305468e110e0267c5c67a3dd564495ef9f2c2d562ff81711b4d8f3b2c93d4 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9d820874241ac34375900f27630b6339 |
| SHA1 | 7e693453923ac65b03a873972808e500e7edfc74 |
| SHA256 | 31de481dd8ac4f84306f5e7b2b36d64e639e063ca3b564db2c5a7fa77771887b |
| SHA512 | a45ac940b28f8569f87049d8371f46f791d39808b5e7f972a5783bf2d101c8c3afdea0c6af536e0fdeb72b07a9ac0799cabce87a9e52651319a4ef694fb29703 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-39-48.txt
| MD5 | 3a6917bbc408a83e0f8d7db832f93b4a |
| SHA1 | a0aa38140c5d3235cd9dbfa209ee91f1f375fbd5 |
| SHA256 | 76e484b009bdf415be25ae1ebda37d52c5f8f7f0fa71f2513f3887cf04688800 |
| SHA512 | 49f067afa44be35478ead4ea5d855dc042a4841909eef37ee07bbe6c8d94f72fff03b0354da69503cfd4a0864773dfa52437ce212343fbe66bc5f6cdfedb2fe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6853cad3ead2ce5293f0dfee13e1ae3 |
| SHA1 | b53ecad64c39bea41b94dd8f8a8922a38386adcd |
| SHA256 | f48d8f5aab534ee8cc4cbf90e2ab1bfde084c990b1e2dc5c3838f3ad9d66d17f |
| SHA512 | bc4af876149e1f35ef76ca8a3987eef5f4721a91c9393386019636cd2ba23de2f332fdeebe36a7001e77b7734f8b5e3291904d5d73134f6fe3a023732805919f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 531c2250a0d5c88166f47ed7ff3fc282 |
| SHA1 | e3bc28b7dbdd4a47f91336bd9ee4ea2c46df47b2 |
| SHA256 | 9f4a03db582bc8c1706272d7e2275f8c13fa9945a859921a9eeed000af86860e |
| SHA512 | 4539e3e94747629d4907c112239551cd47c8ee7e32c8ed2ef8d9f12b31acb4c4c063edea552cdd184990599a7339003ccb39d4a76881546875be08a2fb9531a6 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | de95be9f59def9266f8b9165ff01c129 |
| SHA1 | f30292e86f15bd1c0510bd84d01640153ab29771 |
| SHA256 | bde421dcf8ef03484361bfba48026fbbda070b16fa1ede8292324596ec0ed5f7 |
| SHA512 | c0e5fbb66cbc5a5f6798deea4d0e5e8cba0042f517958884f63b65f8e592215681b10e796fda60e1d5b14abf8bf07e9b02b23031022f47dcf1ed30c6f0d9d61f |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 0c9b34e6f2368ff793c5e2233ad726a8 |
| SHA1 | ca6ae7d461fd40b1e6b2f732db786b0121819d00 |
| SHA256 | 883a99c02dc1e1d39e8526009cafc11424ead4d4cca6ecc697a9309cf53a967f |
| SHA512 | a40fd66468e469c823c876373c11fc1ee0538bd5de74818c710fe9697e38ab576187fd00b8483ef7da79930278f6d1d44730f7b69d5d2f0008b6c3aa5efcd05a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e4886d6d16957c1826d52d4c1c126f07 |
| SHA1 | c8fdd319c64ee21937c31279d035a6f6bdadcb1d |
| SHA256 | 860255664529c0a756dff16f52341f47917351a7e634adc6ab3f09f030ca6bba |
| SHA512 | 77ede68b64f0d0087f0c021bb3e375f3b6c62d1e1d6f7b42d0bd9f136c602a3577fb5e60974ba109525e1844ebdc0c7defb8780cb98f3d83e04308d66186bcdd |
C:\MsContainerwinHost\XbzxyZcOnpQflcdDpiS9CmpLat40p7m47ZcP1aBzUSB3men3gAnTOw07Azp.vbe
| MD5 | 3c50898e9195eb3c1d7c8cea93468019 |
| SHA1 | 3b962be0c805f2f2a09c5c1794964c8159429bc4 |
| SHA256 | 10b09e9cc88f3bd4235046dbf39868d6f7a04fedd84da0d2fafea869dcbba32f |
| SHA512 | d6b15f2f9ba5bcdbefc9089eb3af061be7ccaaefd63ffc452aa394bafd9084d8bcef3c758284fbb4ca44d64a824ff35c74338e4aa366854b6f33e51055d27a1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 916fe001c81b733acaae8b92fea0af03 |
| SHA1 | 84e3b837de309b5e4faf3ba38062e4cde4aa9f6c |
| SHA256 | 74aca4ebb3660981a80a03bd3d1ac0fefc53c24b4a538c195b0ce7a8184096bb |
| SHA512 | 7cc29456493b6ea9651e067991cb7a92102411de2331a2572a43a3e07cf36b90625c8ab46e5a0bb8e56054e2b2bb62d991fa6c3d8f70de9380aa0aa3c4d7217a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | e247c3c081d419d033a4f895ca1e2bea |
| SHA1 | 244b8f3858d3d8d0d677c9e44828e94357cb8094 |
| SHA256 | 3a2b49ec9abe2a2d547ad9a195fd3891a32f593eb4e870b34efe34585883beb6 |
| SHA512 | a88733c75adb62a7e1dc756d81b077ac924b7aea084cbb60b802bc72b7e45b3758968ae2f43fa3bafd55f9562657a2413c037fa296b50d99e97b34c9187ef2ff |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 39fadfb9fa6e69895ea07bb66173fbd8 |
| SHA1 | cddaa7e6fd3a8c299bd03f2ef224a9e63a6d697e |
| SHA256 | 62cbe8123fe3c08185d7338ff1575e4bf1993ab5fc01c38403166e736da1e0dc |
| SHA512 | 7bc2c403acd8a6108b75fa2dedac82e8cb8b5343707a7be1812156f936e61cb6895100ed319502d4ab81a45dfd05daa84efb1cc7f77d61ec986775aed99ea757 |
memory/7292-4266-0x00000000007A0000-0x00000000009EE000-memory.dmp
memory/7292-4268-0x0000000002A60000-0x0000000002A6E000-memory.dmp
memory/7292-4270-0x0000000002C20000-0x0000000002C3C000-memory.dmp
memory/7292-4271-0x000000001B880000-0x000000001B8D0000-memory.dmp
memory/7292-4273-0x0000000002C00000-0x0000000002C10000-memory.dmp
memory/7292-4275-0x000000001B850000-0x000000001B868000-memory.dmp
memory/7292-4277-0x0000000002C10000-0x0000000002C1E000-memory.dmp
memory/7292-4279-0x000000001B830000-0x000000001B83C000-memory.dmp
memory/7292-4281-0x000000001B840000-0x000000001B850000-memory.dmp
memory/7292-4283-0x000000001B8F0000-0x000000001B906000-memory.dmp
memory/7292-4285-0x000000001B910000-0x000000001B922000-memory.dmp
memory/7292-4286-0x000000001BE60000-0x000000001C388000-memory.dmp
memory/7292-4288-0x000000001B870000-0x000000001B87E000-memory.dmp
memory/7292-4290-0x000000001B930000-0x000000001B948000-memory.dmp
memory/7292-4292-0x000000001B8D0000-0x000000001B8DC000-memory.dmp
C:\Program Files\WindowsPowerShell\Modules\PackageManagement\cmd.exe
| MD5 | c1be88dd3db1295cc201b02d8a17e77f |
| SHA1 | 45ae6da495be64a0d3d39cd39147a05711b228dc |
| SHA256 | f904ec745306831a78366b38809a00d5b90e9c950f035ee0a1d4154d34191405 |
| SHA512 | cd9a0ecefe5566f33656761d9c5d3e7b157f674f5638c0f2616941726580885f2566f93dcb80b4e266aaf9b3a068beb6acd6f32d960090a776065e30d59ae757 |
C:\Users\Admin\AppData\Local\Temp\nsm8651.tmp\image.gif
| MD5 | 1636218c14c357455b5c872982e2a047 |
| SHA1 | 21fbd1308af7ad25352667583a8dc340b0847dbc |
| SHA256 | 9b8b6285bf65f086e08701eee04e57f2586e973a49c5a38660c9c6502a807045 |
| SHA512 | 837fa6bcbe69a3728f5cb4c25c35c1d13e84b11232fc5279a91f21341892ad0e36003d86962c8ab1a056d3beeb2652c754d51d6ec7eee0e0ebfe19cd93fb5cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7973000673f32fc803423aa35d139dac |
| SHA1 | aba927d8eb884420d0506dae8f480f6d4a35b75d |
| SHA256 | 70dbcbf2e3c270eeddd20230ecd12c2caba5367163c20f7ecc4dadb17b42ae6e |
| SHA512 | 9609ef3a1364814e34e6f1c1d8ee96b2c3de213640dbbc04b0ac96d87191cb6d5f48c6fd25ac732275a6b9a69a7aecc6acbb1ee58ec4746d508bab871679aa06 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | c30eb336cabbfca569ec23d8401b78ee |
| SHA1 | 927acbe9f4a272b372af5d166815e3e66b9244a2 |
| SHA256 | 5e36f6bc0f75c3e06ff13c8e3b58b6269e5d2a40551713afdf257679bff135ce |
| SHA512 | c8e34f745cd2186bf8f00ee467622b34c7043f0160e04cd19a7a9e1100e96229febc1e7e6710bb74a2ef8fc751aa658f067f06569aea6008b6dcaa3e0a141a6a |
C:\Users\Admin\AppData\Local\Temp\Tmp9BEF.tmp
| MD5 | 474c1ba336dc62eae0fd1536667297e5 |
| SHA1 | 9d15a9243024c2218fb0765430b4c7ac853d56f0 |
| SHA256 | df9b0b8a48d43d8ac38bf4deff1ef18efa987c5c5f5cce67ca5fbaf22ebfe602 |
| SHA512 | a1bf85fddc5853717ce86c1156cd04aa102bbe7562017f37b4a6ade3a7c5034c5d3411d222b5d42770b6a32a4c4c06c981800aefa6b5d11cae062ed22c957a86 |
C:\Users\Admin\AppData\Local\Temp\Tmp9C0F.tmp
| MD5 | 91888f811cc907d3435b09196f19e5eb |
| SHA1 | 6c3dbfeccf179c4bb7d051cc09a7ffbf2e6902ac |
| SHA256 | bef477f7e232362f2560ec8810e184fe67865fbb6e9da4fc9b432563f2cec280 |
| SHA512 | 866f4c616fdfc9e37fda63235c1f98db2c72721c3ded1f864858616d01c83d11946e67e40ce9050230e57b0fd5d87813eb7c32ffd4130da6539ec9cc3cd973ad |
C:\Users\Admin\AppData\Local\Temp\TmpB96C.tmp
| MD5 | eec35ab53b52a285f7a4e348d8987bd9 |
| SHA1 | bc9c9d2fcd1ef5039e15ac5ee028be32528eb730 |
| SHA256 | 5e97f38a409f531ad67de4cc285e2f7d1d5b446ad872f500c599912b13009265 |
| SHA512 | 8c89b4deb8758e23606e42314dd666368e7984e66d3f237df2cff4ef3ac817bbcee379d132f39c51ca0c3beb063ccafdcef1c43f0b79a688dc09ca2647f806f7 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d79a019b90efcca336842c2e8a551bf1 |
| SHA1 | 852e944370c3da05b8fcf8914aa7802fa8eb994a |
| SHA256 | 0654733288a292da43ba9616bfabd8e98e20d5f6591abda81e1e6d4e0631666d |
| SHA512 | 7f30b574a4fc190dbddf904b6e09e9a499c0e59550a93298e094d9e5d4e7ab6a544acf0be81a7b845ee256e688e7230d4ac587a7bbe530300b0201f5a097e5f8 |
C:\Users\Admin\AppData\Local\Temp\TmpC6CA.tmp
| MD5 | dd1ba69c45fc19d905e7c9d33bb16edb |
| SHA1 | aa4df4635a2639a04192954e686622f7fe3c480a |
| SHA256 | 3e412a6f8b28d747ae3e0c308323f6eaf96c6db09928d4049139a4c66131445a |
| SHA512 | 12808dd3f6aeb09e96123670a278552984de98e58e0112e83b284a9d7464c83d9fb6c141ff6309bfcb2cf2630026421352a30a9e57a284599358b2e4fcf1472e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1027a0a3b9b986f8fa5a5cd537852537 |
| SHA1 | 90f308227955b0ed8579afe3f382b2f3dd248c20 |
| SHA256 | 22144d6a7049245c036851f32920e27ddcb8175eb0d909782ac0bc9796cb6638 |
| SHA512 | 5c1575e1f5a1c2abab483af42cf06f8e9fa567d11e86d8271fc2c2a6e718050111a8fe12513eb42d6b145a0fa20f44c960e0e5d719d9cffe08dae84da24601f2 |
C:\Users\Admin\AppData\Local\Temp\TmpD60E.tmp
| MD5 | 40e4cfc1802b8ef56abf0c9d73967e80 |
| SHA1 | 2cdf6c5628c58c51d0db893e350d81f49c60f78a |
| SHA256 | ec05615c9c5139398972d1d4e5e340a901188a525fc29411049eec081ded07f2 |
| SHA512 | 9b220f1aeb8ef70fc26da022bb47a26424a4e15eacbfc1f5a256e21acf6621873dd4b07052c0abe2102ed23d21ba41a41900a9f71e18593df6f54950904c4f40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c8bb30e8100687d93d3272d3acc82cdc |
| SHA1 | 4eb090b67fb7913e1ce2a2f590b4df9412b3d028 |
| SHA256 | 78e3320030a6f37d3c8930906b1bdf1427743114ac06611b55aad02c5439af89 |
| SHA512 | cf047e733a6f9d70b5b9c4694a16bb1f852e097f1968639eda8ac94dd067926fa245a4124cba6fd674e6e8bccb03329c67b861cc487e6221de1322615644e507 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7fdd7c8d869774aafbcf45ad5c9901e1 |
| SHA1 | 279583897f79550bbe00202361172e95ce5ab202 |
| SHA256 | 30058418677797326646b895d36e9df4ba0a626a59b569885b1a3e3cd725bc46 |
| SHA512 | da6d4df336d1d3d02767a90940dd4d9ea54e5c4ea78f7971ddd9cae99c0498bf536b981ed8df382f66660178b6b8bdd4689b7ab2d8c2b973834a3893cd61570b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 71f139dd4cf829659b75260edcb437eb |
| SHA1 | 703e32930cd68c1436786497984495d2d25acb03 |
| SHA256 | 6e93fa8813a4c0c0ce1f05d636f9d654cd2387eeb7f10708a7e2e036fd155149 |
| SHA512 | 0ce107f656a1b759a1c91404784181ea403fa57843b4021bce6a7eeb894b82a9f0c7aa43fa906b32faa18629319e261c5cc7786487d38dc7e2e31c8e6af667b0 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 8fd48db6d8aea883f0ad0554be8cc462 |
| SHA1 | ba6f8a7a21cf79ed7c455b65f9a12f0975492123 |
| SHA256 | d2a82172e5c4fcde2109204f293d653f91639fcf952930882a2a899a26fe90fe |
| SHA512 | 6663593e8e0526928c759bef0ae0f13bcd70fac7b03eb27a6dde57a6f37f59b3a3d43de2ebd9416e1aa9e4ab2877dc7ef172566d7dc3eb17692c3c4c124fc277 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9b7c6971e197c3320253f581ded50b5 |
| SHA1 | 44fc2c34b80c07c2f6a63b11ab5851a44968819f |
| SHA256 | feb2b5d6915682e3a76e6f0522e63ac8054418d9cf129048aa463a2dbdf7a807 |
| SHA512 | 58223596876a5ac11f8f4b597ed0e71eba7870b444049e4bb9be5ab9217fb4e94d5a6e3abb1896e08c5072b4e269aa1030761b98679f26aefbea2ea7e9aee3f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f8f7dbc5bcafd0ecc91556e856f4ae56 |
| SHA1 | a31b9315db8e7d0c512d25dd1f47b4ea2dd32c96 |
| SHA256 | 021b7dbe19af1075316af3c7579fbbcc175c06383931d556a06a97e13aa9b2b3 |
| SHA512 | db40e58e13687ebf6b1d275f852fcd5abb8fd8c5b1a2431e560441ac361860119c83321c6a03d9ef2913741ed7a18a6a783e5def9f8d431a07c94acc0638e71b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e3608c11410dccbfb61ddbc32391e199 |
| SHA1 | e3f12017352b456fdfe1a3be0f4e3bccbfd04d46 |
| SHA256 | 22294b0d0d62c7fd043c06152c784601898311fcf745afbefc5e7311da3f4ef0 |
| SHA512 | 35c4385f237d1f8843143efe421270c7bd8f4520b6121ce8a53fd6ab653fb354d6cec5b324fb0ba45813bc3547b61709b0ff300b6361dec1719213c06f6130f3 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 4d921d49a76434b1b136dd72ad69e624 |
| SHA1 | 4030dc840bec8adb94f0a10caf9209222d05e045 |
| SHA256 | 1bd1c877e59c5c0adbcf862a049575d837e1ec594b060f645a418fdb36b72218 |
| SHA512 | 5689c0a28691c1dd00ac7ca2acc5443a9db5420cbb50576e6046619e728172604111cff888630cc8630ef16fbafa0f0363a9033cb1b962a442c3eac8a0550b0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 96f88676171c4a0e6e5d194699a9aaa9 |
| SHA1 | fcc8550fc1801f195dc2be24ad78e0035fd4bd2a |
| SHA256 | b87d1c4866d29b8be1427476e36cab71534c10c2c0b919488652ce47cf518701 |
| SHA512 | 2fcb17c75ab9d0152e3ca48b9c027be2f1873c9650a83f603da33f852886b175ce65f39c2635fe1ae1129eec2bc0eb681f2e048a1174d99a183aa6edf330fdb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 380133cc405660de52917f6f5df04126 |
| SHA1 | ebcb09a6c684df6d0e45e8197a11ad50ac82015d |
| SHA256 | 900246b91c5d7d40297fea0cf594067f4289822568bdaa355354d86bafd2802c |
| SHA512 | 40586151876dd1249da45fcf852216bc6aad54e6171f0e30ca3125356c83841f364fc92d6ae9e80bf26fc7828d34437c934d4841bd58962ddd4fab7682a09688 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8f263628f848d3b8de04849f07dfe9f4 |
| SHA1 | 570ab44083113c909079776cf0afdeadf37db8a8 |
| SHA256 | 593ec488b5c821a1cb607460ed1420e0c2eb715dd718aae9b223ac63e106cdd1 |
| SHA512 | 0328baee97663599f1d4f260edf40953b5024db37ffa6825f35b076ce3883b7602f90a2be64b37353901b3ae13594266b2b3b50ce49850bd3c8d8ec38f5aea47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60543091af6de72b48ec0c5dc7babe12 |
| SHA1 | 5eba4b19a1ee218f1350ed8e74ed406493def2f3 |
| SHA256 | 76b0b84b0bb345211b57ddb513b64d8f054897249e9798dbbaf59f36b3c51a51 |
| SHA512 | a04997ace5297c464eb72979ae928f5decb1ba86a2167addc17b00eb74686ca22365dff31f8fc0f0d58c1a016b03cf92039041f02d551791697e6ed8fe2a2c99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 00d8db6f9041636d050de4f9568868ec |
| SHA1 | dbd4fcdcf64e871452410d56ecf43546ca109977 |
| SHA256 | 4a6bc7452e1b778d8c69538ddc4fa0dee0a74ad3c6d4a17a44876503d3c68f41 |
| SHA512 | a589743a2ff280e8582f2124a21ce77a0df5e48f3e1319f8696e965aaffbc72f74b9a875b370742e1d957e2309f97d9c484e181aa8079c538a1fbaa55ff4ddb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe605037.TMP
| MD5 | 56c793453969359cf13ef1c9472841ac |
| SHA1 | 8e5090dafc662a9e11792105997a8aafb16b9287 |
| SHA256 | 996026d8931f71c7d775cb4a47c82498b696d54a85367ae0b7b327206cc4c4eb |
| SHA512 | 27c1d179384c24f05065c6590048a1a2c574fff8c631ff9e708fbf1a6d8e3096974d013c3a0e0c7091d5088e9b4ae929ca20021700023e9a52092458f6e040e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e75916958d2c49c30262e4fa16d9369e |
| SHA1 | a556b1e2d3c11616319c2f63a34735ff9a634f65 |
| SHA256 | 8874bd672454eb41610ca145d0df00707ff323856c423d99356df32e0fdc9728 |
| SHA512 | 9a10d8909f93fb473d2eba4e6a912f132bb49d351a1168453735a364b235b4c27110227c8eb714b538ab01dde26393c983baae23d7389755a6e176a6aa44514d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bc3b41092945088e74074f85ffd245e5 |
| SHA1 | b6c472a8bb5c4d1408254efd3c017f7ff881e371 |
| SHA256 | 1e85b08cefc880fe4706b3bdf5e9ff841f6eef408c168d3ef886d71ed6b1ba44 |
| SHA512 | 24e5a26d9f514d902fceb297e04c2678cade649383fc96bdd33c38fecab0f2e72219e3d69d909ddd4704a9dee4af575ea23e2f2282a599704702cd3668b20732 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | a9f161b2997b95747b8229cdf1629199 |
| SHA1 | 43405dcdbcd1df96c28c1e8891490d81d214ac6a |
| SHA256 | 2891dd52bad26e3f0cfd73bf1defb9d24d4493446bd12d333fb28921a2a83cef |
| SHA512 | d53ec53a051c025cdda1a86f73e75218f4275f4e609e15683b2df3157ae8d16d112f299932911fcc83caa4f0efc164e76ec871c469810050008c4de494c5e9ea |
C:\Users\Admin\AppData\Local\Temp\Tmp92EE.tmp
| MD5 | b8cbdde6bea6e7f73dfc8c588b1140d3 |
| SHA1 | a0625106410e4dc5f9a6e33c8cee03403eff7951 |
| SHA256 | fc33993836f87327e6daae8b03352c1b50e844199168fbbec0ce9a4c6d3e131d |
| SHA512 | 582b09a0e06f264d828b23cf95e210b5bf15f6adbb98f378a7fbc22b3339cab842e291f3374e23db9a409264d158c5c4337330118ca31ad5dc2bc4f044f12813 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 607eb1557d83d3983477aaeee8597130 |
| SHA1 | 6db416ab19b66ae2126907df9acf0eb73cf54a1e |
| SHA256 | 5d811704e1ebfe84e2025d1746876dc8d2f4a2b6ffc6712da98f71ab61a2c15d |
| SHA512 | a073a5b27fa4c3a86a8f20c796a5c5f84619adc16ab82143776aacaeb92469b0923782173fa237138a7f95870a1c5acd4856721b21de5c95d6bb985d04ed8282 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | 1261a9c0327d933d36c8af80a26c7192 |
| SHA1 | 97f4b1709ee5d7aa1212b43415cb6d1bd9f95d61 |
| SHA256 | b1261d63323fb433da1ebfc56e3d105e728cd6a7916fdbb78f9300afa126a377 |
| SHA512 | 78735e774374c743f7aea1fba3822b3639eb9089337cf97561fac01007c1aaf88ec7dd83e4d87f79390c356cc42cf22a4559c63db7662a0ad0686bbd54600328 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | f65004a02cf10600cb77ea296e5c62cf |
