Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.kinitopet.com/ was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Reads user/profile data of web browsers
Loads dropped DLL
Checks installed software on the system
Enumerates connected drives
Command and Scripting Interpreter: PowerShell
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
Checks system information in the registry
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Modifies registry class
Uses Volume Shadow Copy service COM API
Modifies data under HKEY_USERS
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-09 00:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 00:09
Reported
2024-11-09 00:13
Platform
win11-20241007-en
Max time kernel
264s
Max time network
264s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000\Software\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" | C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000\Software\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" | C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000\Software\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=DD844BC0-09D5-4996-AA38-4CEEB7107A86X /rid=20241109001111.176240740359 /ver=fa.1092c" | C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp | N/A |
Checks installed software on the system
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\fa.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\mr.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\te.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\package.json | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\css\style.css | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\checkbox.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ar.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\el.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sl.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\index.html | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\gu.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\exit-popup-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Fast!\BigTestFile | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\vk_swiftshader.dll | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sv.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\checkbox-checked.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\fast.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\network-error-popup-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\pt-BR.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ru.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\logo.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\all-circles-bg-mask.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ur.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\survey-bg-second-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\cs.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\de.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\fr.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\zh-CN.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\da.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\es-419.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\kn.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ur.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ml.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\nb.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\tr.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\ffmpeg.dll | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\en-GB.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\lt.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\uk.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\vi.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\js\ui.bin | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\hr.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\kn.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\nl.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\zh-TW.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\vulkan-1.dll | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\es-419.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ja.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\pl.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\he.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ja.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\th.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\icons\info-logo.svg | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\app-background.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\libEGL.dll | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\nw.exe | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\ca.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\zh-CN.pak | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\ui\images\survey-bg.png | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\FastSRV.exe | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| File created | C:\Program Files (x86)\Fast!\nwjs\locales\pt-PT.pak.info | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\D03547B6-520A-4891-9D45-ACB42C200A8E\dismhost.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Setup (1).exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\PCAppStore\download\SetupEngine.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\FastSRV.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\Fast!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Setup (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Fast!\nwjs\nw.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133755846821223664" | C:\Users\Admin\PCAppStore\nwjs\NW_store.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-556537508-2730415644-482548075-1000\{2D7F6042-212E-441B-8905-14726BF4E041} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings\MuiCache | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DD844BC0-09D5-4996-AA38-4CEEB7107A86X} | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\KinitoPET.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 287358.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 900962.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Setup (1).exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\PCAppStore\PcAppStore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Fast!\fast!.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.kinitopet.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0x100,0x110,0x7ff82fa73cb8,0x7ff82fa73cc8,0x7ff82fa73cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1812 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2432 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6116 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004E0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8104 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6744 /prefetch:8
C:\Users\Admin\Downloads\Setup (1).exe
"C:\Users\Admin\Downloads\Setup (1).exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://pcapp.store/installing.php?guid=DD844BC0-09D5-4996-AA38-4CEEB7107A86X&winver=22000&version=fa.1092c&nocache=20241109001048.90&_fcid=1731111021870690
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff82fa73cb8,0x7ff82fa73cc8,0x7ff82fa73cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp
"C:\Users\Admin\AppData\Local\Temp\nseEEC.tmp" /internal 1731111021870690 /force
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\PCAppStore\PcAppStore.exe
"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default
C:\Users\Admin\PCAppStore\Watchdog.exe
"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=DD844BC0-09D5-4996-AA38-4CEEB7107A86X /rid=20241109001111.176240740359 /ver=fa.1092c
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
.\nwjs\NW_store.exe .\ui\.
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x26c,0x270,0x274,0x268,0x278,0x7ff81b5ca960,0x7ff81b5ca970,0x7ff81b5ca980
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1b0,0x1e0,0x7ff763868a60,0x7ff763868a70,0x7ff763868a80
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1996 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:2
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=2004 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:3
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2164 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2656 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6408 /prefetch:2
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4292 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4576 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Users\Admin\PCAppStore\download\SetupEngine.exe
"C:\Users\Admin\PCAppStore\download\SetupEngine.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installing.html?guid=DD844BC0-09D5-4996-AA38-4CEEB7107A86X&_fcid=
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0x104,0x12c,0x7ff82fa73cb8,0x7ff82fa73cc8,0x7ff82fa73cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4900 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4992 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe
"C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe" /fcid /instdir C:\Program Files (x86)\Fast! /startup 1
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -command "Register-ScheduledTask fast_task -InputObject (New-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files (x86)\Fast!\fast!.exe') -Principal (New-ScheduledTaskPrincipal -UserId ($Env:UserDomain + '\' + $Env:UserName) -RunLevel Highest) -Trigger (New-ScheduledTaskTrigger -AtLogon) -Settings (New-ScheduledTaskSettingsSet -MultipleInstances Queue -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries)) -Force"
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
C:\Windows\SysWOW64\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp" > C:\Users\Admin\AppData\Local\FAST!\Temp\dskres.xml
C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe
C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installed.php?guid=DD844BC0-09D5-4996-AA38-4CEEB7107A86X&_fcid=
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff82fa73cb8,0x7ff82fa73cc8,0x7ff82fa73cd8
C:\Program Files (x86)\Fast!\FastSRV.exe
"C:\Program Files (x86)\Fast!\FastSRV.exe"
C:\Program Files (x86)\Fast!\fast!.exe
"C:\Program Files (x86)\Fast!\fast!.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1732,10332944286697725600,17149833872722857996,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files (x86)\Fast!\Fast!.exe
"C:\Program Files (x86)\Fast!\Fast!.exe"
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" ui\.