| SHA1 | 9b7d284d081a2c73444b6e714bbe1b33fa9fd08e |
| SHA256 | 7ae236ebc0b1a29396b77f5e94fe8c638975e1f8cc35b73b7381d314daca5d65 |
| SHA512 | 7984d0cc2f8d29b326d4898c54e0eb92a925af778d7facca131d551b7f16df9af7a3a81038f25e78d6310a72ff73cdc8b3a8c997d7f2189f7d40a517226059a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | defdd4ab4fbce345c0099baf9aed71d4 |
| SHA1 | 83a4196e36c33a571e31f00dde0233959fd71200 |
| SHA256 | 1a3c902bc800eac8d60d55507e7e8a937bc936200c872f1185f02c2d65fbf0f0 |
| SHA512 | 211e0b619e63665818450a34149c1774e0d123bc755b9f971d187f224c001b4d90deff9704491b543de2ede11b766316176a771542519a32d34a3ef22a56cfc4 |
C:\Users\Admin\PCAppStore\PCAppStore.exe
| MD5 | 4b88d8ada8d22622c30d581fc38eaa52 |
| SHA1 | 0980a7b75db94035a5de1696210648acb95acede |
| SHA256 | d4de255ae1109391e4a4a967a8ad66dfb70fcca7db47777e40815f4e7b19f2a2 |
| SHA512 | 0f87422498ed3c60ed21cda492d038d10509e3b40e5e9d7614b6cb0ef903e241ad1ba9c2f67b43d9da3980990735a5e0c325002e43e0a41cb12947e2dbecf19f |
C:\Users\Admin\AppData\Local\Xvirus\Xvirus_Anti-Malware.exe_Url_niksiz0hk0xusqokokwm101tv00gdthe\7.0.5.0\nqb45who.newcfg
| MD5 | e256f59af06742c1d395e60f7ef67f19 |
| SHA1 | ccf5650a94e4dc5687125b8880ee091a89a98bcc |
| SHA256 | 9f778791898573ca996fe8272a9a5280b8c40b35364620d4f614325cb30f356a |
| SHA512 | 02f9c9e3a3346fa2fd5a11f937b2f516201e9c7a16047bc71ad71349af505f45119be5bdb9f2fb6ab9e6f6db6e60df0f5d9a36de788a78349cfed7ec8d410705 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 16dd8ac9c15a6f809349a1108088649f |
| SHA1 | 9cf9eca5aab3de24e67153f2e1a0a9da8ec1d390 |
| SHA256 | 2d7959c3648e89e50c85ed7b670263819247d48729dc77b9572ed91fdfb925da |
| SHA512 | caa41a8088f4b0f96dd056a718a26e70b16b666d5dd48aeaf9c11c98caa5801db950f6103035182ea4deb45acfd77c55403415bb6be433ac2dce5933f4b76360 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State
| MD5 | c08a913e24c64a6b7b87f1145a0a9559 |
| SHA1 | e8844742c52d64ea6f31643fdf665abf13ab7ba6 |
| SHA256 | 6b34f1fcafc996ffdc637ab0eb71b1f09daf908331aeb9ea48a582f596017be8 |
| SHA512 | c6628ff2f05f3b7d1419718062afdf034a39a096e655339acd2fa7ece2fa902a4b0c0710495e4c6f242d4c141ce604ce47efa96b009fe1e69b9e503b689b7d07 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | f2154be0365d20a7e77239e56953aebd |
| SHA1 | 031944625097806a2f2be5bc2d03aeea84e34ac1 |
| SHA256 | 19bb15a9aa5c1a464da53991ee6511fad52526b038ba7720c873504394126c6b |
| SHA512 | 49ee230ee5136079a45bd486b93862581f30af03d15db0a23b226864370f78b09152e6c956bb174b2dcd516993ed8a7d4f264412fd64822b87d170d99782f7f6 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Secure Preferences
| MD5 | 896ea97fd15812b91818b8890d06192d |
| SHA1 | 4b69c763b8538793082e3860c81b9790e7826ae0 |
| SHA256 | b159e319f98039c80b61f09ee922001f3d0330d49dc0a3d321fe1023637ca5f3 |
| SHA512 | df63f279a6c95306e0c7518e5644afb539c2a24bce4996b75afc1d077fcc2df1da6e586d167f0e13bc0e97e62f299fdb9195c40d921f7d90267649c7704416f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7da277c593923caad22131b1c58dbe2d |
| SHA1 | bb00cd66b6b1fa046614f118d845b1d0f64fd455 |
| SHA256 | 868eefd5e7808ea6f9bc5847633582294717103bbdc18d651e8d5dd53e8d47c2 |
| SHA512 | 9a27579ea66b09e88e5bc10252a561e99c78bb2b48816b01a1bfd2a80ed0da27b0d3032f586c99cef6327c36c43d1a500618545eee89f66f9019849ea18b1266 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | a7e2dcce4db467e001851fbb8b5305ac |
| SHA1 | d8e72a59dcc1e5fd5fee1378eeaad120366fe01a |
| SHA256 | 190e5604cff896068c82d4c2be2764f4c2ba9812290c110fa8f654e9d41d0343 |
| SHA512 | 4878cdacf60e1c51f1fd54fe75bfe6444ecb5730fa7a714973450e1ee7c351d98f38b285a366a7da19e289bfa0eada32916fb67c067da872c7d3e1c383fa096c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c4cef7017499c92b3decfba1f64fc20b |
| SHA1 | 00f421942249b1ba339ee57fe400538a01db90fd |
| SHA256 | 3810f086c6a1b1696c0ea0356b14cf320770741225178af26394938284eca503 |
| SHA512 | 4e2472331efb35f91537cf1085be81777f5edbb5d8f60fa176add0b8b4bb6573be2e3f2cef9351cd6e5f1c441d060d51c339b6b73a85ada95e916e27ba3a8c8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ed44c8ba65a6b6c59e6f498cdca9d6d |
| SHA1 | 2dc57ed37dab11de2bb161d6f665267aa12378ce |
| SHA256 | 28850b010a82a3d5891553268fe8b045503ef8ae2be6f64a9e25077cd45f820b |
| SHA512 | 4b5b6cc41ad5d93f0aa0417231a44dd476b2cb4f6512e31298e602ab928790b64a3682e9e26cfc9a9d819922c9386f3957e192293eace91f4c6fff9654edc556 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 6c2bf83be5afb6c5ec806a46b1f21689 |
| SHA1 | 25407f081516f746816ae50acf2a493ddd4a72bd |
| SHA256 | 81802bca8f8b9e5d2abd9f6774e3c5c235b32c134fb341e244d09dc37cd982ed |
| SHA512 | 3a44b7f82cab77be7a114d649958dfc61c015abcd4c964ad6974bf80a4c022e5bde784f33ecc0e5459a85c22596d3c926cc5aa3fa2d76dd501c73b1769f2e92d |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1c9613414d229b645da5aba955a8fd2 |
| SHA1 | 5ff623427fd1015e6356f072fc299f2abdf91c94 |
| SHA256 | 8d783a6077cdcb4763dfd9a75007918b51e2d5a1bcb214b0ba65a88eef409534 |
| SHA512 | 537ba195dc8d9e677cd91ac663e7acbdf7c8b75cfe96948c2890c3311ae07d5a58cb5d83fb9584062e6034d10bfe2a997457982d3d7423f0e1f257ad6553c9e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6006fd79accac594492cbbba8fc3b5e2 |
| SHA1 | 8983119da26d2131a6299e6e73a008adc907253d |
| SHA256 | f5f3e00c68fd120716091cdf6bb2d631ee1a76dc145fdfab399d0062087dcc33 |
| SHA512 | 1ad3f3a214590bf229055939052b6b5368e8266579d17b14eed4a04a2f784f1ef7270d01ec60203f63ef70ef9e1bb527bb729e50931c8ba20b3bffda5298b470 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 5cb161b2d563e40ffd6adfec87c01e74 |
| SHA1 | 73bc97237958f70e13a96017e1c025b5851f7a41 |
| SHA256 | f5b0271e53850c56324a5025aeaab252282b9daa2eed4a5130a8553715804d99 |
| SHA512 | c0371e4c5f12b842650ef5183834e264f87849a45453dde605934b52dbf5b1b57fbf31329677570f175a29aa6e8212a5fa67c40c6303225cb94b4c4342f2f73b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 882aee5a1060257202bb202378f8724d |
| SHA1 | 196ed951e218a05c01ee7cb0798071875838f7cb |
| SHA256 | ac2b84e815733fa9d6325526fc7a41ffab2347dbcb957c16e53b00ebadfe5e35 |
| SHA512 | 32e76b6937e16c8eb4e6a318d82ffcf43cb16df327083110a68559524d9ced8d9ff6926c8849023d0b868ccbb3c87f53ffbedc59f1ab34859cd2aadfb48b7131 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ccc69051c974132d00d4c6993482302 |
| SHA1 | 6f57382394054e0fc98130b4e46bd8fd85d244f5 |
| SHA256 | 911e1cc5dda6946ede11d413577570d0dafbadddb36328032513299957afcc6d |
| SHA512 | 60ad2f009c2560d93a56ab934881d6416c689fbd4c78fc357b0c13463ba0c8586e6229c7dd6d76b672283b74ad039d1749312d8d6f0a5a66ad8b857ee5dc25ab |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | a2f8e53f53f00892295c3c350c77fcb9 |
| SHA1 | 47d21864c6c9b2a5e59d1594dd3fb56bb127cb63 |
| SHA256 | 44239591f82593ca1e0879f50758a69695587b0d4af0b493b6edce963ff773fe |
| SHA512 | 2c4d7a1ff7485005f645245c9f169d353d54321d013f553877071b8d5d344e0d2ffd14539f1b129f46fe28a9e2dc3201a12546e9d1a89dbeea870b3c652329dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 611bfe85cf37691e113cee4d161a0e01 |
| SHA1 | 4e2adcb5289b0d0bd210fa1b2a2ab17ff43a326a |
| SHA256 | cac0e0c850c7023304e69cc5edb626bffc1aad809032f11d9930d2e44ab43cad |
| SHA512 | a1fa9c234d20fe5257102f39579e5e6cc3de4bb1504523eb8f02ad50998b5f154e89d43d44f0f3b1ee3762f7c6ef13d44e543354a07cece9b59a4fd720f6378a |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 21445a32fe74266810eaedb5e4893df9 |
| SHA1 | 8b09c1514b8a3c22ae4adfb8107ff527e9912ace |
| SHA256 | 43a2eb420ed51d0f460f4c4ec4b69e48e532f77db70724b12084f50041389e98 |
| SHA512 | ea654b45da9813f543c97037b6da65f0d9c71f978bb1423c9e3090627c35d8080bad52a639c860ecb959e6a709913cc19e9d00f9aca20695881d9b32ebcf9e0c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d123c3e1aa25d4ef0b72ceb7e2323659 |
| SHA1 | 9bbea38a638f6af4d94aeb25c249d54d3d259e5b |
| SHA256 | 5507ace7fe1e62acc6aabdfc17d366d0e2560393816f49c32ee94c4d02fb828f |
| SHA512 | f4906a0cc83316940f39d6aa6df523b97c2cf2ea553ef02ee59a7d5654ac541616444db42d8ca99d58170ff71bf3fe0652463ec933f001586bf899acb40c742d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ea395d12ae5b55db0ecdb4854927d62 |
| SHA1 | cca73021774027941136c3eb88d9edc475dc2ec8 |
| SHA256 | e95915dbfa7b94fd14aa0122fe6216376ef3e2987643873608b4ee5a2cdc913c |
| SHA512 | 445a3b3315d4cde0d1c98665193eabb5c02719f4c73cd6851bb18a308b89e2bfed0d3490f8a7924c92a0ac045e96c2072ebf22089c0d7e3ffc3b52d85c79d0ec |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 033f4b3aa31f5d32e0fef08a81c49a44 |
| SHA1 | 2bce9a38e5587b8d68990cae12fe5fbb07858b85 |
| SHA256 | de5eaf253c30494677465c3d6f2c0a98159ec36f8d0cf23dc316aecd2dd67342 |
| SHA512 | 5199920769eb1a89e2a18ccee032fc0a16376d2f24db1e1d0f9e30fa5570969a1fd97092b9bbd1891854599135dc7d91ec092f1a2c2aed9fec375bbb34ac28d3 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | f4696a0247390bf08c5a57735ea84a28 |
| SHA1 | aeaaa60c38cd177b8522df7c70f5809d7eab0e82 |
| SHA256 | 0dc48b799016ca39f8468952664db31d7ee4c945dbdc7afe23eed323e268d5b0 |
| SHA512 | 6161ea1450e1b8a7309aba9b1668337f58ebe72d711d40aa459bd022daf967010339b9b0301295917a65c5b98205112b13c34a82e3909362da11ccda56aa2498 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d203af9f2ae80c65d2e418c032e7bcb8 |
| SHA1 | cfb6f76ed3d40c91890f4bb5325578a96fc45dc0 |
| SHA256 | 39627279f77ae516c95f7044c7a88818be93d9b9c11b9aaec3eebf22f698b9c0 |
| SHA512 | 91df7874f4ee4a66099740a61325f305d46fafed0153ae88e789593ac5a9da753c8668d33ff84a87c5bcd5d32e13c85e1ba15d592165a2c18c7a91267a8db958 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 73edc4ebfa88763d617446de5a723e79 |
| SHA1 | 6f975f8965800f63424db15174c3d1742fb0deac |
| SHA256 | c7c064036081c88ef2948c95761d518f75f4327b8f9098d14212f8333629e2fd |
| SHA512 | b969e0e219e94ad23036e2d1855f59c461074cd91fcc8e7bb14ba91cbe4270d891dc3d36cece6c7d5c305c52b4c287c04eeb8b168c594480804b38a2edb40492 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 3cf03622a48f7389bb84a4a4d97e67c4 |
| SHA1 | 4fe2fd524e557c0439ecaeac0682a1c074b7e181 |
| SHA256 | 0d054022932dacfa9750631bbed7a9962bb0100db41b10c620f00f8a2825e957 |
| SHA512 | 9b5293a99b1dd6cdf48ecdd7ebea6528266e8f2cb76f31b306047c3edf7af0b56952b6c3539eca00112c93c6b0b7acfe98b6920d7fcbe2395ddcf07126d84fe4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2851712e1b9fbb5951ddee3cc33a7801 |
| SHA1 | 1beff8f7b70ad02e0a5f886eeb65ed61ce30ddec |
| SHA256 | 3cdcccab73888565d8a4b088958013ee61bad9dd51400bac6e216287454c1e5e |
| SHA512 | 0fe82b7b3d022d71063281959f7bfafd4cb3e0d89d422640616f3940401ccae1a1d3821c60aa8cf60ad3e2173d5218134af3b24290a3d59ed9e88ebf22870d01 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e070cf66a448752799cd8a10bb89a6a0 |
| SHA1 | 47fcd46ae9e279cd1c3dbd62dbab54672545652b |
| SHA256 | e1282396db9c08243b42be835b5899c89502759472e8a0c7b4ba0135770daaa9 |
| SHA512 | 8e297ab96db24064e48f5cf2254e4a329f998c9c03818e9e91ee2f79c863b5c64e7258449776902c182a036c04a43e822d1e78deba9b1f6dcd328bc163396788 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-41-35.txt
| MD5 | 90f0d19b0ce0e851cac3afceb0c9b013 |
| SHA1 | 76801d798f35956887e62ec1953453ac8dcf2c2d |
| SHA256 | 0465584a86b57e62c686092bb172dd305c18cb48d22230528bf203b7b411dbbc |
| SHA512 | ceb9ebec741e5578b7693b82a892d5d25bdef415eb19c82f80cf68056d7090cbe53219deb6b5ceb61b1dbe9e7cab70aad6a88b8f3a7e799f855f79f96ceee4aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 93893673cc2fb7a3c7dd93ffcac7bfff |
| SHA1 | 31ddd9c52ffd740541ae3ed6acebbb93d88fe1d4 |
| SHA256 | 2538af873c772b0ab14f7af932ad6e026b201eb79a7d16c88289d1c1ff397cbc |
| SHA512 | 1af68717a5111387e05868d060abe718f12ed9fae3f6c95bf0652f5174c3bf30b79be400a663623036e939d5460bc00cf73f06417ded80f4afbcfb3032b55585 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 0e751ffd18ba073a5352f6edcde7a5b4 |
| SHA1 | 1b6fd37f82c1de3d81357ad96f17326e566dae63 |
| SHA256 | e960fc52b4752f34a4f0d1ee2869980ab6d7e1f0b617abb627639cb930b0a211 |
| SHA512 | ccf51c75a17468535a8a5f1e7f04b08ffc6a553862200c6aa4a084f67e5a8b691d1cba0adaf032f640ceb5b074c6417da31d309ef75ba3b885409cedb8986c01 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 78b151f06a4e0f5c23ee128bf779c507 |
| SHA1 | 9b4eee484605fa7cd4a3fcb41ddc140354615f48 |
| SHA256 | 9760d9bde7fdfeae010de3e38ee6f2851f5b0b9f1974228cf69a296fd5f2be34 |
| SHA512 | 0aaed169ecf34227aef3fce5ea608b2f9471bc991c3de555aba867a209e6c71f7cd45e5458d03f80ac521abdf045642cd94c0a95d3a030cb856490b2859a21a5 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\fe9867b2-4ae0-447f-8537-42dafadc8fd2.tmp
| MD5 | 26e1f786f29ff30d838a3bd059db9aea |
| SHA1 | 97425e347b5e4133e08c9b60c9390c64ced6b34b |
| SHA256 | 781cad3fb2f8b95a4043c59bcabd97aa5105a3eb1201e8468f1dbc19504e9a1b |
| SHA512 | dba1f88bebed321e24c35b0c645cf55933dcb9de7ea128a5cce2867a5810e60b94e8193aa74bffd2d1fb1a0e1e6f699e83bfa437cc5c34d550441cfe205581f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | feeb36d51e74efe41fc4de80aa3a5dac |
| SHA1 | 5f6efe780055a4539ecdae4772f9adccba35817e |
| SHA256 | e3fc23d491766368b97d778ed937c6ac288f967a138bacde728cf5a9005de23a |
| SHA512 | 2197a961247eb759bffff1bb270ad0a95e5a7b3b5439d630ac7669b8d25fa9d56ecbc5f3c00bea3acd626b557618ebdaa494fc93d561ed85c181df966b2ae477 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | aebc7b1d7c17c5cf1d39e2f2cdce8b24 |
| SHA1 | c91068a0a5e7e1489d5b774b5607037cdd05e646 |
| SHA256 | a9e3ee732116d874a168b015de6cebc278406d4eb2b38065480eb8f95d809aac |
| SHA512 | d6efa30ed6596170439df1f3c070969e667be46318132c8c042fce7d3a6d59a374ed550371bd235e7dff3cbb1477d580a08e1e11a024cb1937a7c1217b45db9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9849b3fc4fff8de006e2d84eec0097b |
| SHA1 | 4d7d6907547af4f7ac8d50dc1fbbe767c4dcb3f3 |
| SHA256 | 5e231d4f90e1f7e561ebe99b0f0795288188e15889195ff955832c87df858eea |
| SHA512 | bb4096057edfadd2cdff63090b87fdda70b548a5283cce61083a85eac2cffefc7934cde4742d084a32281b9dcbf3d4084ac6ff516acf2020cc3bf988e6eb2f4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | baa4a29f45cbe1ad55d5564a7bae6858 |
| SHA1 | c3eacc935c56c2f89fbc4dd259475d0302a6e60c |
| SHA256 | d279257caa025c8f75cf7c9edbc4c4882d0f3fefb22faa5dd4f2d9eaa560ca8d |
| SHA512 | 2d305a44d4695f271b23c454f7e865c0b1e828a7d74628cd46eedb66cc3d75f3d6072df9fb3556c58cdca4665e0a0f6bbb0a0778dc8a17ac2e0690e6eef0dc30 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\8870024c-9512-4de5-8da6-6a6732b982fd.tmp
| MD5 | 678282da30e4ab79b4fe2d740e873e52 |
| SHA1 | 8124c25427f6123977336e3e82968c460cbe3be8 |
| SHA256 | 2dadfa146d8acb0e6ea01edbc26cabea512818af228a3734860b3209fc2be22b |
| SHA512 | 5ebdf6bf557fafb8fe1a89913d1c08f3ca25d20908327a0c282a1d329e360bf6979fb3be7d052ce973a7fdac8dd5dc138819fc84abf9618e667d607b3a5c80cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1191bbfe2067e0d6943bcc2a130fbf14 |
| SHA1 | 4bb74c125f2d5c34e6cef356b2d744d0f177e235 |
| SHA256 | 19cccfc208079fa2e9f864842f18dcc012b2a56fb83b4fd5363e9662163f014e |
| SHA512 | f7a51011be152e45434415bd53cd126a9fa86afd4adff5ede3366d6bb1cff37ee10c36eb02ab223b6e1c18c582c40f17746a999a8ccb514c4fc0af80c45d07c9 |
C:\Users\Admin\Downloads\12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f.exe
| MD5 | 93adc545175abec10a0925cce209db34 |
| SHA1 | dbbca20193db5576e2327fe306f37b154c443e74 |
| SHA256 | 12137b32413d31781f51a13c09bd541efe0f27f270108d247099434df1d3b37f |
| SHA512 | 84e0c90d2f5c7477f0932047b3757108a4b1beabc67391878ea73f401fdb3d25cb8a64a00640773567dfcdbb7cee08c07c57afb36b210e4e58bbf1c2d5b0a483 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 18b9ffe832b70d26f421ded35f2c65af |
| SHA1 | bffd333f904ece7735f59f99b4e9fc63759b08a0 |
| SHA256 | b0f02020b561cddfbd8db52a7424a6823273213158a6d7645b5dc2d148af006e |
| SHA512 | b25250e8d41b68b3b5eff3de1f72702754e192230247bbd0cbb711cd662fa0d8733eea7185c44e45c1a3bb91de8bf591f2e60e70c9e9fdf7e7037cc97e5662fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fae2e2974942340eb23d0ac757e859e7 |
| SHA1 | 1c740b241c7516a6debcaf57f4eeed87de834ca7 |
| SHA256 | 71babe2dbd5bd5b1bcc0940909674111112ab8781a38f40681d489abd8b32613 |
| SHA512 | 2c9b2a207d91f2f8bb9dbb4fdfe7b8554daf6446ba01f3066a36ba87f37f61629d72311d4905bc86882e0cc31e41e293b43a229fe653094beba8d25fcc788fa9 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 45a778378a8fb4726de712e973ceb8ae |
| SHA1 | 7a6c880d1cde7fdc303e074395badbd2274786c6 |
| SHA256 | de13cbfbdd493b1d1fc00a85245c24d46ffa9c7d194aff9efd262dc2f4c89de5 |
| SHA512 | 713abb79239bfd68db0fad9c3f409f2054a1014b3330c7d27eb00f2d15817d6771d43050d4cf341c2d1747dc23e7fd2ca36974c3ce35e4f124cf8c0231ebcdda |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 056c906932e6af7654d546bb544494ca |
| SHA1 | a29660370811b72422a92d33ef82dc0c9355cce7 |
| SHA256 | 893ad231a874f00b89f0e14cbc6e9d8fb4411a9d9e31b7bc119c3a7558b72f1f |
| SHA512 | c647280872cb78bb7a287676d7f9ba09df1328aad0297a8b5fcc04d86043364e95127b605a79608ded47794d4d507b669102109a867f1aea9361a3d54778d1ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcbb864946cc4af13024cb25c56cc49d |
| SHA1 | 9e0b3e1ae7acfd7541c594a510d7bed2c4adefef |
| SHA256 | 40348ed89d0391899514d1248fb6b484f78a6f6f753fc4a3e03502fcaaf5775d |
| SHA512 | 77e1463b882690b73da6e3411ea5af097b7b514d939812868c0c0bf6fae24498c72c8dc14e4108803adafcaf05cb7ce1456baaa10a4e90fa1ddc06ac5e460bd8 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d6df25b7d32682bb939d1cfd66bff763 |
| SHA1 | 68e63b59e594023793a02c0ecfddf26e3caf5b7e |
| SHA256 | a12c43c7ddf1982af38f979dacbeed394eb1fd12b958fcd1104b2ab1c7fe9fd5 |
| SHA512 | 0297c3f9c805297f3da4537b86c5798aca80f45b249b2f12332ac720807da95b74f6bf12b13b68b0227a4b4407753175491d1205c1bf49c6181a9e2826849fad |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | 1f98563458c87cb8984d83cee35e28a4 |
| SHA1 | e483e0657233ddd2f84401dd82d4f26683d730c4 |
| SHA256 | b9f8da44cc1cf2ad9cba4b13a88f6ffba07b6484b772fdf24369eaf139f7c199 |
| SHA512 | 0011a9489108d69455f28fbf6f5c7ce0c11d5ccc986fca5a903a5524b67d5f2d6201dc2129664b5ea2cf81b66c27b8ec9cd1e9fdadb627e87b9b999bf757f606 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 305130738203fb0edc1f99220d4ef29e |
| SHA1 | 97a95b891183d84289ebef5d534d9c6470d7bf8f |
| SHA256 | 71bd5efe7f1b8d9155ca8801e5ea216538c9a0a82122e37f190984cf60cd8eac |
| SHA512 | f6420e9a6d9485a3680676373e21e3a33eb28248ac90cd99aaeb0c820efd95ecf9caac6090545172c761ce1c22bff7ae79577863118d41bc76c8a53b5954024e |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | abb36ca861c7d64c70846e38dfee5695 |
| SHA1 | 213e92443d6ebac0c94e5c69f5380839ccf77cf1 |
| SHA256 | e99a62657f1c6b5b18631c70bd020f9af8c1ff806124b4a8cba325ccb13729df |
| SHA512 | 74a66c9bc26b3e301076d966cedc62499fff4a9f3c4743798f469f087eda7c2a034fccaef9f9625be344c1ce7ee1bd294669ab5cc906e0a28afcefa57e98b6e4 |
C:\Program Files (x86)\Xvirus Anti-Malware\logs\scanlog27-10-2024-9-44-35.txt
| MD5 | 49b9aebf0fd37d941576ba3afaa63636 |
| SHA1 | d918494d5e0ca4945c778a7ca73b5b05fe22c3c1 |
| SHA256 | b4632174963462dc6294fe0af92430dd9d754ff75c25f73a0a46848385dbb338 |
| SHA512 | c2f8a24f14679a293ab3dab52fd22a873f0bd5c27c2fb102e654c70f2b63390f41c6c1b4519a0d7c8d9bd6faa7902d5fa0de84a0e3b00c2110a3b0a06fefed76 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | b114f7b91bda5b13fe5c207133620b98 |
| SHA1 | 67f9c8c9c9adb3a633282be90acfe86771b9f812 |
| SHA256 | 23b83d5aa8f653b232605db1005dc8d9063cc5b1170bf60784ab3a513e435c04 |
| SHA512 | 9a10042f1087b9537ccce75b32e0dfeddac51d91360e24ed2b6bfdd42d06d519b71358f33ea1f2c981542da230a6032e62721fe2227f88422a9da685c73d14ab |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 6572f72acfb7eb4223b3c82324cfec96 |
| SHA1 | 93fba4aaaad9936ecf7b0d76764f72ed59294a0e |
| SHA256 | 4f7db223ec51d43ed169175740c92ed4db9c8c84054fb4de22871b15ec31d4c7 |
| SHA512 | 1765d645177693e4d162b115f31b7ee3e3dd52f0f6b5f5ff191ca27846b618d34860dc0032cf32f72af52f0a12b4fd562426357ec8f2437d5d09a214566cbb31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4aee741df480e485997b92a23b89a77e |
| SHA1 | 3ab2904296ed5294c801899e5fef5a0c9b0b8368 |
| SHA256 | 027320b7d2b82cf6f47a9a34625bd171f2bb32ffb198d1b6f62a8ec5b85ab26c |
| SHA512 | ebe8c5612467649ecbbfb5a955a5f7f1e46a9948888e116441e8d89c5c8d646c11ba847465aa24d3eeda3839506fd74f9ddea2d7f7870c872bd050b7a91ab170 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 885b928244e802195e5052037696b066 |
| SHA1 | 7d19552c2c46139dc06d26aa3ecef4d333e8d502 |
| SHA256 | 6da5a4896d44fc47e04c80d5fa07bb4c6e873f324b3c4e465ae87ae9814f516a |
| SHA512 | 019421690ffd20e25ec4226bf8c381f18dcf092c93c697e9f2ddaa9f0447114d492502e496b047ad7056b1360560b08874c67345794ff9a1d2e3cd868db38533 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d229723d29ce73d5be73e26e849e45c1 |
| SHA1 | 172c165eeaf04dd9de957418703e50d1d10e3095 |
| SHA256 | f7794f9b5d34c559cde26684fa7da6d0c8a13e2d5d63ce3c9f4fea5ea0a5d9de |
| SHA512 | 7fb0a2c5384c11874fd928aa453f1781887207c2e8bba1b127b0f947b12a865777774c98adaedb15d6a4768e2def50de0c31c57c9d7fd20b1d6d8ae0693b7813 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 47654108fccef568646727c99a53f452 |
| SHA1 | 02c32e689deb6ac0143645cdd5a8dec50e0f3dc2 |
| SHA256 | 7594f79abe9de8bb7f139a1652355b80768fcd3ee367c8c15a9e1942f3722530 |
| SHA512 | f4ab0e0a1f92adc70961531d47d4f5f29a78d601d7569e38b12bd50baad864d24b86b11367a96f8e203df47c6c10d4f091757949de4c3a206cbfc36866946ba9 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 7e6b5737de6848dc7d63184a33e416f4 |
| SHA1 | 37b1bfc5eca43a32e65427320c153db843fcf273 |
| SHA256 | ea5cf98b703c3a520e49846ce9a3c86c4740d29ec9f0c9bd194797d014546c2f |
| SHA512 | 134938aaf168b51a31746a6eb9b61d24e304d88ea80c75c54cd73d37d7246a2fc66c01bbeed40222de060aa55dd8c181b6fb13b2f65697c119ea16715abbfd2b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e843098af3e1a64dddf050a17ed5c6a7 |
| SHA1 | cd57c013d0fc3dbe3c4f5dd755c9e2bf828070d3 |
| SHA256 | cfb706e48e456bf45b8bd9c674ae236c2690c42614a299ab39bca3212a110200 |
| SHA512 | 2a331a325b96f92c5e7ceaefa6cc9fae1f31695b6e8aee63cb1f3aeaa0bda90fe0dc0bf18141f1f7a35b63a78fecfcfe294233905799d48dc252b987fdfcc08b |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | f19ee9be0e1eb252abe9472e2b180c1e |
| SHA1 | e9ed6d78e969fad116ed269299c4488c4cb9da2d |
| SHA256 | 348c1cf4e940ce31178f35ad9124f0ccbcae5ba8ad518f68c2f609d7583c3701 |
| SHA512 | 47593872cf3cf402035e5135501df2e65219e62d75b460f6dce95a8c118b20259ac2f067928c17ca6339f038f56d3d150921505c03c52b0c702340948354dcdf |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 199bb97429d83e0fe09e6c027aa2906e |
| SHA1 | d111bdd05f2cd5ea15f1de9112fbc8e4bf17a421 |
| SHA256 | 158fa797aba126e8817f186607b373362a6fbbb1f97bbcd25fd58f9cb717c17c |
| SHA512 | e2deb891981477436bd11b2e05386d44ffc529583075fa2a7dfd957022b2817573b2eaf469a215078fe4d85c8c9608ccb4e69a8378cc9efdfec6c64dce5cb611 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 240ec49b47bfc013d699f29ec9a751e2 |
| SHA1 | 90783a18c95cea4695dfa3c39d1e13fc5c63a95b |
| SHA256 | e871caf4b0d7eeacf6175de424400b72ee5147e28a072d9e7f2128877762a187 |
| SHA512 | 2e3fec0709c770a267a397ac5b53f78c441394fd78314e86c9b27b1db2933d25f6527d73306ada9cdb9d47b15c723e491f5a9adab632fafbe23777b0f61446bc |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | cf80f69ce7ffe40868468c704b39cd32 |
| SHA1 | 67d3deb001d75de36ac0b504d38df2751822b508 |
| SHA256 | 661770e58b3a0af5cd43608efa918a455e2c94da713fa610726862e0a62697ec |
| SHA512 | 8f5b968748c4eb4ca1b37e9a69fb6bd2d963ccda5f1a1b2d93df1ab90b4c327d0d5a71b99e37491f8fcd4f4ce04eaa1dd1430d9342b3ad292e73884176c5bc48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b6551ab49a93ea350d3e3226966f2ea |
| SHA1 | c9fec7d60571abc19366a8a47673099e9d35671a |
| SHA256 | b2aa26bf915146a98e1830a551a747d20bb3aa95be287a3fe721b874f3b34359 |
| SHA512 | cb429db8527a450f2aa46cb7c3e7d5d887b8a77a633f1a96244ca263fcdb055d5c64fa2a54c7c943f4b87a3caf3793b7285d0d1f22b6905ca737da97e59ecc6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt
| MD5 | 568e7e61523398473af556dae2918fb7 |
| SHA1 | 4091b1e52408b3ab3d34683f0b442fa35e661f9c |
| SHA256 | 5a4c156e40caf101ec0a0cc726e631af8baee8c05a74c2822d16a4d9d824f541 |
| SHA512 | e58b30b6b81c7992eb7754974941b789b465e9caced2cb4fc27709c77da9eb0ec6375f1f4294ed2d3419abb7d13224dbb96bb93008ef94308670f2daa580cbb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt~RFe647688.TMP
| MD5 | 4ff07c6f6629be31d6621e943e245f76 |
| SHA1 | 728d73641602832ccb775f8acb554287d0ebbe34 |
| SHA256 | 54593a613818d373392cdce930839ace96b9f3eb1612adc8c67622509081e37a |
| SHA512 | c035fc2e9f2298f199ab998079541fb745dafb5a2f0d7b298c1ea96bdcae97b05c7d5325837d388ff243aee7d6e61d2a199ab5e80966b8186129dbcc61f0b897 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 0cc3fb533fd7a8195767123139ebeff3 |
| SHA1 | 29bf7169c4c58bb4b06c07b300688d6e9eb867c2 |
| SHA256 | f42b93713cfa910824a60fdf54a8c2990e3a9d33ab3b2468901db75f35c4ec95 |
| SHA512 | df500e00e621e72baab80f885514b20974e5d55f8ec82a21f50fb9a16043d99f2d9ca1cb5043d9ca04436bd4858faf37082b66b49bf3296a53e8f9af6f973a64 |
C:\Users\Admin\AppData\Local\Temp\Tmp82B6.tmp
| MD5 | 67ada8bfae108c165352bd4af7045018 |
| SHA1 | f159409899afe0a9994eed317f1b8e149fa63c5d |
| SHA256 | 3c6bc9ad887fa91a1f19b6d32535acfb92afab131eeee2ff40a1426b19c43540 |
| SHA512 | fdb89cbc79e207473424bc271e5612ffacef385a1f0655e6361a54e25a02d5248d124d5d924bdcd0e44ab11f481f42c6784303d91947006c169a3f8eb49df7f5 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | ac4676558ec525209ab08d98e82f8380 |
| SHA1 | 923675ab42324ddffbd0cf7600d7de7c726e05e6 |
| SHA256 | 90c5719fc2dd14044dad3206d117f48ca8a8ac96d68ca12438190d5b51bdf7a8 |
| SHA512 | c659c8de53eefe296ccae7d606b093282f39cf530a571d45e13592c390b86688d471370ebe3bdd1d75bbb005901f6d36ba5e5cec6ad41b63d93e36eb1f3a452a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74202966e49cbd6addd56fc55a27b945 |
| SHA1 | 73f0a13c82a38a8c0ff990c2de74e68ce6b72cee |
| SHA256 | 8ed93f7237b7bf0eb530b3539cd3b05c4dea2b8bac284d8e2a4e057a9509e942 |
| SHA512 | 539eaceef038bbcc21b448be77d9077814743d68d2154cc3024ffc3f8260d1905d74c001ebca012e5ee5d3648e4bd6dfd582466b5855ca2c1227fcc5ab48a205 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3509f46195b49f50cfd32b6ffacf131c |
| SHA1 | 9577b9b4c755998f34ded5be86f7910b67f66e23 |
| SHA256 | 101e4360e29c1e44d5be6f67e217363fecb06e60461574e7ce8a8a3efe736c4a |
| SHA512 | 50b0c79ec23c15d44821ef4282e05ac3c01fa786ce3672d26ac588858123aa9abba0c56668e5e65ec22e923f0661832076acb43dd5624d647ce1fd1e07d8d4b6 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | fbd1f98eb017aeeaadb11a545ebc4329 |
| SHA1 | 7a257c9fdf1ad5899f2e544c1f46618292474316 |
| SHA256 | 433b3ec4b6026f3e4dae6d9725954e48565ebe5ac013981c4d5aadfd3cd84f98 |
| SHA512 | 71c23f9e80fc1b785f56c7a2b1c6ba9a87e1b5073bd7070392bd2297dbf08ebe46dcac85140a46bc47e6beb0864e603c13adec997ea188a3b927b2bfba260ed1 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 9431460979378e66631ce4ce446d861f |
| SHA1 | 2e3fc73192d61b0463ff4b5fd0fc2aff95fa0841 |
| SHA256 | 8b9e6ac613b8a01232022d6b69301fc67d6e98c6e2739f91047dad7aa7f2b9fe |
| SHA512 | b3315b87dfe291db5fb9971d7eafa5a04ce8a8d1d0959f5432e6b9583f517b3ffb9ed789f5a0bf7e63e0352e0f79cd640cd538bc2efd3f5d884c4d9207a9bc97 |
C:\Users\Admin\Downloads\Unconfirmed 129881.crdownload
| MD5 | 435b598e7b1faa4fd54cf953d1b6fdae |
| SHA1 | c82a7ce12ec12e8ed1a92e2016b494f3e91d6200 |
| SHA256 | 19d3513c917fd36beae8c1a634bcb1929408130e0ba056a587f711c830a168d5 |
| SHA512 | 6e7f7c4878e09ce14af326eee65762d6fdbf4256cd64fccbf69264bec8884dcd1423fc9ef190512603e98d9556427795e4aa8169d944d989eefd6337d2f1bade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2bcbbfc9694acc98d91c80a11660ae75 |
| SHA1 | ee6ed3ef44d6993afd52de9fb284edfd336e544a |
| SHA256 | 582200e85385435fddb55344c5c1d228e665cab7bc13487f313972aa16554fdb |
| SHA512 | 00611eca3117b5fa340e379d4b571321af78d9c6207721c2590de57fecadaeaab0ba34c8ef4c6c718466f79a01395dee18a704c89309c0e5533548e68d3295dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fa0604a462b30c140d2f7db38eb1e2c |
| SHA1 | 739071020c4f9bc212802066b226a5632ff50836 |
| SHA256 | 69fc826466349e0b30d9c8b81b1c778cb16b28f42e30ddf31feb629849082c85 |
| SHA512 | 17e9c367929c1cf8d2f367734aa8804370db3830927ab4d77333e18fc67eb6c65cd30787845e015c012534b7bba63d62969ada94fc378b4a61f813b38759cd34 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 06db065795c6e773cb465a28965d9be9 |
| SHA1 | b7703e655af5cc4b86387217dbff08801d002194 |
| SHA256 | 04a4a9d824e4111fac6312e87a56cfa59aac174d7dca2920ea1fe85c1de1826d |
| SHA512 | 20e0239ac37026662ac516521a4f7c77eda51d59514ced828d1a4e1ffcbd1267f2bed04af0c840405b3550c335c4c0e3afccdb2ec7feee58e080ef97eae8c3bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d23e45d287def6ddfb96700be8d5d014 |
| SHA1 | c6dfd8a33fb6fc8cbb270221967b66ff66186025 |
| SHA256 | b93c579b9989ff7bdeef92c4effa8e1c43ef4fd49037c4cd48941535d5ef823e |
| SHA512 | 5ee839a1d75f23e6447f2cfa6af8395e30709c54bd0df07a0fd7202ec7a8da8cdd0a03b9f698d0ffee9aebc3bb3645f50a7e13c9919ba85298bde75bf07ae7e1 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 03dff302822b54840f08e132d503e997 |
| SHA1 | ceefa070bcbbb89c3d4aa9623b70a7af33591429 |
| SHA256 | c357c185407d06835ac2c4d59cccb1b7bc018aa55f610960a74ddda8b61c56bb |
| SHA512 | 05358a63b907b71fd3c3bc892d4d462d915de67eea419d451b1a8ab839341a65cdd09dd882ae6a36e1dddfd9cef2d76ec88000c652baf000c2d7cb9ebfda554c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 48d17b224cce2411d8019a16001e34e8 |
| SHA1 | a49b26f6874488e4530c89a3774f62f50aa8b612 |
| SHA256 | fd5ad104c3637589cb4d931d98c4f14e13b6a7502c8389f2403bd046a81b9263 |
| SHA512 | a35f4b3b1a6e95a9b878806c94bc8789e61280ab0445512bed2de3976eadad6336bc070a0ee676b27b3ac9d49585c7cb6ba5d2e5c8c04839454690e4b29cdde8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ed6ee7d945da20bf3e0a6755293219c0 |
| SHA1 | 58cca0e32b13d46435e8f10be7d52e04946a281c |
| SHA256 | 3775a1dfd1d7c0f9e2170df6d901c64918338c93e2468475e8d103b02491df1e |
| SHA512 | d27eec09a5f125d9daa722a07e5cc80597c97a4231d90a7debcf5d3ab6a4a19f9190a1005946d642b3e8bce11e38080e221d0a70da8da99f92ddf944466b346e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1079cb57643f3ac077ba1d993a2653e9 |
| SHA1 | f5f594e90dc1cb21cf70dd70ad73c5d17ba4c7aa |
| SHA256 | 7dd6779ea61e4eaa9edb6bbfa8326e120d90863f58e03fb27bfdc979e6ba0077 |
| SHA512 | 29295dfd7a44748e57b144de7c800a70968798461fe1e93ac23fcc94be456748b7e5ffc5e9ccb635072db445ee754db93ffa7ca98fcaec6fa28fc62f5f6a1f55 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 9e93607fac0b97dfeb2a9debf6d3d340 |
| SHA1 | 3a8ff0930dafb20a8b3afb871891a1fb4abc4861 |
| SHA256 | 0131137d3e56b1636e4adcd2cb4b6d3b7a5bb24057124e818fb35b33c79710ff |
| SHA512 | e4ed6df0d111f416de87c97ec17e89f0067bc5d92306624252e1b51ed2cab55826ce6f18457e650f5157c1baca9a91b60858835355834df0ab3f9fb6d1fd7bbd |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | 0655e2eda778673ef459fecb45d23208 |
| SHA1 | c3db7008dad7355ff28d64c0b5ac33672807221b |
| SHA256 | d8a548805b05a6588cb0ed245ef9a9fe2b918e95d4f6d1f457e9a3f14c67543a |
| SHA512 | 957fe92e4ed582affd376a5e0101559b6ad8b8e686a4bedea1c1c4eb49c5ebb55ec6cbef7a82bcf62f3239fdbbafc1f7030ad26ec1d8600fd38152e3cf623ed8 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | a97b2d584ec2310385665a5c49154032 |
| SHA1 | a668b62f6560bbbf904a9ca99dc1acabc0f1bf81 |
| SHA256 | fe253ce1498e9818893d2de367f23d38dd702e22f68f5a9d4dcb300497b88fc7 |
| SHA512 | 56c957695570970f5552773f95661e655d12aceba13ddcb7d5c6ff97ddc419b5aed0eb55adfe161379e27506de7450577eb8152d43d698ee16f8deb8e78b49ec |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\7z.dll
| MD5 | 3430e2544637cebf8ba1f509ed5a27b1 |
| SHA1 | 7e5bd7af223436081601413fb501b8bd20b67a1e |
| SHA256 | bb01c6fbb29590d6d144a9038c2a7736d6925a6dbd31889538af033e03e4f5fa |
| SHA512 | 91c4eb3d341a8b30594ee4c08a638c3fb7f3a05248b459bcf07ca9f4c2a185959313a68741bdcec1d76014009875fa7cbfa47217fb45d57df3b9b1c580bc889d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2b7a411fae6dd982361a277bb877df77 |
| SHA1 | a5884881ae33324177758a6865703f046bbbdc27 |
| SHA256 | 115d3c37e362843b3cf033331bdb6d7a641b48ac988fae6810624dbb9029d757 |
| SHA512 | 25ccfe99b22e0595c6110883295f038406beb5176fa0c63d2668114a0453419cee3310cd48ce8056ea11cb57848e6fdf080abc0bb0a1b5953ebc75b29abd9920 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.33\mscordaccore.dll
| MD5 | 0377b6eb6be497cdf761b7e658637263 |
| SHA1 | b8a1e82a3cb7ca0642c6b66869ee92ce90465b2a |
| SHA256 | 4b7247323c45262bbb77f0ef55c177a2211040fa77d410513a667488bf1bc882 |
| SHA512 | ff3f6f6d1535e7aab448590fdbdf60d37e64e00d4081853f201c0103d7b7918f388db5469774f32af211e0990bc103bc9ff3708fa44efd868aa312c76ea65600 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 63397e8f4bf4d60855e379e9b8e082ab |
| SHA1 | 8c992a29c5c37834c8420604b24b4ce79e2b9517 |
| SHA256 | e12bd60c576d476baae2e6aa9971b794638716d060a32f5060ded3ea241f7f8f |
| SHA512 | d82564f65f095df6c533d0a19cd39e390456ec46754d20ad94a4d0a761e266c93dd661c8dfc01c9a2cd4b602617e8527f20a968a0e875346f421b11f906346a6 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\servicepkg\MBAMService.exe
| MD5 | 69186998f66f291690f40c3e4e3b9832 |
| SHA1 | 22ea0106cd46bf4ec55dba7bc674f915017151e0 |
| SHA256 | bb088058ee2d51b7d5b146bc8d29463c2e25cdbccbc108763cd0f5f7f4eeeac9 |
| SHA512 | 56bb14ac7ec4d54940efb874e922d5acf7517fdb42179c6f188c0268a646ddbea857ee33435ce43fc851593d135a3e9f222c6d4d9b0f4db17192ad0984952b31 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json
| MD5 | d94cf983fba9ab1bb8a6cb3ad4a48f50 |
| SHA1 | 04855d8b7a76b7ec74633043ef9986d4500ca63c |
| SHA256 | 1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a |
| SHA512 | 09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\dbclspkg\MBAMCoreV5.dll
| MD5 | 5e84b24b7d4e5d5a161074da559a1b49 |
| SHA1 | c5dea018ff9ce1c9a3e0cc90d1363fff57ab10f4 |
| SHA256 | b1fdd023dd927099a2991b44f17cf2845cd70e7869c3bdb95fca52424d9a6eb1 |
| SHA512 | f962b0022e544dffb722456409e90b3046df07262f7a493188f6e17b26fd8ed16363acb89729615a01361fceea792ad640e51606443a007653c1f269aa805774 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | 91ae66a8d2f09adcfbb1e0dc66b80478 |
| SHA1 | 3fd6c4c0c05d20dca3c9e948febd93b215ee2eba |
| SHA256 | 903a82ae359f8872d54b73028eda294653ccd2d1810a2c9786456025d10e0b77 |
| SHA512 | f1bb9f991e01c2673b37249f9aec8fb9302c88f506b7ca94a198aeddbea22f3e688abfdca50952ae99de8826f39d5394e14523ef395d95cac9d7ea1a552c8385 |
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
| MD5 | e23fa7f3048a66d3e026c7548b947c17 |
| SHA1 | 2f5a4eb5c1ca2ae25720161990b0c4ad45688c5b |
| SHA256 | 2f4f62af11a4b3a93c608cf0341807e52e1ec24ff7e415e1c9688b3fa2791444 |
| SHA512 | 769efdb81be395b0ea3bd7f9aa2570de897885218af790070fd5b5dd250f9e2dc9944a26c397ab7e2da6e6d5d534606bf5b41073bc1b741f9e4cf396b0ddd62a |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | 5c69331fcdd5bb9d1075c72de0090e83 |
| SHA1 | c0d0282e72821f16c3423a69696646a226475b81 |
| SHA256 | 3b5abd48bd8c05ec9418ca229378a7d95416022a7aaa0d83fc610a6af57ad0a5 |
| SHA512 | 164f6fd10c074e75d8c1a664e7ed04b38e06259f61212c3cdb97aef7e9166a48d77632598f9b22e329ebeddcfae40ef633ca4de82e80a52a9941f2b6fc3a10c4 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | 6bc57437d8409064b4ecab41f5443dff |
| SHA1 | de27e2b8f490d65b61395558ea7c6985b315324d |
| SHA256 | 67267f589fcd41cfb07bc9bf8e1e220e0fec4bdba34f553945506b8c3b261616 |
| SHA512 | 2952ccc901ba76f9540c3ac282d7abb274aba1512174b18873a1b1a7fe70e08a57eb37b46f7bf2e503b575e06f0dceba161af476122a4f00dc91f07b3d0e72e7 |
C:\Windows\Temp\MBInstallTempe68cecf794ac11efbca9caf61997b0b0\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 4881ec4dfd1d5cbed3f1fef15b003045 |
| SHA1 | c130c442a71bf422b98e2716434843fca88ed46b |
| SHA256 | 7160afe7c1ff9fcb3322406fda8ae6f5827741a84da7f414c3fc5b53a1cd5781 |
| SHA512 | 73fb00a7991b37cc85944e36e4e81efe7a50cae583b3b73915bb18b643f6712d669eec2b59342dccda9ff95f32334ec6c9acfca36c7dfbdc2810b8ec2bca68fc |
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
| MD5 | 46f875f1fe3d6063b390e3a170c90e50 |
| SHA1 | 62b901749a6e3964040f9af5ddb9a684936f6c30 |
| SHA256 | 1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec |
| SHA512 | fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | e668bdc475069b7990f5dfbdba3921d1 |
| SHA1 | 404bce1870fe64a48551d790c2d03d770278af18 |
| SHA256 | b267f2511d11e4ec8cb294bae8c236f4bb4a164ccd1a3c70e55bb1fda75570a9 |
| SHA512 | e0364eb0efd44ac75aa626ab200cd4e562f8826aa95fd906f066946eab05052fdc9e932444b6104e55a988522248eed7cd3582eea92370b729a5b70f946d804d |
C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf
| MD5 | 5d1917024b228efbeab3c696e663873e |
| SHA1 | cec5e88c2481d323ec366c18024d61a117f01b21 |
| SHA256 | 4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8 |
| SHA512 | 14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a |
C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\mbtun.cat
| MD5 | 8abff1fbf08d70c1681a9b20384dbbf9 |
| SHA1 | c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6 |
| SHA256 | 9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658 |
| SHA512 | 37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f |
C:\Windows\System32\DriverStore\Temp\{8f740d9e-ea97-cb41-8721-19613bb82bd3}\mbtun.sys
| MD5 | 83d4fba999eb8b34047c38fabef60243 |
| SHA1 | 25731b57e9968282610f337bc6d769aa26af4938 |
| SHA256 | 6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c |
| SHA512 | 47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | a9e1299b984d25c878fc28635c1ff0bf |
| SHA1 | adf5a6007291c13840a8a76434619e0f4f0e9b91 |
| SHA256 | 18d99a7a2913ceda9836197377a98b5f3fc09277e5012336dc82ee80b8ecbb5e |
| SHA512 | d7bc38778be6efec546ab3ae745bf268e99c7294f25cd3350525b515fc564811e77dc4248dbacd006c0ee21955114b49d46bd1c714e0e838c8eaf57cf47714a3 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | ac305892ac51c713a27356680ed4aa48 |
| SHA1 | 64942155da098c6b928eff92e5e7bacd29cd42fe |
| SHA256 | e9bf110530c8ce8059eafaef824509a7f5bef91f7395fec5c2567f2ffbb7cccc |
| SHA512 | 9b543e63e8843286472cb4929c16d5a1ecb513c2a1e7b9484b160d1d54478c281241bbe4c05b7ec484bd0149e5372449818c51942e28ee64a461f0ae1caaf538 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 62b720eeca3c8b1809f7bc2dc6683607 |
| SHA1 | 3a4c72456a9b8de8c6ec3d731e155e5ba0c3b980 |
| SHA256 | 6fbcc54c2e9c26a2053ba772673ec3e711502afe9598de4b6f865bd85b474848 |
| SHA512 | a4adc4377f7a1ff4ac8d28f8124a59be7accf549c83f592bfd357a64ffc8ba58b7ffdabeb005110fe32a1c75499de303cea9d1bf2eae7f97a16b86a366598eba |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | 40138b220d514d867b7788c065097ace |
| SHA1 | 80ae9cd612a6672fec7c7032b4bd5332b420bf51 |
| SHA256 | fa3d5f1ed01cbfd8f11e938663b7f203ce467e1b08c736144f0021409fa8b176 |
| SHA512 | 61e884abcf2dfae9af5786cbde19ffbc5906420ca8a8b588f83f71050dc826883e09f03a20769e20cecfd5ff2739a6b54d592405c34316b2a2ba3db8748b619a |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | 6fc1aa9991e1368b84b44ed523798b75 |
| SHA1 | 921fea9691e268d058357d4240170698e57bab11 |
| SHA256 | e4ebaa769d93a7df9ff3add74c0576bd97f0ba9d5b744d5491e9d53bf78f8542 |
| SHA512 | 09c850a60754c766fe6e22eceddcc6a2453f7cd9418bf39ecb61b1714b9912ce2616d45515ffa8b6f5ffdd1d6f101a6349288313c42fd45882d843aa235eec8f |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | e301f2eedd81d91844c4b15177e90c75 |
| SHA1 | b297fb035fc9e99687e42e9b106fc0b00a80410c |
| SHA256 | f3c4d96068e8ad15a7e9ac161fb688188d0998eb8411df9f0d86cc1aacc5d1ea |
| SHA512 | 14f22297a7065f530240f1c5519fafe29b97c7e4b9c31907eb0305d77abaaa2d201f62a4323bddcf093fc00bcae5eaf8d82840bf561bbc419fb2569c962678e9 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 1a53ea9c3608f027a2c2e3986d5d7ff5 |
| SHA1 | c656bc6ee1f55a8ee7dc62aba6aa32072f753717 |
| SHA256 | cadda71e68248a68addbad0b0d0d484ca12bd9aaad835c0dde8fbfdc58f8a95a |
| SHA512 | 3313dd1ffa6032bef770af32d2d2d6bdb4738ff2b1c22dae4b5ce47fc567b10a2388590d46d0e8ced8781a3bbc871bc53329ebdcdc39601bc5f3fef61c293874 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | e0927b7f9d7ddb05b42d4c3a92a84b2b |
| SHA1 | 9eba48b05c82a5ea85b3112155658e9c80306cb8 |
| SHA256 | c4bc3023594b45d29cf9310fd8ab444c0d02fcc5127b96ea424b97f5eeabe166 |
| SHA512 | 7756c3d08405026a65430deb8298b5621a1f91f6dfebe70f0054034da56bbc5915b6630e3b26580cca0ace73e41f407a8d29fa62a5e34b63a9693cf2dee69176 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | ba71c42253a1daa5ba171ae90118156c |
| SHA1 | 06982a319888f0128be84ac6ed12751bd4222aae |
| SHA256 | 330c8c8848c2347afa7bf2c5f4dad03119883997ce0841da36b40c2d26c25a56 |
| SHA512 | 7229dfda52945275cdbd2f09df050b0da5c7cf18d2864b87bec9d2bc1978e9ef0167094085029d29b730ea8cd27846c17b6cc0a4fe255c0384267c0a3a967573 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 7a8fd7f98ae707bfeb39e1cfad316ed2 |
| SHA1 | 41c8eebd29490fa0c1f15c42a8420e24d2b064a0 |
| SHA256 | c14c6451788eade1a9d1f0b368a90f4a0738d0625c34bcb8de210b98b0b9360a |
| SHA512 | b3ab4a0e994038dd897f802f3c8ad3c0502e651f9730b3472aab8c2d2c672bb86083e9320eecabbd3347a7f350de4ce0ef5725659f05c5574b6be777e24d387c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | 71fee8336d19f0d5be6f0f33b76e03ab |
| SHA1 | 58c5f158909bfc4dcf5384bd48f302ad36725e86 |
| SHA256 | df3d372fe7770984dad988b9b24347a11326c521423d9e265c097c992e85c24e |
| SHA512 | cdc81179d8d8d63439d1a066459c40ee33920f646f1dedf73c5626eaaa9a5af3e8eaf8fd1c9bb6ed53d007831b48561f2d1f35a04e2e834ee2c85ae56b5c04e6 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | 16a6aad848aca7c684b68f94916089ff |
| SHA1 | dc3a936948599dab48b7c27c979a4bb69e8c975b |
| SHA256 | 99becb68768c0370ca8f49fec4e1e6bd8fcc9981d928ecab27bee1ba24dd691d |
| SHA512 | d27236da41122881e29e16b257807639c1c74c1bb243684c7411ffd25f54edf093e9caa1e38052a9e665039fef579adde4080bcee816e7b3d571930006f4f508 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | 995174301f78f82ae249e0ca88ab3580 |
| SHA1 | 9243e263e4ed877eca7fada22f57806ef0517ce7 |
| SHA256 | 62bfcd9b875621912a572abf99b8203bb5ea93aa42168d44dbe546cf15229d2b |
| SHA512 | 97d71741c718a2d344affef21628c380337ce05cf2f37392e6c6e3e696e44810d1f7eb07eab8849fd2a0125acdb4ad08f72cec41744c4948806c28230aaa5932 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 956b145931bec84ebc422b5d1d333c49 |
| SHA1 | 9264cc2ae8c856f84f1d0888f67aea01cdc3e056 |
| SHA256 | c726b443321a75311e22b53417556d60aa479bbd11deb2308f38b5ad6542d8d3 |
| SHA512 | fb9632e708cdae81f4b8c0e39fed2309ef810ca3e7e1045cf51e358d7fdb5f77d4888e95bdd627bfa525a8014f4bd6e1fbc74a7d50e6a91a970021bf1491c57c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | f802ae578c7837e45a8bbdca7e957496 |
| SHA1 | 38754970ba2ef287b6fdf79827795b947a9b6b4d |
| SHA256 | 5582e488d79a39cb9309ae47a5aa5ecc5a1ea0c238b2b2d06c86232d6ce5547b |
| SHA512 | 9b097abeafe0d59ed9650f18e877b408eda63c7ec7c28741498f142b10000b2ea5d5f393361886ba98359169195f2aceeee45ff752aa3c334d0b0cc8b6811395 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | 73d9e090df8c59ed78a9cc5cecb8c31d |
| SHA1 | ea0ea996ebd1023b4d3aadff5ba8704ec798d36d |
| SHA256 | 85becbc1c5111fbac7634a0d92fe5471c937b6859e39286ddff8a47e60ed4fe2 |
| SHA512 | 2607f3e2336da6b45bd223ec0324555034bfbfb30bee1a01ad482b791fa429b7a2fb9c2f1a4956657e3fd7b6b1c89bb9b0174b300c457e46ed50cc2d4ca44d27 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | 7b4d691ffaeda2587e35fb86935a6de1 |
| SHA1 | c73cf4c2c1999b4a163fa6d27b517a765c8389d2 |
| SHA256 | 602b9eb9bd977d10cc79416d58c6658286f4ea213a1c72ff533b2fe0ff49a5af |
| SHA512 | 841c6c1a24e12a5e1a50c441a2f53f0f29aac658d61010a456e837cc5200306ed975fce5c5bc8f1ff0ade6662af49f95d9a2674bdd6f48e9056c9c957dc34968 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | de80d1d2eea188b5d91173ad89c619cd |
| SHA1 | 97db4df41d09b4c5cdc50069b896445e91ae0010 |
| SHA256 | 2b68990875509200b2cf5df9f6bdfcda21516e629cab58951aac3be6a1dd470c |
| SHA512 | 7a8f5f83552dbff21be515c66c66f72753305160606c22b9d8a552ab02943a2c4e371d17dce833020d2779c6d9fe184a1e9ef3d1b8285c77aeb17b2bba154b3f |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | e27ba937917dd70eb794ff6441db73f2 |
| SHA1 | 2aa4fa05a3e83678add2ffdad2f741515ac1b250 |
| SHA256 | 7f5c6da5f102a6639dd42b3b3eac3c1b534abeaa8966f93938cad8d21f8f1e3e |
| SHA512 | e303ecaf6fde29389dd6539b7a398c33a46250db62544bb82b9a15b45db59aae93ad400f265b6c9abecd0def56133f9653fe68a26d96381b291d5ce0a10afdec |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | 46bf4292e3a41a9fe2fbfcb8e486b096 |
| SHA1 | 418372a1a1bca14fbecf49aa95332133fb3c34d6 |
| SHA256 | 532b713773e92428a41f6066872a1a12828be9d37eb06df97352d79757d6bb48 |
| SHA512 | 4a1bb164d11cdce4daa82cc9f98bebf72da2e80ac2caf94874e7f920d4e61ff95a96d5d89e4a4b567c2fe605d00faccfda453a8ce41631daf056677d07d1bda4 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | 7ff716c5160fb16ab6ebf01aa4dc05c4 |
| SHA1 | ed5687d8622aa9b3c9342c90dcc5309dd548a165 |
| SHA256 | 27685b33df1370742ae5774a9626e0c6457f0d80ea32c5499b7655c02108719e |
| SHA512 | c32046cdd8c8e0a06cf6334e91cc4779c765dcea027d7056c4136ec017c5e5d3708ab1f2fea70b13c1cf9da01e10f1828a5cf3585beb93983c86ff23d1b0a01d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | 9b06f10d63063d4d2a811d45b84bd167 |
| SHA1 | 17ecae4ae772f4dfa597e872838a313cadd859b1 |
| SHA256 | 49337535d06983c8098ccdb483a58a45a0dedd7759ddc8944a570107b5029f24 |
| SHA512 | 4985acfd20d4b8823eeb9e2cbb0c6919b00756b81d48fb89d899132641ca6d816188a605ea5f9de134eb3579b484ebe2754e2106f8407572f59fb2def1b006fe |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | e1395dc221129d7ecc7e3c46a7c73184 |
| SHA1 | e2a66d6284ea04579078b99e7bde6d43c4d28419 |
| SHA256 | 162200ccc86774690a7b585e38f180060c32c620aa3af7a859d0ad7b2974e936 |
| SHA512 | 269a74872b94425186b58bdba63b1b4a3452b9f06b7d93769332979f79165de8231aeb034475af14b722162afe72c4cfce2a5d2f61e1fc0e232af74da796a190 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | df9371eae3ca5ebb0121bfaec6b7ffc3 |
| SHA1 | f64db2a1f14afb944a6b7e472e599b7d2b2575db |
| SHA256 | a932b0d3ed0e0da8d935e5d0f875b5cb3743fce43307937c0d0835b95097d71c |
| SHA512 | df148ee1147fb4b1729e60e879f7486cdb8357113fa0e7b39dcd52172c4fa8598832426565557ef6239752294e1be3c69cbee1a6678bd042d26112e706bbbb8e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 0ece2b6abfc8f3530378ad0a1b84fa19 |
| SHA1 | f3a5c036ae0fb1d097b1150b7162a989c7c28b06 |
| SHA256 | 82d469f5b241935b853fa1ffeb502359269ff1b15687ff3a3f735f3099fc431a |
| SHA512 | 354c4c34979a791cf50ba1b261121da98b52c50f78443d416ed2a435bca9e83964c0423f11be532731d64ddb8bc09985407dee94114d9fb80308998eed33e7a9 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 7c8424d8f3c5c42e3add96cefd410095 |
| SHA1 | 91bdf31c57abb3f89e03cabe8ad10efd9031b046 |
| SHA256 | 394c4f66b81f1ea5bc8712989f86d34e3912b30a4e46dcbbd8d2bf67905ddddc |
| SHA512 | a9d9cac366f7b399b88ba20e77089f6f31aca93da301d79374dd20be233874a61a86f2d9dab55c2d2436f974c81d981c555f5a2e20d7a132c72ed0ea54ee3dbc |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | a14391cb35c18f20cb56d5ea5b1f8f7c |
| SHA1 | 92cfb8889c6374bdabff0386c0a908448543edad |
| SHA256 | 024ac574e353119c5b1f7afe9a32230df28f5fc029d1d58c9049aef77b0e9125 |
| SHA512 | 49615ca7e4a78be62ea3d19045840c0043e45034a2ca5ac1b2dd7813c3c686988f4cfe8bd388b3e31620336b51ca76612c5a2bd048e505db324f133ce1c3bab1 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | efedee2a3582ea5555aa78c3a7122ab5 |
| SHA1 | f8ac3c8a05c5f304d38c9ca1daf7eb5026f41ba5 |
| SHA256 | 2ea4c650441294043139f66ba4d18af1ced8624bf689eb47e30a7555b0a9ef57 |
| SHA512 | 47b05a3633218c58b21658d9677993c48f37fa65564ec674f2e4e7038d5b3caf16163d905a33f1eb6ea396472ae5bb977abffc888aa232941c053dd6def1b2eb |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b38258d9b6b8cc4c80021057e82262a2 |
| SHA1 | a4abe9fbd0c80d53caced361af7d90af0d225c14 |
| SHA256 | 88c7e7bca8e9edb0c95ef6c2da47e820bb94d80da12383f63d2bc4ca18c84941 |
| SHA512 | 225a9a94073a81ec4fc90da25cc2254baed7a2c0c2cc87335b1104ea1e54b161a6229187ad8fd3803f57f59d61901e284d0b3e3943d77cf1530ca412867db8cf |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | aba4aa3081a09e9ac4b15daf5618b676 |
| SHA1 | bc5f7fab0d50ad00810b7de4c02c8ee73d4fde8a |
| SHA256 | b16ae0427d372a54bb663011a8692e2ef4895b508adbcbc046ac0f79a301362f |
| SHA512 | 26d3a5951ed5e2f64cfb56f2ab7627932b9639dfc47b01d926ffc9e66cc829404d4b21e16472db9cbf448a82ee0c9b0f44d34f92e429aab7b5bb8e1ffcb3a83c |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.sys
| MD5 | 246a1d7980f7d45c2456574ec3f32cbe |
| SHA1 | c5fad4598c3698fdaa4aa42a74fb8fa170ffe413 |
| SHA256 | 45948a1715f0420c66a22518a1a45a0f20463b342ce05d36c18b8c53b4d78147 |
| SHA512 | 265e6da7c9eede8ea61f204b3524893cf9bd1ed11b338eb95c4a841428927cccbed02b7d8757a4153ce02863e8be830ea744981f800351b1e383e71ddaad36ad |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.inf
| MD5 | d87c2f68057611e687bdb8cc6ebea5b8 |
| SHA1 | 27b1311d3b199e4c22772fa1b7ea556805775d37 |
| SHA256 | ff93773f55bf4a6a0242adf82276a8c95c0b244b9bc05e515c4e810c81a960e8 |
| SHA512 | 4aa65b8911d8a2a0f9ef0ee6e934b94db0a9ad4c2ec543b5edcf21486be43f6ab1fda6617ea2cbb85eff230628c9fa8e7649da915d6de695803b28e55bef5819 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.cat
| MD5 | ddb20ff5524a3a22a0eb1f3e863991a7 |
| SHA1 | 260fbc1f268d426d46f3629e250c2afd0518ed24 |
| SHA256 | 5fc1d0838af2d7f4030e160f6a548b10bf5ca03ea60ec55a09a9adbbb056639a |
| SHA512 | 7c6970e35395663f97e96d5bf7639a082e111fa368f22000d649da7a9c81c285ee84b6cf63a4fccb0990e5586e70e1b9efc15cf5e4d40946736ca51ec256e953 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c674468c1b74e69a6d5d1e23a78e79ac |
| SHA1 | 1a8cbb88a835f2d5ea2344c2c8f2891238c82d98 |
| SHA256 | caf71cc19801b349e05d9bcdda5d0b4d3480d14d7c6fc6f789e38ab23df699a4 |
| SHA512 | 47f051229dc4db7bc9f6f49f152e1ba4f75873514dbf6398828fc00de72eb8e418db0a32cad9b07f25b6255bbbf19eb65f78d9d0b06b2366a0b826d7ceb3da17 |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | 232cc852ef006958dc4726ff73058572 |
| SHA1 | 1d3eb49f8f3ef548e57963779bf72b92c79db3d5 |
| SHA256 | 88c57020a9f6a52c0d91191a548995f8dcd1bbee9f4c0f641b28a9ab8b6d4178 |
| SHA512 | c3bdaaee9ac2e868d22e652f7f618325d857e4ec444186fd203dbefb23928f778afdc0e6ad90406b3a05475a42db83636f0aab6035c18b3fc90da93e33a40183 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 58a746c41c3c15832f43103d3c1d2e31 |
| SHA1 | 45133263a4376d6ac244c4b0aae417314a677c70 |
| SHA256 | 2ae7204f4d3a8590c98383c0c920e33c923bbc19308996f7017b36c50dff693a |
| SHA512 | 7d5085c3fa810923c294683d3b0b55652d6ba9931fb16ccb59bd0accf4d2a496ee5191522f67760661f814a443857c4e6b9712080abcf6fbd030df2debcd40e5 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | c85697ddbab6e646f301b820271278c1 |
| SHA1 | 6df5778d21d629393021f003bb08d310d6a64cb1 |
| SHA256 | 837b827106feedfb40446d633d0e00ed5ec9512785bcba9285c6a5c7e4264d0e |
| SHA512 | 71838548deb0dbd0c2ce4d025e9d4d56f1aace5b3a6aa8e0cc88b8805b645a3b1b689de2a183f725b60be52ff3b20fe59ca107b781bda4c735a629b3412e3737 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 5acdf9980f01fc050c1bbc4c00e590bf |
| SHA1 | 7479da0437999ddf48a66ccd76298bf9980db8ee |
| SHA256 | 4d032f38c796388a1a23c4e9b1efbe1e7aaabeb8ec6f2f7ff1747dcf2591c073 |
| SHA512 | 96c82980ab0ec625e89fcc3fc879d616c784f9a923b2c6fb942c3b03a8830182052972d96bdd3360d18067cd0351275451c75dfdb14174e07fe0458a3fb94778 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 10c218a08fc14c818acbceee2d5507c7 |
| SHA1 | ad513f45cdacc51c4abeb887a340ecba700b89d7 |
| SHA256 | 40960660f1fe37b84a73131128efe2983fd2c79baccf2273a17b3dd2584f2a06 |
| SHA512 | a4290f25965cdc4826ef404e0d567c311df14e14b6bd06741c5708f1ee35c3c9684da96ca9c2faeefbe506b90507d86ab0fe84316fcec152e1d863e9e0ed812f |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | b80d114032d61f88912b1c5a182604bb |
| SHA1 | 16892c3f3e2368e5fee8a72b42c5cbe17ccae7b9 |
| SHA256 | b1b31d7b391ace153dd6f257a8ec8b72c01619e4dcc25a787f3ee7790eadf46b |
| SHA512 | c12c318bf21aed5a94605af2da907dbe9788f341cfb4dd2d807a30b031d4a4de7f88b01d1877de67b42f4fff1e81637ef8ea44fcd6bffdd22bf014f2010b806e |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | b5cdac46c76a2124989b8d9ea50671b9 |
| SHA1 | b9008fba1d59b2331a0eff85755ff2ce633e3f4a |
| SHA256 | 9b8e845930cbb88d86146eee5a4a68e99dc961c4414a62a0b65f194f91111568 |
| SHA512 | 75fa010bab232a3f2160decd8a14ffb6af91cd3f8006e7c4114cc119a402413e167773d753a168b049ca3e233e8ada8b048b33a63831cff49712465edfacd4ad |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 92cc08ddc1553aef474f6d65710b9df3 |
| SHA1 | cb4fbebf5c07c45e54a9f060007f5633ee5f4738 |
| SHA256 | b5961fb1450d90890363da03bd3c09207f9f70f52eedadf74af2b705e7ff3f05 |
| SHA512 | 5160e7a5042f8d037c4389cfc65c28392ecea55729c02ae9a7618f4a980c2ae39fd71fa6c67f13035afff70469f3316f846e4ae24295b94a1d74cca2b180c70a |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | e3575e20038afe2d80b7407bc35e3ce0 |
| SHA1 | 9ebcbdf1d89e97bb842fdaa96b41cd1cb7dce6d3 |
| SHA256 | 80e22df23509393f054eba669a6fe9417ebe93617d5a6e93afb5bfdcefbd2ae7 |
| SHA512 | 2bc5d364655710a781595d6f5a126ca6580d3e5fdef224fda7cf95e17bdf8553c6f404409ed115764a24acc7fc6bce4b1c1d2d0fcd6c3b0f8eba5a335b20a545 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 45992e6eae8494519e3693f13400eb28 |
| SHA1 | a23e355de1870dc482e124b50f77d5dc722a9889 |
| SHA256 | 879321636a217e6cebfdec7b5ce22a4b415e6fbb9d585c6c9ccbd9640b4bf8bb |
| SHA512 | 54fee2c0cc6e1a9809a0efa030317e97ec2f5bb2f2c34a6a9b4dadaf6bd90f88b465c9beb349b8252e93576fe4ef18e8f1ef1dd067b7992298c4cd19dc539e97 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 1adfedf32662ef984d5d78c2bba9bc51 |
| SHA1 | d5779dc0c921e352c4fb93b3315947edb879882c |
| SHA256 | 25a42bff897b0a77c5735d21687754979785f1b241ddcda7eba7b796824425ef |
| SHA512 | d5add175bd08c1cd932f5865a9d6f28c438a3aac6a62b597eec82c6cc00354b060552e7ff61c2f688ae4ef743f0605294533bbbe9f20c65add90090b07f8edb1 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | e2342eba6b4c7b0149c1e9c54fd2222a |
| SHA1 | d8dc38cca5a82870c65947dcdc60e256a17fca0b |
| SHA256 | 1212f3ef386d6e071a5f22551e114fa8aa3405f61d05af1474f49f91d3934640 |
| SHA512 | 1d8050986c74f3e433c65c84176c3a27d3e38b3a5cad47b77609e647dee7456e262d96804e75926179fd03132c597cfc4f95868c929215d644863866ee30ba89 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | d9f5077af338f0ced0812314829391b4 |
| SHA1 | 12f2006975791c0d4a70c459309a1db772653439 |
| SHA256 | 7ab6722a63767c0d0b5cbcdd50e85b355ad6a62e04eda7df6b2484ac7542accb |
| SHA512 | 37ca481302644f9ad5c0a3ced36b379cb75a3136a9568e0f0283431bee4f4818b3057fb1fdfed9f779f2ea430034dd4d63515933ce064b7dc08588f163781051 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json
| MD5 | 2cda2548a96eb7bcf7719db63e48aea4 |
| SHA1 | 7adc0b5ad82dc9b6e9f55c36e5e920c4d0cdfc9e |
| SHA256 | 2a6359bb4e5e19f28580d7769b3c6ec442606f2bdcf88d126f0ccf3b558f37a1 |
| SHA512 | 568279183bc1f88b8c4df233f4ed8d6b673567a442e524e0e928d64a2987da24d69af702664fee225868baae5376a4ef23235fb854be9bd3073210527cfc855a |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | fff97d87aeab43984fd661b2001dab2b |
| SHA1 | 95a7d1c9267eeb21d8f7b65eb6c6052ae60c4049 |
| SHA256 | 00633d3f24d1d6062609929363438d80298318f443a3f806c46f55ad779e5f51 |
| SHA512 | 3b3cc1d0d3fca1f7389c596205cd008c22d1cec578fd163139536fedf9aff26574c1168e991226d014b85950100f97dca155a6fb9ed93028ee3399e4cdb40b26 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | 90fb8712a2347a6392470e4e10369614 |
| SHA1 | 03503a1c83def1e3018bd29a5ac8ed15082074ff |
| SHA256 | e7307778c1870d9ca3d37f80dd49bb39ad586adef3915ac1a1e0b88f32f5751a |
| SHA512 | db8d53c270f52f0dbdc9b70bc3601f637597449c8db15e0fff80ed72ff7cfdff1d460b672a88f38a1d5ce59932e71bfc438e52dc6e22c8174557b65c28da9e97 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | a95ff3f8e62aadc8fa456649ef64abb2 |
| SHA1 | a233782a24fc8d18ba22d9e91f71490ed2778c23 |
| SHA256 | f2b38b61247ad1c40d19abfc5c2d6681cb0b2eddde6432268e1989cb299fa013 |
| SHA512 | 7869ceef47d5d97d22bf4283403dc10c1605694199368ecdab72de71fcdd25d0954bb74ce84c195bcb4fcd0d1d3e20cb0ce0e499c669422f1fedcc241e5f965d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 83b304c07ebf9b2fc1dbac5b3e2840be |
| SHA1 | e67c2a1205d3a2908bc0ed95f2f920005b8d1560 |
| SHA256 | ad0e09fce96d9a2fd845514d81c735a0cd91b7994990cfea23c38811f889d341 |
| SHA512 | bf49c1d595debb6dd9445d85d5b983e698ee79102d6fa6deb8227080f1acb7830efaa5e02aa6b4d67dc61d5aa17a59c77044bde74f8f066325d3d66d228ba259 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c852c54a9c8f86883103316cc23d9cb2 |
| SHA1 | d667f6a942b94aaaf12389435fecb4c61e21528f |
| SHA256 | 070caefde26425106288938bb2872448c98940b11b6687c96b92a69837ba6426 |
| SHA512 | d7cf711e552fa7985c5a847cd2fadff8e787d2c7d92a27a5130ea02d91007629de49e24db3d9af1b0168fab60dd83ae00b1841c70e710fe4f75bd934605a5ccb |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | 5a9717e1385703e8f06b27aa10a69e87 |
| SHA1 | 84ee67a9167b5eb6560711b9871de98898ad07a5 |
| SHA256 | 47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4 |
| SHA512 | dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 355347a81fd2ac2e10fa7780743683b5 |
| SHA1 | 9c56cb229a882d07666bca4dfd75e5a26f4ce7cc |
| SHA256 | b76c1d3d3b05d53082fd615214d14d6da55cb5455ca0ec4869c15e5af88983de |
| SHA512 | e9839ac8ccc4168a0e743d1b47aac4b4a37a80c24a13b35c9a258db818544809b92d1cbc624381eab8bb4f47360e3ed2ac68933c26858992de5b1c6a0cc20863 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 7a1e7c2b8ec1f77c6cad92e4c19e68f8 |
| SHA1 | 1807e8ef7ec1fc3f6882e4c222332c3dafe91cc6 |
| SHA256 | adffc66f5383b052689f96b0e3d1d3596afaf53b49003925c8927fa154a7dde0 |
| SHA512 | e2532eff33ee789403fd163063f6cf9343791ca857216e49060fb54c3143b4f9c1ea5f9bad083a4ba89d61af340e842c60bf3199a850c243b2276407bc352b8f |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 9c8ae2d96f7d5f29beff913cc4611181 |
| SHA1 | 7b7d73f14a2787e110fdacdc4d964ac4b6e7fcc2 |
| SHA256 | a5e890f59d2ce64c1732abe79b82f595371343707bd2df46e6ea23ca273a5bab |
| SHA512 | d52a85d688543375d06c2332418250013d632b322eeb0860ab7dfd130e2b2a1f7ec116cd9d65c339913762bc40dee840ed709803f6fb8040bfb9b4d8abc76b13 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 02a7031d469c48bceaf2703a8852bd52 |
| SHA1 | a1503075ddc4e7a64b42b8f8dcc46559b50fa9c7 |
| SHA256 | bc10a2b42ad8f1d20da6de5a0f48064e4e6098eb85209d5e0395c684c6cf0f69 |
| SHA512 | 038dff053e5f0623f0aad3c6f1b6178d17ea6cde39019b206aa318112e3fa387b41c085b38401d266763ac451cc7bd47e10a02510fa517128c4795f8fc4c94c3 |
C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
| MD5 | 42a9832fdccbeb097ea863d580c84c8a |
| SHA1 | f802df41b5a42b2ac86dd6134136dbdb79f80b35 |
| SHA256 | 265b6121e7c1f69a09efb05c1569a648c03287880f60d6aabe587a0fc0e0b828 |
| SHA512 | 573ae029cd8f7c0bdedcce7a32391bda6646b242dea3c1931a778d61422176d3a767c2118ea3d9d42d9945e0e2216ce0228c3bb27e996ab01a4551689711a1c0 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 176471506e8539a026f293c9f7d9e168 |
| SHA1 | dd80642489c7fc447cac0de1a988f18d387eab27 |
| SHA256 | 11db75d7f29ec989c251a6b1d45914ae15a838e5d82a96205eec0790dcb3a54d |
| SHA512 | b2e9ad2f8ce0733b99f07a7ca918f6b3183ef104dfb9ae88851b00d5a0e9d2bce8b93a2b52d48a9c29e2dfec9ae3bf60607f08bd73262e36f2a221b9a8aeb3f7 |
memory/2140-10599-0x000001B62B770000-0x000001B62B792000-memory.dmp
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf
| MD5 | 358bb9bf66f2e514310dc22e4e3a4dc5 |
| SHA1 | 87bfc1398e6756273eee909a0dfb4ef18b38d17c |
| SHA256 | ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17 |
| SHA512 | 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | 954e9bf0db3b70d3703e27acff48603d |
| SHA1 | d475a42100f6bb2264df727f859d83c72829f48b |
| SHA256 | 8f7ae468dba822a4968edbd0a732b806e453caaff28a73510f90cb5e40c4958a |
| SHA512 | 0e367ce106820d76994e7a8221aaaab76fda21d40aede17a8fe7dedaca8f691b345b95cf7333eb348419bc5f8ea8618949783717100b38ed92544b9199f847f0 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 62d4c00684102e5ff23d385bccf663ea |
| SHA1 | b090402bd9f2d226a2cd696b3249b45a0f9554fd |
| SHA256 | 2ad5d23ba508ae498879ac216aa78041994421e9c1f4294db88fc37286bcceed |
| SHA512 | cb23e2faab41109f193db52fad254309259c8b8491cd9b2a1d6df47822376e8ee451448459abbd6efa9fdfd5d81cf289986a24afffe5045475816670bd518151 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 9c8ccbb0e90a3725a3432ae83ac7bccd |
| SHA1 | 90a0d20330ec92d3c72639c7343491c05593c1b5 |
| SHA256 | db467bb58f85a959cc453f9b27a94245758f522f45a2ab3f730b19f60613ac5e |
| SHA512 | 627b74df04aa88f78596d09ee82c64983cf65fefd4d9b381532128b55b86ee6c7a59e7388c2e4cb398042bde6b0c4ad9dadc5cd4ce13698e8a552aecffae37f5 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat
| MD5 | 1c69ac8db00c3cae244dd8e0ac5c880e |
| SHA1 | 9c059298d09e63897a06d0d161048bdadfa4c28a |
| SHA256 | 02d57ac673352e642f111c71edbb18b9546b0b29f6c6e948e7f1c59bd4c36410 |
| SHA512 | d2ec2ff9fea86d7074998c53913373c05b84ddd8aa277f6e7cda5a4dfffd03273d271595a2f0bf432b891775bdd2e8f984c733998411cfc71aff2255511b29c9 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | caeb96e96487134135c47335a24589b3 |
| SHA1 | a14d03c055e803f9bb75ff3300342a8b2a021e0c |
| SHA256 | 662c6151e5a76aeaa1d00cc2bddbcb408c0267bd0fb41c8ed6513e8b84f30e7c |
| SHA512 | ab3b75289edfdcfe372d921cfdcf75b5933f57c9925703815ed9c31e52622f79146a42ee0202aa622861dfe93f144e038a0447acd2628f60144c43ba3a56cdc4 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | e97123959dfee73a0335c95eeb2ef832 |
| SHA1 | 3a3bfb6e8ba8d816154cce411a1d828e44ad16dd |
| SHA256 | b9a23861433c1f5162cbc8d56d91fad2e0e22bdc0a4378fe72d75d988f9b2eb3 |
| SHA512 | 43b40411a3d07237b3606397cf5ca79722f95a7286091d943f818dcfcbcd40f16a648adfcce04c3f22f3462b1ec5c8f27b4a016ecdc1e86e6cddc8127413d05e |
C:\Users\Admin\AppData\Local\Temp\TmpBB53.tmp
| MD5 | f0b609c6b4314bdd07b0c3ef4d8ee8ce |
| SHA1 | 55eee6b02fd2a1c3cedcb85d58a7ab51ff5daf04 |
| SHA256 | 9a7b982a92eb3a6ece3597ae83812b0b80048af1fe56ea83b2c35a32b6ba88a1 |
| SHA512 | efc4dd240723b9f6cda5f9bf5ffe9a81a0014230904acf033f96f4d6ef9fa1e8e1b537884ec422625f4274d112429c81d593c4f7cdbc3c909cbf09bdcf5b3c83 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | ea758b91906b857e7976138439f356bd |
| SHA1 | d7d30380c2ff535bac8d06164c054fb355655180 |
| SHA256 | 4ecff7ab970704fc47586782216f92c752a82a13b84d6af7bc1ce20c82d4685f |
| SHA512 | f7f4cb65f535e2d045328573afffdfc78a029f07859d16c2c856ba83bf4d74f36f93ca84b2dd61149c49c80b98c7f3276219e9c8f37436c26e2d7c1ddebef3c2 |
C:\Users\Admin\AppData\Local\Temp\TmpBB42.tmp
| MD5 | db518b3c108cbb742637a4b8b143d97f |
| SHA1 | 435c662536fc755195724bb332be717a8c03309a |
| SHA256 | 9092af85124de5144ed89df5a43825dea66e073770cfdda9b7aa2eeadd135c36 |
| SHA512 | cc56dbe99d14078ca2297911140d3b165d979d9ba1795f7c9506a4eb794877fd4cccbc1d51a27100a6f910b525568e3325b7bbec432491dec0f42b74698e6b3a |
C:\Users\Admin\AppData\Local\Temp\TmpBB32.tmp
| MD5 | 79e7b78e59935ed1b24a1100dfd78b9a |
| SHA1 | 1fdcb523e94b9a99159949928ecfa8ddb25d032a |
| SHA256 | 658136a39a49ff836e42b9c79ea2db8affa12f907c3e44f1f0c3b8aae6050d82 |
| SHA512 | 4345ad91e261a7f5d92cd064802e08111880c48a2d043f3451946e2c1e86ed5d97d59a64455dd8ce1be7009ad2141145170da8ee7f672c3d86f3f8caeea3a210 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 72936310ec0c96295dbb66455078b0ab |
| SHA1 | 4cd88306a05bbaa54950a8815fb4c3d5c4446dc9 |
| SHA256 | e856659c512243b8f3618cbe47e40fd3d98bff5582e0f358e78a27c4ad6a5c48 |
| SHA512 | f4d206a402f9fea8ab9f4b7fd660b45c78cf2de7a6748734d65091a92e0ff65f9a5111710e9e360c4421554c81b79ebc2bbbf62339b9c52525c8f41845b54051 |
C:\Users\Admin\AppData\Local\Temp\TmpBB21.tmp
| MD5 | f51998c56b3139a384098f5d90475568 |
| SHA1 | 6f6090425ae0406aba9a9be49d04e024e1720f40 |
| SHA256 | c5c45af6ac72ff0cf29c366dcd57cbbfa610175dcd854f57131febcf776c3cef |
| SHA512 | 39947910bb299371a25c0178de12259a3cca140ad67714c479843243d9b56d263d29d65e79b4c14ce3637a7b60fee3fc5daf380b9bcc67a15f649c77d302a325 |
C:\Users\Admin\AppData\Local\Temp\TmpBB20.tmp
| MD5 | 6316b72b36e380ad827e2522476137db |
| SHA1 | bdca1f262688e76e864002e796c43505c3d61955 |
| SHA256 | f47129aa6a256171b28c0f859ad829221bc57731d4119d037e9fafb68b8c3124 |
| SHA512 | 49c196f46da4e7255ecd1a0902f0d65235394d00f6dde2723a2d9e0c2fdcd06d7d6462cca5b1e34b4cbcc3b065522ebe6c4b6f1553f79f0422d01780f62db820 |
C:\Users\Admin\AppData\Local\Temp\TmpBB0F.tmp
| MD5 | 85c7741ec8d014e059d5d3accdbcddc6 |
| SHA1 | dc01f3ed3c50479c99ada3c1d4a686c5a7f6cfe6 |
| SHA256 | 56d6a2c4d43bc6d3663e03682b439d771d319e5fc490fe761da2e2d1eae2005b |
| SHA512 | 3e12c9c170e92d1c221f1b244cd28b9efc71e4fc4a42df9f04391266e400ff2372d80d20e3939f4372f879ac5be57a8ef8fb3b2a4393d8e5b6264c0aab3d89b2 |
C:\Users\Admin\AppData\Local\Temp\TmpBAFF.tmp
| MD5 | 6d40d65de36bb77669286726b457b044 |
| SHA1 | 8a13b1bac2b4877cdf4aae688d22ae5138bed62e |
| SHA256 | fcb7e6e5add441b8d506dda74e3630d5bbfa0affc160b92df9fb1aa59d96a955 |
| SHA512 | 284eabaa201368849cd8c31fe24c70a00840d2a327f741ebefea56a4d6352baf36a95a235e6881f309d6aae984ef8c5ab270901d234b3c4f1d5d1d7e8add7ab5 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 30a11702d17b1c2d34d89a235d113239 |
| SHA1 | 85244847cccc6d8cc068eb7bc0bcae93a0c2599e |
| SHA256 | e64615e6c16274d5198694601678f71d2e09dca4a669db483251d410afa02fca |
| SHA512 | 1bb9a27f6040075c438028a3af979c6c5ff3297bd8771a20fb7e5f16e81fae9226d781273a142f36320b5cd2ec15c22775a616b2ba65e47105d166228fa614d9 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | e5bd295850b593f6d7cbd8bbe59e71df |
| SHA1 | c922df2483c7cefbed91b221299c0adb6e5a7db2 |
| SHA256 | 70cb5eb4c7f600a56e6409f58cf02de1aa2883a33063d89a68f54f28c2209ce7 |
| SHA512 | 8ff8342df8cbb255c741c42bc14c45309835f74eac8e4a498fd109b10664b788c6f573db709faeae1a781cdec4579691ec309fa66e5656a681ff9adcff3c2b60 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 61bd6a08809d2703f3ff45120e862219 |
| SHA1 | 8d5f4df8a69af1ed3cf3ceb472b506b0eedde090 |
| SHA256 | e8f4b689259603c447bbc4558865034048439c0a6532a894ffd745fd42f25136 |
| SHA512 | 9eef490621173d33c092a4e796022052139fc884b5d4bd9630cbd26f6dded1ec7b7ad37ba415e9772cfda63584eeb3f527ecc8e0aa9d9b8d0c8556c72f25a0bf |
memory/7828-11221-0x000002103CFA0000-0x000002103CFC2000-memory.dmp
memory/7828-11224-0x000002103CFD0000-0x000002103CFF6000-memory.dmp
memory/7828-11223-0x000002103D430000-0x000002103D46A000-memory.dmp
memory/7828-11226-0x000002103E060000-0x000002103E222000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 804b0fcb2c6e386d690549c8274e7ad6 |
| SHA1 | 52b60734b8a4377dd42edbcee7af2d797f4a9c9d |
| SHA256 | 9ceaf16127e84fef9561df8d069baa8d448478c9c5639827cde5ca39b2ceb779 |
| SHA512 | 10b9dcc7330d220f239a1bd52c2cacdf4a8b0d70ed3a3a3256934181f385261f352e0900b0b5cf5f1e01f0c5f7de0221ed9518d832d053e523aa279023003308 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 662abc834650ee668bbdae88f1f792c7 |
| SHA1 | ff8c3138544f50b64ced0940e3849d8b84a59930 |
| SHA256 | 8f72266ca79df71628f50727819c891ca09e1f6250327f15af7245197a8b7d45 |
| SHA512 | 2e87ad5730b133dde14f4f9ae4f93cff933c43dda641d36c5fa9beb443237e7daec718c1b82d4e03bca530721c6ba1cb2c52eaff6f5d5237698a2ccb961cfc71 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | b442e40589deb4e954d32ce6a0842634 |
| SHA1 | 9ceaa59818a49542f7119e0c03c826d4591fae72 |
| SHA256 | ec51c6902839c84c7bde1762800f8220a63465408fc59b1d5ed43748d2601f52 |
| SHA512 | 593207ee264d1b18a72888f620c0fdb60ebf35175ebd23f6720e1b94046f75ea5a3986a1d2b1f11ce9b33f81e37e3cd054ed9da3aad3fb1af8c8e5f6a59c1668 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 08411ee239843a06f1fb373519f31645 |
| SHA1 | f19b2f345f9ec3f72a21a992523d52dcd701eb97 |
| SHA256 | 3aa77ec965b4c5e76c9d65aaa394c8a3f6665e2fc18a658624562ab5128eb314 |
| SHA512 | 683bc34890c7a8aedfa48db7987c5034a3b73e9c2119679d9e135b472ea3f7834c9542107d16900f7483557ff38a4bf1a61f277dfa3dcab82b9af39d8b9ed7ce |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 9cabdb53858f77832825cf1eae32d357 |
| SHA1 | aa3cf898a11fa560ed6f2ca9532aa5104d7113e6 |
| SHA256 | e7fe899d2b3d192fa6b82c22bb9ead29dcd5760a095c9500db0214a06acbe728 |
| SHA512 | 243cd180f7f8f7867ccdf158e310257574e38a46b67848ff24800e07cc5548a4959bcef1df72b81ed82b4509eb72a6827015b56d65c00a44ac314df052d52d04 |
C:\Users\Admin\AppData\Local\Temp\kxjBiUS53Z
| MD5 | a1877ca6fef34566af96af105f154dee |
| SHA1 | 8df5bee9f7e2ece02f854056a3cc1dfdadc7a298 |
| SHA256 | ba40b8eb55aeaf252fd740bfed6b2c99b057110f9fe1f684c9694ec0b7bd80f0 |
| SHA512 | d82f9fa88583b07df5309086056bab6308304dd4f75f63ca8e769a9938f4fcc8214efc1f7aad78dd437121e1e32829e25e0c2259c28cea385dc0f5a9ba1d9e69 |
C:\Users\Admin\AppData\Local\Temp\7s5K7w1HOZ
| MD5 | a182561a527f929489bf4b8f74f65cd7 |
| SHA1 | 8cd6866594759711ea1836e86a5b7ca64ee8911f |
| SHA256 | 42aad7886965428a941508b776a666a4450eb658cb90e80fae1e7457fc71f914 |
| SHA512 | 9bc3bf5a82f6f057e873adebd5b7a4c64adef966537ab9c565fe7c4bb3582e2e485ff993d5ab8a6002363231958fabd0933b48811371b8c155eaa74592b66558 |
C:\Users\Admin\AppData\Local\Temp\OWftDvcZZP
| MD5 | 1c7a79a2c7bc4c1ce2a85460d0dde47b |
| SHA1 | dc9602771db88d98717ee295ca307d1eb2ad6bb9 |
| SHA256 | 18cbe9ebe8a15f092b100dbf6833e03de88cfea32028d1c4b9bbf600d3938cb9 |
| SHA512 | 94392e3f68719e3380f0a79f371a31205b8268bb969d68d38be0a7c678cc151114e4d97c8dca5acfaf07ab5d93a67ac3fb01d775897f89abde5421ad9dc39e1c |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | ebd3f42d6e2d5f9288bcf9be170f5105 |
| SHA1 | 602dda201065ca9b7675a71ca155e0bcb63e0916 |
| SHA256 | d21718ae5c0bce63e872da3fac7733e4c3a77e23ebd84addcfff99c6178bfb20 |
| SHA512 | 9e30289e6e909bbacfa4131d58fc67e53d1f1c5dfabff0fc652e10c48acbaf0769b854c505d854b2eca0d96c391019898e70629b8461865603f1e45f8e3981fe |
C:\Users\Admin\AppData\Local\Temp\Tmp8888.tmp
| MD5 | 4657ec70c40eb6c2b6ad490361f786f3 |
| SHA1 | f47ebe75a6a99ba1e12fafbe0f983454176e9e72 |
| SHA256 | 7a5e62fb2c96e7069fada144b68500d47624added3873e35f62f7ed88a026900 |
| SHA512 | 468aee3700e3b3ce5785e867a873ba3a0542e2590b8c551388315d01d90bb78e674ff149b12da944b2c12e39c97ff1288fc2a353fa9cf64c157312ba512f53c3 |
C:\Users\Admin\AppData\Local\Temp\Tmp8926.tmp
| MD5 | 729633f67dd2de93e60c0998d38425d5 |
| SHA1 | 4888389042689eb4b7c7160a5f45105ee6c2c829 |
| SHA256 | 7b69986d085aba36b02d1cfc82edfd09a02a87d1608e011ca845f8ad6ae5d1f0 |
| SHA512 | b9dab3cabdc511220806e0f7af45f94be51a943c71f6539f32f79542871b26ad7f4b68c040b195fd9a16aec4949e673e6ecf7318e31f3d95a8996a8ac421d91f |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll
| MD5 | 52c4aa7e428e86445b8e529ef93e8549 |
| SHA1 | 72508ba29ff3becbbe9668e95efa8748ce69aa3f |
| SHA256 | 6050d13b465417dd38cc6e533f391781054d6d04533baed631c4ef4cea9c7f63 |
| SHA512 | f30c6902de6128afbaaed58b7d07e1a0a674f0650d02a1b98138892abcab0da36a08baa8ca0aba53f801f91323916e4076bda54d6c2dc44fdad8ab571b4575f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 83d7a4291c5edf5f905b422b7d3300fe |
| SHA1 | 5a3d5e0245f01b02b1656b517ac410ddb0f09c6a |
| SHA256 | 90233e10291f0c04d8ebdedb8750dc7d60ecb28be2b3538b77265744e7f82755 |
| SHA512 | 24436abccd335d8ceb905618e248c41e8d7a6f0e94dc20325c01ab43da23040198a0a6868166e2f194fa91d77518882056f052249c52347084b43e7ddd99a00f |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe
| MD5 | becfee2afe2efc7830ddf2ee87bf513f |
| SHA1 | 6af01f9b215f6956f7184eafd7eafff88327af62 |
| SHA256 | 70d5b714891a6f244954f4df7b99cd952856d747a62a09837860f061541c3fce |
| SHA512 | 26c937d821216871e7de4e9f2e7b821414cc071f583b711335af81fcb390f8b1365e969162d5d230d43305de3461223a3a2ea80defd68e29a274b700b8471f8c |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 867ea8692423f9008587fa5551cde61f |
| SHA1 | e3f659c6909e2a5d9ba0723085635fd31fc7f55c |
| SHA256 | bd0003edc56fa043aa40896b67220b8575bf8824007750b8366f7b1fcbbe7b54 |
| SHA512 | 2047a7d28ca1eccf3102b7990dd0e899c5713ea6c98cdeefde50cac2478b7be41b97e367180c3a03cd59765f3f8c1d1150c6f4a8256af1bb05d145252719d1e2 |
C:\Users\Admin\AppData\Local\Temp\Tmp929E.tmp
| MD5 | a826609383a2e3ca73759387bbae30fb |
| SHA1 | 2967c4838988f7406f5b86a958b96babff9a5aa6 |
| SHA256 | f757e593c7f3d82f0d9d731dfd3a31fd8df7070fe0266080015db65285bc05c0 |
| SHA512 | a6d1d9e7f45eeac2da601065aabb9291a77d055b9a3ad6cabc4e9b9808c8a3bf4cc718eaa31281b8e1231b703ce3770dbe721a94ef63a38e7b8fb619de385bed |
C:\Users\Admin\AppData\Local\Temp\Tmp937B.tmp
| MD5 | 5aae8615a39f936b9aa8925148df10ac |
| SHA1 | c7d98a9c8eb7390ae0f5efbdf54f1f168295dbef |
| SHA256 | 60e69fc3025aa1aeab048a17b1db4dca7a9aeeb857b8246feed3847c957b32c3 |
| SHA512 | cf59dcb5f3a6fa4220c82aa8316df34f0353cdc2d6bb2fecf9d18f26bb211e9f09c8eff249b40b137af234deece7b104560b7dce3ee5a1dee576de6f42f4cc3c |
C:\Users\Admin\AppData\Local\Temp\Tmp95EE.tmp
| MD5 | 99dd772474e4171724cb3d30cbdad6ad |
| SHA1 | a7d2f8e54bc0bd4b5dee4bd5cd04986ca27c9bb2 |
| SHA256 | 8e0c301d16e37beb095e56ceb7733024247d9bd9f85521190020a4ff43d27e2a |
| SHA512 | a9fa9a49841ab709e13445801866dc6628fe577860316c3718a0cce0099041c13cc60a899e6a93c00d0becaf2ebf4ae1fc25a38702e9d9250663eebac5916216 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 15b0c06895136cfae26139846566d55a |
| SHA1 | 2e393d020391b0a5bbb9cf2f962aa55866bfc3ac |
| SHA256 | 0e879f83ff21dbc19b4c697c5d7b1dc3680b08275190ee9b859dbfd3ad0834df |
| SHA512 | 1392733e5ccd02bf7f72f26850161ccec793bd609d3b8ba728e9fa95aadd46d000927e62521fafd65fab971743e1757153e63ed82af777740b12075fe975cb8d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 81595f42dcbc7b6f24771ffcdde527a4 |
| SHA1 | 90839c8508fef0f2be89c8d0923a31e52624a33d |
| SHA256 | d0e7942991726ace3f351a7f657a856c312958bff899985c40669f05144a7222 |
| SHA512 | 83062873cf4ccb4f0fd9f6cd154cfeffc0e5345c715368c14c2885e6b8de0231fac1e1df860936ad62e1b45a3e8eb4789fa254f11458e2c26795d4593c6ed87b |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 6338663c6b841c02831bef236da57bfa |
| SHA1 | d797257776340978363966f9b922fc9bf91dc576 |
| SHA256 | 98e0b3e4d3e37c641bc5df789459749f064d6cb0a386749800e6a4e53086a9eb |
| SHA512 | e3b4b11dc44702753801b9b8de335a18e2239d817814e6654e414adf70694b09cdb7921c9d46382d9d4ca97bb506eb039a409fa3aed3d1fa7ffb5fa06c414abd |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | fe8add0a5ef3b6731ad1bb06a23482e6 |
| SHA1 | 4cc71babbf7d1760a26535bceafddd30a35050ec |
| SHA256 | 1490df1a097e874613ae25dd3b5afdbdf1dc5b28c5da85535b72425a732012a0 |
| SHA512 | a751232d3d7c602e6b21ea9804587527eca1ac7b4a6a79599f8ac805152109855db2386541cf8c0f430b688915ec41f334e57a466c3ab3383f7541342e2b81de |
C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
| MD5 | c3d54b417bd45333ef58a50ecb79075a |
| SHA1 | e97067da4cf62a527285dff10e1a4fe2fd7e8d9e |
| SHA256 | 332a58c088b53a22ac9b51257e09d233138a9c383d3e720da574efee19d484c5 |
| SHA512 | 5efd199cb52141f3a30aa6187d928413add36961056bcd1f90426d1a122a2cc858e97c2d8a13eb0b6553b2466a0e169783cd3861850b34535baf7514e5ef20be |
C:\Users\Admin\AppData\Local\Temp\TmpB35B.tmp
| MD5 | 0410627078cf054703c66f807345cfe8 |
| SHA1 | d85da7a2d3436bbea304aa581e13e3953b0c95a0 |
| SHA256 | 77661a2829db04b3425b6a0dcce1f89c8cb60849e6ddd9f935305a4eb4f3fe0c |
| SHA512 | 2ed1fd92d67412dbc8b03b7d132ae5df9b85c939562124fcc8e017968f2f686a745ecfac18c1165d8e9a6e4555c214424683a28b763660063cb01020bf39ea8d |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 24583b2877b37f38ad3d089f91c76e3b |
| SHA1 | cf4bc2aa1ccc28ed74d5819b36ea216239596d94 |
| SHA256 | 7aedab559b118c23541fef79b84c75000cd9413fb7497753baad308a13e94be7 |
| SHA512 | 6bab9a1222d7288449d8c1c7a37b6135cc29f17a66889526fe7560a2400b20032078a2ac69e7ac253cfe3e3d45545023a04448b98bb6d6397e8eb196030d9c5a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 526c3a8c683bd5611096b5cb186ef182 |
| SHA1 | 1a39fad7862817cb4fdc93536ab1ae3f7c0a40d8 |
| SHA256 | 98e3769d070a30d222c455ff7e543d5bcc636d4058b553c6979a07b3879917f8 |
| SHA512 | 20a1ac5683640050a03524c0b9e74295de4a1bfdfddeb1b92ba96de048b77c37c9fabce4a23a9fe46ecaec50415cff19aea09a0028af1d39f06772f1397dbb9a |
C:\ProgramData\VoodooAi\Data.txt
| MD5 | 6c94e2c44b4a2881a700a8762556daed |
| SHA1 | 34ef3638489a5d4f8ac511c9b6e31a4a04599bcf |
| SHA256 | b50b31c88c546f7b6ea5ba16210ecb1f0317f603799d8848960f3d741e8eca5a |
| SHA512 | c83f92156d6f742ff16fb8e8b9a0d1c476a123ceedb06988516b62336a0701e1a1b3d46e0bbfeb10962356fbe7f719c7d4a417967af9553ee04a069f62578d32 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 7c6f0e05dfd87af3d88c118fe4f251e4 |
| SHA1 | 6ce0ede9bda686ff267fb02c0e055d1e16985384 |
| SHA256 | 5b75f9cd7aebcf5a4f152b67bd81acf33c2a7816113d31e9616aad85e70dfdc9 |
| SHA512 | 1635760bda570c79e8907ab1e3aa54373a00f96a084a0a7e13bae3d708b1fd0def854dc774945f13acec649d2628c5e33d1db7a6b6ec2e8edf1ff498b60dd960 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 9fbb7414a844ab611286f38ea9a4ac98 |
| SHA1 | e99183c3223d29ce2dfddbf6de3a9f656de8bbe4 |
| SHA256 | 0deba454a7d5c019c61777d6e4ff44e8171ac9f461ddc1b62ffd03e067261f58 |
| SHA512 | 9015dd72549b27f67a89c6b62131bc5a0d8586716ae9bec6f11ffb0320df794da339c7f8ec55ecc743981f2a79e9f8b57e47dc4bed6d3793dbdedd5cb3af15f7 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9f762a1cb31069cb173ecc20e16bcc90 |
| SHA1 | 862983c96f1ac03fb0acffb8be7f636c9e431e6d |
| SHA256 | 64028afd1e4ff8b4236b82307ff710037333e0785e23c6e38043bb11a08d5906 |
| SHA512 | 49cb4d08bc99aedfbe3340e823b20bfc1b6d949d8212ba2c8e6867f5f424448b65fc8d40550c68182c5b750be072b2ceef6cbe02b4c88a7cbed8963e397eda65 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 4a52286d22cd2ddfd0140ba2e945bdae |
| SHA1 | 598e8a91433c88af3d9954e173021a75988199b5 |
| SHA256 | 4d7b16fa28fd622d49448b319dd44dbb0f579534372a4acd1aed8387b9b7343f |
| SHA512 | 152629c96386e4476bdd1b6ec42a807217144a45896e1dd8b41886bff4d25bbd27b7351500294ae507882d456ae696c67bc20d8607a83d6ae1c1eb991621ce28 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b8964f785fb5751641af138e3672202b |
| SHA1 | 3aace5e1da63359e57fd00d10fa7847ecb6e253b |
| SHA256 | 6a1afac0e0340c80710749281d57f1c448932aa8987f6316e8f1ef5a93343fcb |
| SHA512 | 23ae8703a8dd206ec5a7b387b215abe15f4cab04b69b1e338b81dd1976efc699cc9e6fbc6691def2051757661f23f6bcfa7224a6d021dfd3e3ab9e37f2943f6c |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 2b6ba2a29aedad09dbbf964b404ca4d3 |
| SHA1 | f4740d6bdda9e157fb4e0b8c039117bfe0e147b6 |
| SHA256 | 76ef1379b03d1cc367e0422cc4688a3a6c697ccee798a750bb3ed53bcd71def7 |
| SHA512 | 6ead63664db520ff6acc5d28e858197a320353c62fcdc9feba089ec2b09df95b690ed72d67f7b73d658039478e694b6732aec65e398b0c130e6842870abaa190 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4cb86ad0d3b99741b5fb61509befeddc |
| SHA1 | c02b48dbed9cdfa2de53c9a1278168a6f6be02d2 |
| SHA256 | 65811c0aa87bbc193692e93f41fdff9bb3b5bc730c68169ecc18ece95b462bf2 |
| SHA512 | 101b275ab44091717c11f2fe391200a911984a7c0d4ae6d9a0a715f4eccb6bb3c8e0c0ce4cba7e4ece8c297ad93b2ec0a47af87798e3abddaa1a6323b2bc3673 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | c04a0e9d4c7362bbc8888c5f36d46c59 |
| SHA1 | a91a0467fe2836e646efebea82563de3f937477e |
| SHA256 | 6b79b32ecd0ff440d9a92ae1ad10af55ec3c76e8de0fbeb1b06d91ad843d0cba |
| SHA512 | 1b748e49352e8441343209e4a0f06aa5492673c67d277207bb3ccbb704d2f712d18da23fb2cac7d67190f1b218902a4967ef2f7d4df5598446979f2a570f3179 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 63ff5b259bca7903de64a5c0d9f96472 |
| SHA1 | ad542ec1c3447886b3417b7dedba6321d1b4ee3d |
| SHA256 | 7a73aa2b9f8f7da963b8b387cad6b23c645a98188138d43134bbb597ef597085 |
| SHA512 | ab79aeb32bedd4387269d87e7b25078f6b691df49e3a0212fefc1ce1e385c528bcab74b15c681b6f170275679a2efb338381e9c13c4b9b7581489677efa612cf |
C:\Users\Admin\AppData\Local\Temp\Tmp8E9B.tmp
| MD5 | 42a600349df5b2b0d6df62377cb4409f |
| SHA1 | 04fe9604fee97bb8e78684178e2d295d42590678 |
| SHA256 | b93746740321c30e876bec99c26f9e3391fc21d13785a5835a70e8711a0a97cb |
| SHA512 | 6143941209914da51bdf045bca53a35d82e8abe31d1e0ca21dd47c1eb059a4eb0459f35ceada73b0bce995c0450c04f5917847b951acedfbd677481b5417000f |
C:\ProgramData\VoodooAi\Data.txt
| MD5 | b46f101cf153e40a21987db5ca5933ff |
| SHA1 | 6470f00a835c8654e6ec3dec8210f1e98a4b5365 |
| SHA256 | a6940dcaad026e2926b5302db043e481723e79bf1fbee453d572a364cbb487f4 |
| SHA512 | ca6c9b5a74ea1b7f90e78fd30620fe4192f4e9d2e76d5040c546c63be32ec8e240c8ddabd0a840b702f67e57ec7824b08d5ee6458471c08ed460d967ca0984fe |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 1679636d0386f4b9b5c16840ce9c4491 |
| SHA1 | a4841ccfe38929e979b2f5c59328de54f8a5c744 |
| SHA256 | e82ed9552e7eccf699d98da9273fb99c981995850408708052ba637e40a0d115 |
| SHA512 | 20152785e17fced88066a1845e27280eb7de4bf52695b40149b60d07de2373810e58d2f2c729688df9cd9aa5ffcfb59760e22a49e8d627baa80898c5530e7816 |
C:\ProgramData\Malwarebytes\MBAMService\version.dat
| MD5 | f7eb2b63892510695b707514b909a847 |
| SHA1 | 4afe56506e281ac7a42aa0f0e2a246b61b7103aa |
| SHA256 | f1c531c0cf33e5321e9fb227ed584ac95d0e48a0f5962694ecb91126ac0c01fd |
| SHA512 | 956e100e6316e0cde70abb383689925967b9221aac0ab96209ae563ea733bec51f7087936a6ed44315f1f4012a9d35b519240758d23b87d2e1c3652c01484a03 |
C:\Windows\Temp\TmpB037.tmp
| MD5 | 33199b5ff706b64520b813203f1820c4 |
| SHA1 | 5771d24c4a53a5507f950011903549d5bd7e46c7 |
| SHA256 | e1af61d9ec1a145a3e705db67529778bd0c4bf1b77054d21bd9f57bd49eaef58 |
| SHA512 | 69755fdb6e47e53c0248aab1a46e41e013defe127ae3347caf84d6e812874cd3f04f76ead1f876d71269f8f1d323ba7c8f76c5c21f60315d61d195606cf407be |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 24ff7f858fe8882fdee74ddfb35840db |
| SHA1 | b42b1a71be497d1bc27d4e2fab37f712d775c605 |
| SHA256 | 6e7dfc85a6e02a4bc91aac7d91839b4f2e9f3a5a10b71816e2fc7bcd51ab1732 |
| SHA512 | 6d23672e78d90e2c74f9496bb9f0ff2162c1d38fcfefe38cd390980c712b4b64795893fa1c39f16ebe74cf091064a219b970becd075f40cfc9dc05a867a0977b |
C:\Windows\Temp\TmpB5D6.tmp
| MD5 | 102b05dceb30106364a7e0d74a87a9d5 |
| SHA1 | 3d021ce304e9b253b0a2f9c6ba8ad6e31438d8cc |
| SHA256 | 28bf87dce0458123e9678645046108f691358abbd9061b3a489e4b329459d01a |
| SHA512 | ac3f250f1f8b8909ef0515fb6f0ea54047a2de3516a1997e59db0e99fe41cb41155633f020b29b7377da91783f511ee51603d26c5eb9e0d3acaf9f9e3abccae4 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | fe2357b08a6ea118777aa0594a9792b2 |
| SHA1 | 68f7f2392021d5436e4d53d538c5ae42d76dc7cf |
| SHA256 | b47a825027ea473889df58526e0f2b89b41acbe5fdcb215e2d966c6ab0318e30 |
| SHA512 | 98480bc471f79132280a8b6bfa8e09556d398721d74f182fd2117f29ce01a9cae48790fc915e2995345fdd79f2884aa0b12cdb8c593c0b3bd9f0d25faa67823b |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 081b7d09e307bce760f3c414bbfc8666 |
| SHA1 | 2528f4790ef2ba9b525f34fd9c61ede6f2352517 |
| SHA256 | 51ac5898b275e8c0745f973d3914cb1314105c4133b950b8e6878629b2f000e1 |
| SHA512 | 1cfdfd5efdb7f4c4148fd74d23698c14db8e9c1d5d84de41d517b72d5acfcdc781326dd0b98aa39375299615229a21b7dbfcaba70a82ca487de32264151d6840 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 5c4c9aa70e31946bf1ebace797c683b1 |
| SHA1 | c510d2b16005999a46d29cbe0c65ad7a78abbc61 |
| SHA256 | 0485577eb7eecdc5ef7847a81b7fb8ec014510cdf0a104c526fec6cfa8acd620 |
| SHA512 | 141ac0724dcb948570d1ff697e5c79c6fa4f288ceffa4c11ec8d1013944edfb6c8ab129dfdf4ce6fc015b11b283d8191c3c06349105af671a05166c91c1ad307 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | dc8206d6817ea8ca43287618d11cf30a |
| SHA1 | 986c7825a61bcbdf5111e479b77a2a8555ec4b58 |
| SHA256 | 8be95df9cd756ac2713874ce40b2f7c3273fc9430dcf59755d1984ab2c932001 |
| SHA512 | 2b1fdf529d9a203f111a2bdf9251fce26f924db03036dbadfb7ccfa69a143e7e8dfb544f8605e9f98c4f053559de3675d497923bb5f7c5e1a850b6b562465bda |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 023e49f995cccd4d75e272aab3a25e00 |
| SHA1 | 8d7c5acc155cc47a65ce11ee5feb54cf3b658952 |
| SHA256 | 5814b4b32bec0748472d3e6f148497b1a406efb8a854b4f2574ba8376d5eadae |
| SHA512 | 6ebe02538fc20e624b1fbe2a90dd44e14b4e3b2b7b1ee2895aa867ea97fc1341a0f4801416d283955bc0e86f35a69bf6fa97adf382e61da33e4f448c4e654eb0 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 4274b2b00100dff87e49600d5889d889 |
| SHA1 | eb574255836f20c86dd5e66ae996d6629037a821 |
| SHA256 | 6d985389fe1f4bc5e3b5cdfe9affa64d7338de0c12c0df03151ea6d721a9c1f2 |
| SHA512 | bf2432f11c60b374146c1e0e7be659aa5c9055e206935ba2987dfc38ce6c9b02f8f5495587c1feaa2fbd5c042b345130eabba4ab1ef795ac0b507aae1f2117f3 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D41.tmp
| MD5 | 3b337c2d41069b0a1e43e30f891c3813 |
| SHA1 | ebee2827b5cb153cbbb51c9718da1549fa80fc5c |
| SHA256 | c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7 |
| SHA512 | fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b48bbd7bf1452e241f353e712610106f |
| SHA1 | 50a9b06b4ad35e668c4928b9f791c007bd81554d |
| SHA256 | 530a61d58032b4e9c5891bf7fbb7a5078610636ae36bc043cee0d80f1cf5a761 |
| SHA512 | 8fe50c73f740db5c9984af9d66e986fc97c370719659008ecf1940e5c43f896beef9e44e20704e06483d544290101fad06dbe6e44d50d57c474791a81bb83e06 |
C:\Windows\Temp\tmp3296baaaaa
| MD5 | f70aa3fa04f0536280f872ad17973c3d |
| SHA1 | 50a7b889329a92de1b272d0ecf5fce87395d3123 |
| SHA256 | 8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8 |
| SHA512 | 30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D45.tmp
| MD5 | b5d0f85e7c820db76ef2f4535552f03c |
| SHA1 | 91eff42f542175a41549bc966e9b249b65743951 |
| SHA256 | 3d6d6e7a6f4729a7a416165beabda8a281afff082ebb538df29e8f03e1a4741c |
| SHA512 | 5246ebeaf84a0486ff5adb2083f60465fc68393d50af05d17f704d08229ce948860018cbe880c40d5700154c3e61fc735c451044f85e03d78568d60de80752f7 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 199bb89c715cb26f244a1715caddd871 |
| SHA1 | c1539b8d149b4f7d0aa613f9f49bc737e9b04f0b |
| SHA256 | b2218b1cf24b661daa9a20313e92f8c3c4b1f1ba09ec8c3b2a5348d7db8abc5e |
| SHA512 | 7be5beec917bc4833f45a894c878a9b981db0bd0065271305ea5f0e13ee8d84f6c3fd4dd2d92b6cf33f97f3f10d440fded1db9a972187850a87bab482ca8be8f |
C:\Windows\Temp\Tmp5023.tmp
| MD5 | 7f632726826d4936ebcbcd3175fe4c41 |
| SHA1 | ae951fcf843dbc5f4928c75f577e5e9a1096ccb0 |
| SHA256 | 76d2e89ba55d2e3fc83b2cf27c9bc20087c888b561330450aab64e330c3dd23a |
| SHA512 | d3667ec756fbaf16c8c5bf8d53ab9517fa5b698a08b5f31778c444587a8b6a90ec08bbca31950e70f77de61a79cec86b32049fc1855c6b3198ca96e36d51ccf3 |
C:\Users\Admin\AppData\Local\Temp\Tmp598D.tmp
| MD5 | 15c925e9416aba6e5cea0cdc125a475e |
| SHA1 | cbdbcf1905967c5c43c3414b807a7afcd3851b25 |
| SHA256 | 53c23c9446830e4c20e6e1635f5cd416abb9a8094104c373dafd97372413fd1b |
| SHA512 | 3b78cfd096829e57318885c977df9d59e39d9aa3f622f40b08699a0f052b9dc52f12daf519585e75c1331a1378543d95cdceeefa996261dab4a1bb3642a45e17 |
C:\Users\Admin\AppData\Local\Temp\Tmp59BE.tmp
| MD5 | 783259e18b74994f87e77cc36283dc06 |
| SHA1 | e18a97860b461df68725a79738e2ec32763c0906 |
| SHA256 | 618e2fd76c2ad505d2f68c14e5b66ea404c877251b408bc3d8a9b1f0e0d404ce |
| SHA512 | 72e234b30d22225261263895cf15eb4df7294b8b5d9367a95fc2c485230277d0484f2ac732e152ebd0ef5e487562b2d07d80301a2429ce833af42ff408540571 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 51758a91d8fcc45af67c48625ae73ae2 |
| SHA1 | e74323ad53b73083eb96d5589b11e8685fa5e0d7 |
| SHA256 | 28da3fff7052093aacbddcfc0c6b51ae14a5539e271f83a18b01bac1f6f2406e |
| SHA512 | 89bdd3b7cb3259f57232281d9f01cc8b957eff173800754a8fb975c147a8e8e00078438917e83c9043c6f49d94a947e421888b0257c12aacf7b2d9433cad0587 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4
| MD5 | 76f4b91ec705370491b3c480665c6bf5 |
| SHA1 | ff0f42f109d5fec77722fe3e35b521db1758d7fb |
| SHA256 | 732f0df15830d27a7895402c4a2fe8df6e254e6022b6a87eccf2056bae23ebe2 |
| SHA512 | 5192e059f34511fb8520310812e02ab7f5eaf44eebd502cef40864347251ea41df9c569570b9585edf142ef6a0b445a71606da205cc2290409cdb2a9337a0348 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4
| MD5 | 78f2fcaa601f2fb4ebc937ba532e7549 |
| SHA1 | ddfb16cd4931c973a2037d3fc83a4d7d775d05e4 |
| SHA256 | 552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988 |
| SHA512 | bcad73a7a5afb7120549dd54ba1f15c551ae24c7181f008392065d1ed006e6fa4fa5a60538d52461b15a12f5292049e929cffde15cc400dec9cdfca0b36a68dd |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C56C4404C4DEF0DC88E5FCD9F09CB2F1
| MD5 | e93cad28dd22479c4c7cda25bd1bbba2 |
| SHA1 | e2055a4fc7e70003f2646aae2a2464e7861cb279 |
| SHA256 | 3f211bcf62e95b2b28f319fe3d29309ffbbdffd5d4e3e1d7762e32c6efa5b2bf |
| SHA512 | e6eb71aca3e5336092c1c74ad926d97669ec82a07a59210cf9a068c5ea7a2f63b97d3440d5078771091213695222c05867782194b1020467af993537a3968e3a |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C56C4404C4DEF0DC88E5FCD9F09CB2F1
| MD5 | d91299e84355cd8d5a86795a0118b6e9 |
| SHA1 | 7b0f360b775f76c94a12ca48445aa2d2a875701c |
| SHA256 | 46011ede1c147eb2bc731a539b7c047b7ee93e48b9d3c3ba710ce132bbdfac6b |
| SHA512 | 6d11d03f2df2d931fac9f47ceda70d81d51a9116c1ef362d67b7874f91bf20915006f7af8ecebaea59d2dc144536b25ea091cc33c04c9a3808eefdc69c90e816 |
C:\Windows\Temp\Tmp798B.tmp
| MD5 | 1e12a029f899a87dd29463ae34541294 |
| SHA1 | 61adee505fd5ac82df43a468583a176503bc4e36 |
| SHA256 | a55a9c6bd903ff2523c6b1e8f1c63caa593f2763fb142943c576e200d520d967 |
| SHA512 | d8897bc0f7ac763953aed8a430d970d0c748b6b819b72d0e3bc68537347f6e5af9663d4bc0fd6815e737b0dcb0a11d1a331a703d02bb964e2128014206ca3590 |
C:\Windows\Temp\Tmp791C.tmp
| MD5 | e0a15bc13a2450843208a0490fe81988 |
| SHA1 | 54bc1dc32681d431a2b64e27245d8a0740cd8256 |
| SHA256 | 0e6f630393344cee199541d9359b74ef3bf87290f218f48adf3fa33667e6d967 |
| SHA512 | acb39fdfa1819fc40a81fc2795d82f06c46bde5a1e16c28d938946e6ad7929ecd1011765526c777eb69061ef43b33d834119c1f3c71937323257a88f4f2b994a |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D68.tmp
| MD5 | 54dde63178e5f043852e1c1b5cde0c4b |
| SHA1 | a4b6b1d4e265bd2b2693fbd9e75a2fc35078e9bd |
| SHA256 | f95a10c990529409e7abbc9b9ca64e87728dd75008161537d58117cbc0e80f9d |
| SHA512 | 995d33b9a1b4d25cd183925031cffa7a64e0a1bcd3eb65ae9b7e65e87033cd790be48cd927e6fa56e7c5e7e70f524dccc665beddb51c004101e3d4d9d7874b45 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | dfa2ff9dca6715c1fabcb2edc87a8ace |
| SHA1 | c57c7f92bb7a44a303deaf6d41bf725f977ac323 |
| SHA256 | 15e4e0a7180bb31e6e8434e9edd8ec1cbd58d870a237a3a15d1ae01320770704 |
| SHA512 | ec280940d662b0c3d546652fe5d8ddb1303f4b2f52f7a584b96b6aeaee1d66f67f8231b0177af4070409cdf5794060085a9b29e96933704a8c26140c8937f870 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | be96480b2dffa954e1453bdaa4d0bebe |
| SHA1 | 143dba69aee31035e9025f9012faa10b12caecc8 |
| SHA256 | 552b22d54475d65886f77fef16b82927e33aa18945a5a56b6eca9985f60a7027 |
| SHA512 | 9f218362af67dc3ff4170c257a094a5c9c0eaf48ef246ccde08c6c000f39a5bb8a582a721e2f5af0a8ed57a8d6eeed3b347d0ead18e3a3ddbcec8c881afb3617 |
C:\Windows\Temp\TmpA87C.tmp
| MD5 | ce1623e807456d0267e984c8f0281c5d |
| SHA1 | bbb468a13554fb38172a638eb5890c9c636c4f61 |
| SHA256 | 7a8f3a96e7c3e30c80f3bd750fe083b2789f1203ebaf371fbdbf7eae93ea320d |
| SHA512 | 4f0cdf69496f352baf58767221589051e5e4a88068a15036787f14700b7359c6e5fb5748eca5e8117465384eb086e41c967f6eb740c8196bd40d9fd845e2d4ab |
C:\Windows\Temp\TmpA80E.tmp
| MD5 | feefb922192972827d8bf65020eafb51 |
| SHA1 | a4c20d1207ec742bc3b7e947f6dc19608dbccc83 |
| SHA256 | 2ec22ec1052ea4d3cb95babf3a024c3a94e031b7a9782b0d638d03289eb787e2 |
| SHA512 | 55bcabe355b94f4ef59c47954abad396921b371ba456125e0396d5a685109869cc6b03c7ff08f5ee00448a051984a5db8dcc4c39662e78a71871dedd52e22f39 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | f56f88103376bc3f7da41b13881c140a |
| SHA1 | 7a9e1992020531972b98e127ee00d5d00c1b4a0c |
| SHA256 | 8a655fbf4a7f91028a58fb756ede2e4fd146f46f8396de2cab3282e3418190cf |
| SHA512 | ee6a77b675e8cbb4254529d352b07e010ca0f6329b7365d678ee4187c8a615cb9590cff2b31d97af337f3e1f18d5270460a2aaf183f45b735e1d038c5a17333e |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | b70c7ceb322c6b0d51c48b1fae70451a |
| SHA1 | a75ed5ca96588f7b7d1cbe96e6daca0f88688f8b |
| SHA256 | 50cf3f43b7dca71c3a66f562eb3eab7f91a2793df6a013a7bcd03289ab5b4282 |
| SHA512 | 8b3edba12194865795783417abda73bbc73a42c51a9bd4fcfb976f4eecf81a523922de21c95de3ad768e517d505b07153572373688b4e8b638b4ed4c1acdb772 |
C:\Windows\Temp\TmpD3A5.tmp
| MD5 | 9cb449667bfe355905e136cdd3e3a907 |
| SHA1 | 510a9fd18f53a4bbaf41c154aa9e2f0aeeccc11d |
| SHA256 | f1c5b7cf2e5f2911e970c064f74a093710fd11da46bc3f4010e34a70c8465495 |
| SHA512 | 784406151a01d2dda4a8e856de5369abc73c1d5df84381a3107c31434ff9644597a19dba001e86b59eee2a14ccc2e7040e3e6b02d776a019ca97d883f7165148 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | efded3ca84e1bc801260e3c4b36692a5 |
| SHA1 | 109f81630d61bab5006553ae8bf40a7bc38ab3a1 |
| SHA256 | 99a3281659af9a84067321e639c1b7ac3cb408b8d01be934c3498bc2b7029ba5 |
| SHA512 | c16c4b3fbbea11d63018df34fd6391deb8bdfedd8ed53e0541a0fbdeb81659284acd1acff4588c4e440389af73be226a7a129e3f782f3449a8d11626f2b2a64d |
C:\Users\Admin\AppData\Local\FAST!\User Data\Local State
| MD5 | e9df992c3b05f7a794137f6dcde93da2 |
| SHA1 | 77a3b6a63f1b110f2a63b42447c06dfe711e6c0f |
| SHA256 | e411cf7876beb824f835bf67bb62360582927452c8c0fae91b1cf8216ac594f3 |
| SHA512 | 60dbb3e5b6ddd887dcc591d14bbc225dd95a4b9b2c81322ce889ca077775ec67f08e6f480ecdc38006777d764fe1a674f6383a984fd169ebb842140b21676fb6 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d9e6592ef99aba9334678273e97978fb |
| SHA1 | f956bb519ee9f503675d2a81ac7aa6f261c3b09d |
| SHA256 | f987ae1632edfb6e1c81a51cf3835c758ef4a408320081a87942a005de87a6c6 |
| SHA512 | 5174b4160efb2ff1ff6c12839119d0f9c61f1e6bd69fdcf33ddf77be8c2a679364ed841092f53d78990be9929ea457c5a97438a3de8727be27d15ba8b4395cf5 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D98.tmp
| MD5 | 699dd61122d91e80abdfcc396ce0ec10 |
| SHA1 | 7b23a6562e78e1d4be2a16fc7044bdcea724855e |
| SHA256 | f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1 |
| SHA512 | 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D99.tmp
| MD5 | a7b7470c347f84365ffe1b2072b4f95c |
| SHA1 | 57a96f6fb326ba65b7f7016242132b3f9464c7a3 |
| SHA256 | af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a |
| SHA512 | 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\DA0.tmp
| MD5 | 804b9539f7be4ece92993dc95c8486f5 |
| SHA1 | ec3ca8f8d3cd2f68f676ad831f3f736d9c64895c |
| SHA256 | 76d0da51c2ed6ce4de34f0f703af564cbefd54766572a36b5a45494a88479e0b |
| SHA512 | 146c3b2a0416ac19b29a281e3fc3a9c4c5d6bdfc45444c2619f8f91beb0bdd615b26d5bd73f0537a4158f81b5eb3b9b4605b3e2000425f38eeeb94aa8b1a49f2 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 2afb24115067d3ad6a0ae39d8f334fcd |
| SHA1 | 22669bb87d24fbdf47dea8957683aa59a12a3a23 |
| SHA256 | 199dfb8ba7ca695eeae10d63aa047d7cf3010bbc34a54fdfd604f23894a52fe8 |
| SHA512 | b5861b63c50b855465440a4ffc93e1f3b68405ad606c15103d627c3791b1a6f7a2bae073c6b6aff6abf9204c402694c2e0ca108cec7a935464eeaecafdb594df |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1c7b7eedda2ce1fd5b2862db68a6a368 |
| SHA1 | 8b05e96b55d6f59421efa196b0f3e566ded5a165 |
| SHA256 | 26ed1676db7890fa9f831e2bb1732c40bd844f1bd6eaf422f7d007c5afcffb5c |
| SHA512 | 9cfb9d3537057adbe9dd242bf8942642ea72a5625d882ba3b7032d9600b5465ba634a384fdc5a19ef76a32224400243b4373fcd45363194ab2d2b963598cbc40 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | bb20f71d805e704f044d85874c2b9b47 |
| SHA1 | be64140cdabc56760ea3a8338f85c3787c2294dd |
| SHA256 | 2ffb48c863cfb21fa75440d1e13081e34d858aeacd81f2c7ea88f19bcf5130d6 |
| SHA512 | 54f996a6c922047ab61d8dc9b9811bf8dd1ee3e0b2d04d086d76e22aed2315ff90bc3e9921e6e704f37f07a0b369e845516af4eed67868e720c3651b413ad059 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | fbe639768ba37ac5d9fcd00610933b77 |
| SHA1 | 6356fa945cde88a9bb90bcb485f1b7f9d6dc8b3c |
| SHA256 | b7eac5a45f459050216d35e2e05da905d3649ba4e1ce48d3c82edb89a42080b7 |
| SHA512 | 7d06d134fadece799eec6bf1f2bd326be2cfb7791501d888c4568a4aba8cb7972cf2b3ce04852d545292d7fec79155ba300bf5c221ffb2b2c12436cc8f9dbdf5 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 6d7b6caf95e25c304bd760a25c993067 |
| SHA1 | c05d2f99ef5dad98739ccdea5fa7ba0f7cf817b9 |
| SHA256 | e5a33f4702e72daf19035b26f68fceaf6796f87f1e6dee4e1966d7510a49d81f |
| SHA512 | 5f82467130754889d52e29eaed2672df4ea463fbc31719e227f0d7200ac370fc20b1bf3f20cbf760e53d91c13bc445ce77da121ed107a57a9920554066275613 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4b7c362cbc60d95c07c523cd93cfcd8a |
| SHA1 | 2b6391b4141cd948d93902ebcd77e3deeab6d4cf |
| SHA256 | 61bdbea83b614f90a3f1f7dc46c53c1d59b11a267f48631b44c7eb1a4e9464a9 |
| SHA512 | dd8d5f4ca740a4cd03c5d110a182b685c226de2df9c553785a9132ea259de1a19658c6507e72b1f0bbfe6670f15f70f43b597404e0be4e4fd1c0988006ca7c50 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 22d5541c82467582ffe9567ddf898263 |
| SHA1 | a898178dbd5605e55f4995e6874c97d79bd52216 |
| SHA256 | ae282201dcbc0dd1a3c9b4f05c6dd27d5536cfcd0b0d9e82df3207912aca2c85 |
| SHA512 | c7a278d5cc27a7071f855ac61de96b8d5e481aea51a04bc5bbfdd1d419b99519f29d37596e685b35e5971d7d87a62e18ee31dc46ac1eaca324e35b0c99839322 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 3b9b41ff4d012bccdaa9c8709c77e95c |
| SHA1 | 9dcafa1e0a0d96f6f3acc2a39e0a4a934c340c1e |
| SHA256 | 6cd9e4bc77a36bbd057785e032ddfa4ee5eb4fae5471efb647cb4c8e99062a29 |
| SHA512 | c0376cea00947c813a54aaccfe6a293f5e22988541e36fc4b1e254a6a76c7971517893fa1bc187ea1ac615f30efb118aa1ca6c3ff27d5e67b536b9618800c500 |
C:\Windows\Temp\Tmp2C0F.tmp
| MD5 | 8da04686649ab36ea552faefa0014373 |
| SHA1 | aef94e69a846393de96ab56b1b18e8b4b075537e |
| SHA256 | 321f99d70482f2748dfe345507d0b910f8cd49d540c0f4ca3d914096f716346e |
| SHA512 | c16f39470e131a4746ad284d26311466d3fa1c690bb739630116dedd542ad850f144e5f896067e345e97d7dd65127d7b8fdfc5bc31caf01c817569595db8eb60 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1ac0de2eeab9bebc09dcaa64ca8710ff |
| SHA1 | d3dbaddcfe0eadc6b1aad22f4e61fe3bec11e5d0 |
| SHA256 | b2c504e212394f204c7e3fbf55af43628bf43bfa2cca980862c48dc840a4bd22 |
| SHA512 | 8b74f9f12da750f6cef31229b9a4962161d59516097c0e92608835518e6bd41a21938c2f91d1dec240ef0a8d972e857e6898afb4e64b9ad11bb0e4070de0ae48 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 9fe9e81076f5f98e9a5c0bd8a6ad1bd8 |
| SHA1 | 51fc61db8f22cd2ff196a2bc59ebbda0c25e1259 |
| SHA256 | 20e3d99cac0a0d09647b688441c9bb30c7ce02b63628071c2c9c9d149674d72a |
| SHA512 | 9e97b16ca82d35d5d7f4e87f241d3de0b75e66a401d81d57a39b7de91d248c8ee62791900ff711843976aec1533349f10733139dcf1d7536f7539c05588161e1 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | e7afa511e3e24daef842cf1320cd363e |
| SHA1 | 1b084c95956edd1a4639ce785402ab06de4a67ee |
| SHA256 | a5eeccdaa150808daedc9744058bdb971ffdf88a941fb1445f3f21512f489507 |
| SHA512 | 00b72d7b72324bfef218c75feee97e470145176e565a00f8c21c3f9d1f0c05af8b9471393184c79fea3876611943b8524595f97e3d4b35599f24ed238784d4c6 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | c02113df7aa70542789a7d344bb5e116 |
| SHA1 | 996b78d8402a0bf5950d96d59c2d3d75b426d2bd |
| SHA256 | 791f05bbf6341100f02310213a62a9cffa966e675cab486e9f43c224c64e3cc9 |
| SHA512 | b793b427541d44e33c80132c8ec392e35b70c34b4ba0ef0215d7f2458c9f3ce5e5f4de8a6688f9607af69502b3c8bfbb571db915c684f693acf8bfb286e931e0 |
C:\Windows\Temp\Tmp4082.tmp
| MD5 | 187f71cf676c75ba8f9dbfe295620474 |
| SHA1 | 823fb8879b4ef97f8972cbb4f8dd5d8f98ba7d8a |
| SHA256 | d7ef83bbb1449815adb055c7c6c66052d1c103c9cfa81e10146fd87358b4616e |
| SHA512 | 83d08893a7c4df1c46b9759c725c96f4b4a72a95b7aa04e9fd01c703fb5755b4a3741582be2b78c1e23c7ceff678a77b280477c88299fb7f6ebc7755e1ff153f |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 47c97cb37892608c62deb9687f740e12 |
| SHA1 | b3e476e5e6d12f321a82c1fc14ff02b51814c872 |
| SHA256 | 24d114331bfa42cab2aedc43b87216d34121a19c85187464d72dd8c1d286b788 |
| SHA512 | a460f86570a6441aee938df2914620cd74dd291de7bba4482a6761ea72b16966a6cc2139471b3a1e78abd15d08134e44bdb28986ff95ba0ecb077ce92b354098 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State
| MD5 | 2719df92918d0e3d182371cc4c89cd68 |
| SHA1 | 9a6c12b8ce987e719afb4dae140fb3de20b0c398 |
| SHA256 | 476ade90b27793fa18cde0fbd05762bef4b73211010b0bda39ee009a2c99f52e |
| SHA512 | 3deab6fb2af68146aceb0ae3ddd100d7c1d259928fa9b24449aca88833f24e00b6f12a28d4d2d17b19d2ca2748c35dc2d6eab185cf05657b90edb4073dc02dfc |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 42785e2f626a699fcfd73b3ba8fc8a53 |
| SHA1 | acfab741c1d3b9ecbf9561907912a9743b62d2e7 |
| SHA256 | e7d0408d5a7fcdeaa35656260b8df0691704ea3a0442454bf030d95303e6cf46 |
| SHA512 | 93d4936bce4ffbfad0ffa1c2dccccbfa99ad88cb5874b8adee6bc70d44de9c00b644e0516b6fe048f0497b43a071761ddab69e9f9922eab0440e68149efe3783 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 614f72cfbe2766f287da964f23d5becb |
| SHA1 | 09f3595b173454122f8efa423c44276d13246493 |
| SHA256 | 020cb48b85356169f9d15c2c7a7ca23ae96241415e29ab5f482ccd0001c62a58 |
| SHA512 | 78bca4ff46a5a229cc5fb5e064d7f1958d6d7bc5cb60902ca2175a6096a4d126cfd3e89b8cbdfac05656c36c3e345f58b1c32b142a427fce70d745a82b58f378 |
C:\Windows\Temp\Tmp5498.tmp
| MD5 | e64d3c98128cf7014fea41fd4d7fd7ee |
| SHA1 | 2a50522b59cf80a883cbcda255699fe6e0e27da7 |
| SHA256 | f039f4be44b16ca18e2d40250671ffba168213ae73a51438dd37c6272ea27de7 |
| SHA512 | 43f65a65f9f5f49a53b9145b03034fa614aac30054439c1b7f00b00b5bdc472660c84eff20bafd909c879d9a7d38d778335fa886457691c142f37f6a5dce0db6 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 65d7fc5d7b2eda7a0a7e1d0367ae8ae0 |
| SHA1 | 1199975ad74fc089a2291941bd2a4ca39339c41c |
| SHA256 | eff7c53496067f915c8deb964d10e23a8fad8524d480540af8e912d954820241 |
| SHA512 | de90e098b360f4f8b98f239b5fce9f8c51044e5b6c8a02a6aadf16009ede1ca62560b8797b4558269063e3769631fc60b3a89a03a89501143c54894fbbf9b012 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | ec838e96239f444eca6964cd0a6b6804 |
| SHA1 | 8801d09cb6c690239518a559b09df1d0cb6e0662 |
| SHA256 | e0c9ed9f3c7feaebb158ad3079ef043b8870c0ce1b389c8e31f5affcf0041986 |
| SHA512 | 7cf482cf731bef7e9026c32c98a620fa852e00c61ff136e868728af32f0f3e92ea234ef3db4caf9f2700004e5af5c4ec7c4d57169c81bb931af4b50ba373112c |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | db4b1a09a9da7db63c2669ffad903cc2 |
| SHA1 | 1aa035c1f56503be94ccfcdbf98e1380f8f37bd9 |
| SHA256 | ca02f0217fe21fd2f35605249c0ef84d04e8ebec7ef36b6a1847d24031b77ce2 |
| SHA512 | 60c1df005d6e04f11d756863bddd23a8e9799d0fcf489049a87236bdb1713e981b666ea59e294f2d0dc240e91820808df93c526cad872e54dbe872cb61e09519 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 618760419b284c90c837531de10f8d8c |
| SHA1 | 14cbdf03273c3c509a55a04a51d201d8136e8ff0 |
| SHA256 | e2e42421bcdefb3e4955043b9608783abe2ceb9e5f5de51cace87d834c941303 |
| SHA512 | 46bf2c500271020ca26777c2a7e9058b09be4a4eb7e2cf0da726612e570ca68d9d0850144fb1a307c73bf14ff2dc55e36650848d029df041de4cd6aee74571ce |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4c0f065f5caa492ca098c84fa5b27e7e |
| SHA1 | 668d7c2b197b4ea2d0b56e1cdb982a4b014dac9b |
| SHA256 | c888c24231aff5b9a6b1ad67a2cef32fe01b9273b695f350795d5ff7563ee62f |
| SHA512 | 77e79ab1c22d50e42c0ed0b0cb5757aa607f5c952727027b4255cafc862b3594d72d5246c2f473a734f252f6d5916ff926d7961fe8736e016e5edc47c30f1e0e |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | a60876462da2c7e51011b89b091b714b |
| SHA1 | 02f8baeb8340f4292b3d7c35d86b8d707d17eb28 |
| SHA256 | 7328b8d798aa8f8a122f3aa975aa93df590d13548e0445503d3ad6f09c7eabfe |
| SHA512 | 822fdb7bbd27169b772fc43a66bb48f5c3986f7d42319bbcbe1a5a9905f536edb60c2c13a8e38e93bc693d44ed2c566d376d95eb4b3f060dca3488e165f40445 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences
| MD5 | 46dc0698403ac838effc8c510bab15fe |
| SHA1 | 9a98afa9d7eef279479ef0e20db405f80ebb28f4 |
| SHA256 | 94ccc6e657886089c84c14f73a0b4230b6eb015f00b50f05c05726c58e55899f |
| SHA512 | 9ff9dea460f025fe19e64a4a84ea26200f9af5c1367a041936730b5a2b9c5b3805d40806c1d29b8d7e306eb6d47886e2abc057400198c56d01714bb083745810 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | cffeeb21c916be46b87739e6b15cc1be |
| SHA1 | 86aff51c1b570d01717c13464b39ad332e3e9f89 |
| SHA256 | 1a3c26983cac12412f361bf731dec7143b3005098462fb7a7dc9d7e1d7726f27 |
| SHA512 | e10b40f0042fdd260c3f4c740eb3b1663fe8e365559d1196f1d09ef964e993f3af0f614f5657cea9cd661112b866d1b7b8a429e9342d256744f82ae5f8ebe22f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 618f2d4a5846f51d861b169e6d866f2d |
| SHA1 | 94c92547d3df19b3725440d1cd46e1753ea38439 |
| SHA256 | 3cf11efd2fc870d866f8b445158521f781e330ae67d848e4e814da96c342bb99 |
| SHA512 | 70e176b004f712adbe5cb8c94eb1be7557e4d23c078bca291a37796cc70166055179d7d4a5cefa72cfbaf79bd60e28dce044801153485784ccc2227b27df0723 |
C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity
| MD5 | 8f0030f1b39d5c87ec88cbd9159c7457 |
| SHA1 | f11a502378c35b771e5243888056907d527b9db3 |
| SHA256 | c5bcab719bab1296d87352558e29cb9fbd5286dbd3a6de5987de25c2c931cc57 |
| SHA512 | 78905c3fc8a9e01cd034ce3845bd442b09735f0506b0a42860e404f474e54512a64272f944d1eddf89aeeafd8ef1035af5c20a91cc3fc61cc7674ef1c29c1023 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 426f7c88308f4f5af8f52394952542ec |
| SHA1 | 7d6e8eddd821f2ec700db104d6cd9844970b6904 |
| SHA256 | b5543b4be07007e63e211192c28066d9c0454e58c11f980beeb93b159a8896ef |
| SHA512 | efa07fdc56e30ca7e108397aca9dfcab24a9eaf0227a397cb7124afd0344e543782929dca9c72b64aa8426a5549dcee58ea79c6a811f7896d89ab0756062c7d7 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | a0b3e5fc00a810c39db3a88750e2209b |
| SHA1 | cb98a9f552e47ea1d00c0d26830bba118864422e |
| SHA256 | e60e6bd584cf09b22a22ec23dcf760a600b75dabe889614382e6126394fb4578 |
| SHA512 | 35601a2305957c51923604f00de1f6bc01bb36cc211117dbac9b532b7b4799cab1bbcc8291eed0a68609b446410301bf405fb79322cd2f2d960300ddb90e9fc0 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 4169d94c55401df50c7225fba2e7ebe9 |
| SHA1 | 40798a72092c822fb6dc7b88ad8eeefb18554bd9 |
| SHA256 | fb8257b8c112751806347f0acde33f20267fd10226e0161eae369a61422dcc06 |
| SHA512 | 519bfb471c9b85124818df9489552aecada36fa380605e769b05b2810b1621bcd11590a5b79e8c094cb52c0a59f48f762d90db6c1cfa735a9998d64ba2ebdbe1 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | e84d3f9f316c58d03726aeb7c568fd79 |
| SHA1 | dbeee6310814155465021718815b708c059e5ac6 |
| SHA256 | c8611996977020595918ef73a3e7f4650eef4cf5315d9f1728ba9e13fe986b5d |
| SHA512 | e52a79f06e97babc0af7935e555b1a6f442e22409918454836f913a068f3ac29b276a766c6d267f17770c14aba09aca2d5c3c2ae660e6d1063902778436c3ef6 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 967971f792525b15ff7c3e42f4cf94d5 |
| SHA1 | 23b2869d885c9025d98120a67f656b80fb27e930 |
| SHA256 | 7c509ffd97cb916f5e4646fac26b1d1fee11c8c0868d41d4a31c4c703eab9604 |
| SHA512 | eabb298d6598a060a63ab56cbaaff9446bb5038d18d1900d26572625a01a5c5b4036475849b1da750557755746fef84abed9833f1ffae06ab92ab4ce944bc263 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | bd4f0637165bbe410af6a831da4e3487 |
| SHA1 | 3458c492b1bac30a870ac5895b56e7e2fdcc190a |
| SHA256 | 109d3ddc40e6d5f3ef48bebf5480bf1ffe4da6b10ca18a2271fe60a07a0203c5 |
| SHA512 | 6c4a7beb0365d6343bff2995caa0e0748dc6e33871b5dded330cc557c8deae1aef47d9a0c33107075f7ed7a2a3c5b4f16de53251d11c714d01cb01637f38ff5d |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | fddf7089aa08beb06c204ca3432de658 |
| SHA1 | 0e081185f312e6d1347492f3d30160e83350549d |
| SHA256 | 3104d73883297f4f8e2828817411e81cfa9515d92893f9f2bae948637d9302a0 |
| SHA512 | 0290d45785d6d7cac20828816ef3e60d0febfa8a471acb6ec6b3c0782a22351e90dc0f2d1540ef277ea06e572197989b5d0833d291a26744153365f9c802e59c |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 429925dfa05e9cbbce6f28d13e30de4d |
| SHA1 | a183881c38d997a1ff9623c9ba2d8190e2087400 |
| SHA256 | 98fe7e83ad6348ca6a6c733c4b342004ba17bf69b0f0f62d498352ec52115352 |
| SHA512 | 3a95d2c88a0b0130cb53307a3c4df2db6b18caaaa5d02c1000e66db4ed5962286dcb9136796ec706a00bb730024a586d0d8fa38a20104e968412171d1e673841 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | f201a8e62eb7e4bc6f29d1378ed3221a |
| SHA1 | ee86a2916cd0a974fa5d23c48ae9a026ef09b6ed |
| SHA256 | 3d290f7a4c687621aaa537158cc6887650b03a9e82ecdd1aa12d4c7a96f0da7d |
| SHA512 | ce51bf410a467217024ecceb2f0abc484f74f112a51dc7cab10711e45d037c8238e948154f25f34e24deb2d83efb49694266ac687febb98f18c0eb868e6faefe |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | a747a390a829d3ad4afe082b17333050 |
| SHA1 | 912a5c326d61162a822a1a3c62b00be26c2055df |
| SHA256 | 5a86fd988e19513b25852d35a761c821a1080a5e822ef9414adfe1769e2e4f62 |
| SHA512 | bbcedc48159f75c9a2fad70bc2c503a3465d820d268b451891110a809393f62cbf12df4231c490d4d17907eac7e928fadfde282e2a56a4860b5b44d279d9f7fc |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | a09b6b902226b48cf9e5cc0ffb1c4d15 |
| SHA1 | 1811c03998e72213dc79783a9be58ec75f92f8ce |
| SHA256 | f0db14fa8f015dcf3ca94aa4e5cd980fcf57118cc03ee8cfb09db4be5a84ac45 |
| SHA512 | 54187a7d200edd9bc9c90daa489d276a1b4ed763f2c020464d547d8e96bb3b0479fb76d0bcd3eb7c6c0209e69497d699781ec91ceb7a66fd84d4e2803e7756a1 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 7de8b0efffd9ab3781aac70b11a7631c |
| SHA1 | 4444855e84c1d0648b706b8cd6bb4386b666780b |
| SHA256 | 873427217eaa330e83e2e7aaea29559afa90d0183b5d16882a12b6efffe18b38 |
| SHA512 | 377d0c1a6c177de8506d74079df62115e6d8be8410f6ef565be800184b4445adb9adb5f1b3a26a7aac50c4d365ec45b0c8e27465dadde3eaefd0fe189f14a886 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | ece19c24913dd1b067d37aca00091b91 |
| SHA1 | 3e5563800a321a548b7faabf932b53811b73f81b |
| SHA256 | 77fb74cc7d27451eb28ffddd65bd2acbe41275c4a25133f5bf15c65c31b9b9a1 |
| SHA512 | 1000eb4eaee5a65d5c3709d3c44622d82f1de9891a99181f114ae23140c57b53fe0fcefc7f175966922b6259fb9bf30f604241b236fdcbca6e8074378df7b026 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 96da5ac208af911254c6c59395aa40f5 |
| SHA1 | 07ae535bcc29c4e257f818a065ebdeb98ec54f52 |
| SHA256 | 8af126f05d9d7fca116310753d9934dfab74e46ee82af667527d53f1b795f963 |
| SHA512 | 23b7ed2a3f8dd0cba250f102fd04a6d99cec3b9210b5313413717224a6ef8d761b1cbd49f524547b7de5d5f1e3ec4ab198a9c375671fb7a2161ee6b07eaaa70c |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 384ad5946080183fa3d94891e702f3f5 |
| SHA1 | 5a7cede5f3c9913cd9b041d7d75f6a411b5dc012 |
| SHA256 | 56cb59a9144c1969412ec10dec05c400af2b8e0e5e8a3a8888c17206655e8898 |
| SHA512 | f44df8001228471a26e23be824d2a1a89dfb48ed21859a766aa1b49b1c7b5e261019f750049182d72c803518618b26c3cf0fb315d8011ee29b02f046328df016 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 0a2524ab2ffc612505c6fdc05dac6740 |
| SHA1 | c20e8500b542af555854a4337572036f56294c98 |
| SHA256 | 964c62c7ee506da3fb2a7e3d0921e284a9d9a72ac66c7c0b7c1a135289354f58 |
| SHA512 | b3e975380a120e4c33139e6eb8283f6db6eba0d531582cd885347d370cb0b3765de8dd5b48066ac40d8d21c7a5dd7bbdce4eb773147b74c758d2f0eac95d56e2 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | e641788dc10a6ce8f2316db0a49439f9 |
| SHA1 | 03e358222486f129f6063187ef19722c94e49e85 |
| SHA256 | e158c9dfdeb287c2845f1cb3e1d2989bcd1bb0fd863174cde82c86d184b9d34f |
| SHA512 | 0abb785510f51bc44b11a4fd5362e3ffc8a0aaf0f809c89e8c08b2a1bbdd80d9d2411bb11778b98f106161eeae9acca50c86eab9e93463a184ca85f78da4ca30 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 26f7270365944137d3eede4b6f871098 |
| SHA1 | 55fb6402d682ad603d4c6b8db91bd33aa59b79e3 |
| SHA256 | a3b02960f822896e93b62c412784f927302951a8d7b854bed70b2c7f402b05bb |
| SHA512 | 218870bf7db204e63610796ddc15f1d4ab90cc11cffaed20a98984f490c43986f29b1d98a11d50156c1206d98d8293421fbeefb48f1326b9cba237861e86f743 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | ec6ff4b1aa94fbdc5ca3c39a2af7347a |
| SHA1 | ed7ba213fce39a47bc2f2ec0e2c59f486e28fbf4 |
| SHA256 | 6c1a8240d17129f2b962226e5a9ec0742e7fc99093234c4baf69a4dd7820a100 |
| SHA512 | ad8f99f500338659d8a81a8b4546954f84e4aa5efa81f40bf7a0953646dfd5dfe1c45b0e7c490dfd3dd0ea94d1308403f242453dabf7c97daba4bb88052ff41c |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b6ce3f332088290a51eef4f50aa5882d |
| SHA1 | da9a89adc5b4479083bee5a83ee533bbe999cef9 |
| SHA256 | 659fa4c24843ef2233deca97a68a77c6eef17a54af173d02a2c1706ff102c11a |
| SHA512 | 04c6c41a62dba1cbd7bc7671dfcc2d57e580043d3eb097dd4c5a6a4afa0153710c7d360036d7f2d6222d1378813ee7fa2e3e8e30f66574839d4a49a99e1aad40 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1b0f0ce230efe98d013cac520341ba08 |
| SHA1 | 352532bc4ef92b97910c302f6c79947c1ee2230e |
| SHA256 | 1986f2979421cd09aa0749ee738eb9ff7af31be540f29bb41ae2a8d1963f09dd |
| SHA512 | 4b2c1735be956b0c402f08493aa63364515d3eb4df30119ba0e53c53844849d078e8e26dc05cb0e66122ce3fab81e362e21c86010188f647808ee37ab823d4e8 |
C:\Windows\Temp\TmpCDB2.tmp
| MD5 | 1b635347d6803146aef21784dc562db5 |
| SHA1 | e27c1c770c00a48542b3ecb66d9aea45a52a7d18 |
| SHA256 | e551b1d2f76c4ad85efbc68b13a258c1ad5cae7a3f1f801c6fccbe4ec568cc39 |
| SHA512 | 3e983174386c69c41e5872dc09125d3119e1046192d1cd9a04eec921d562bac27b86da14b3b084144e8360182399eb4dd33be76d24ac1caaa87e262be4e30345 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | f37fccba2ec39c78cbb7f94c15096f8b |
| SHA1 | cc9952c42da93851628e8dd2f790e1af986c9ad5 |
| SHA256 | 791c4c995cc6c711e7487add4812f70147ce8917206a51ebcd6b06bad1eab717 |
| SHA512 | 839406681dbe93c4080e0573977f394e3dd5b3f164887471e4c12c9729bdca0b8cabc1a96b6eb4d7116226592e748e111ec7e3bcea413ed96a9b8eee43943308 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 8a20cfa1d398fbc4d218eb6bef2dd2d6 |
| SHA1 | d7de08fff4ba90e2837465a6a3ff153faf0627fd |
| SHA256 | a1161a8e9db48e2236ec232faba9f47da2abac301ec46b5104e852b20543d9bf |
| SHA512 | 76321a9360cf4b13a7647175425ce44e27233fdd7340ee17b84464d3a0d18d467401f2b367fd15c7eb131b1344e9dd4d895b445f72298cdf02294278c9070b98 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | ef4167f354793d3c8be311308e8c82e6 |
| SHA1 | 16dbe2c19d3144fcc3d414b1072da11b1da905b7 |
| SHA256 | 1ac1a5e95b2dcb8c52057baf48e9fdd7b3a4e1607113bb1d86824b2959e79e62 |
| SHA512 | f814525a71c1fef8b23e64a906f79a690689c097e97d7b919e1715a8533e3f5614d769c4a0343c00971a385e33f3196be8fcd11107906a809cf00729ec4ecaaa |
C:\ProgramData\Malwarebytes\MBAMService\25efe396-8e42-e147-d4055b03912cc36d
| MD5 | 28ccf15ea46074d78f6bcc5be86057c5 |
| SHA1 | 26fd7745a2faeee058a1b688ff72a9211eb1125f |
| SHA256 | e993ccd63d1eca188f9fa95760e2478f9c9ef5fb4da1548b10bd03d8734d8b95 |
| SHA512 | ca75af1f2d2bbd27e5c99782f0db76fb9ce7fb3f587c18c11d60c57c95de2b9922b5c5469aa3fd0662f362bcc9aa388c28aba50e47557d47ecc5a337d77ba462 |
C:\ProgramData\Malwarebytes\MBAMService\tmp\a3cff8c494ad11efb197caf61997b0b0
| MD5 | 9cd6d3d7bdcbf218643a792a29524abd |
| SHA1 | 40c11237ab28ab4f02e5b2118d90ea5ef1073af4 |
| SHA256 | 971973c5b60f22288bdadd7fd3907482c4fd7f020bc95d4972721e6d7a13b45d |
| SHA512 | a576634728bd9a24315bf57f8141157604f2854bb305df3a2fbe175f61e95dfff9752d0e9e1c58653d954927ebc31f21c9c47a930923e2f99c7e50c12b7aeed9 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9af89243b4b1fef23a0d5a2968ae5b4f |
| SHA1 | 401df2d9471ecc49e17545349fd81b97b364edc7 |
| SHA256 | 42b0a1781ac4a289ce17487805847988d0b18dc42bf5642206aae8696fed6990 |
| SHA512 | 7ab51cd5952a4da289844b5b50f46443ab6a9c45581542f48d099ed6e0053d77e41499a84ff8d4e0e14a26634b277fea4e137545fd91952ab89e7540dcb1ef34 |