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" --annotation=plat=Win64 --annotation=prod=FAST! --annotation=ver= --initial-client-data=0x270,0x274,0x278,0x26c,0x27c,0x7ff815dba970,0x7ff815dba980,0x7ff815dba990
C:\Program Files (x86)\Fast!\nwjs\nw.exe
"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=FAST! --annotation=ver= --initial-client-data=0x1d0,0x1d4,0x1d8,0x14c,0x1dc,0x7ff6c8e4ca30,0x7ff6c8e4ca40,0x7ff6c8e4ca50
C:\Users\Admin\AppData\Local\Temp\D03547B6-520A-4891-9D45-ACB42C200A8E\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\D03547B6-520A-4891-9D45-ACB42C200A8E\dismhost.exe {F7167F03-15FF-4DD9-8F90-F359CC8FB14B}
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" EnterProductKey
C:\Users\Admin\Downloads\KinitoPET\KinitoPET\KinitoPET.exe
"C:\Users\Admin\Downloads\KinitoPET\KinitoPET\KinitoPET.exe"
C:\Users\Admin\Downloads\KinitoPET\KinitoPET\KinitoPET.exe
"C:\Users\Admin\Downloads\KinitoPET\KinitoPET\KinitoPET.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1184 --field-trial-handle=2000,i,12829804302830613383,14480681024949563598,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.kinitopet.com | udp |
| GB | 142.250.200.19:443 | www.kinitopet.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.187.206:443 | drive.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | udp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | shared.cloudflare.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 92.123.128.192:443 | www.bing.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.164:443 | r.bing.com | tcp |
| GB | 92.123.128.164:443 | r.bing.com | tcp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| US | 45.79.115.66:443 | kinito-interactive.itch.io | tcp |
| US | 45.79.115.66:443 | kinito-interactive.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 172.67.132.40:443 | img.itch.zone | tcp |
| US | 172.67.132.40:443 | img.itch.zone | tcp |
| US | 172.67.132.40:443 | img.itch.zone | tcp |
| US | 172.67.132.40:443 | img.itch.zone | tcp |
| US | 104.26.8.198:443 | static.itch.io | tcp |
| US | 172.66.0.236:443 | itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com | tcp |
| US | 45.79.115.66:443 | kinito-interactive.itch.io | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.213.1:443 | 759187026-atari-embeds.googleusercontent.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| FR | 185.93.2.8:443 | repcdn.pcapp.store | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 207.246.91.177:443 | pcapp.store | tcp |
| US | 207.246.91.177:443 | pcapp.store | tcp |
| FR | 185.93.2.11:443 | repcdn.pcapp.store | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| FR | 185.93.2.8:443 | repcdn.pcapp.store | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| FR | 52.222.169.28:443 | d74queuslupub.cloudfront.net | tcp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 8.8.8.8:53 | pcapp.store | udp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:80 | pcapp.store | tcp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| FR | 185.93.2.11:443 | repcdn.pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| DE | 212.102.56.178:443 | repcdn.pcapp.store | tcp |
| FR | 185.93.2.11:443 | repcdn.pcapp.store | tcp |
| FR | 185.93.2.11:443 | repcdn.pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| US | 8.8.8.8:53 | repository.pcapp.store | udp |
| FR | 185.93.2.8:443 | repository.pcapp.store | tcp |
| FR | 185.93.2.8:443 | repository.pcapp.store | tcp |
| FR | 185.93.2.8:443 | repository.pcapp.store | tcp |
| FR | 185.93.2.8:443 | repository.pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| DE | 195.181.170.19:443 | repository.pcapp.store | tcp |
| DE | 195.181.170.19:443 | repository.pcapp.store | tcp |
| DE | 195.181.170.19:443 | repository.pcapp.store | tcp |
| US | 167.99.235.203:443 | pcapp.store | tcp |
| DE | 195.181.170.19:443 | repository.pcapp.store | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 95.101.143.195:443 | tcp | |
| GB | 95.101.143.195:443 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 52.182.143.215:443 | browser.pipe.aria.microsoft.com | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 64.227.17.224:80 | veryfast.io | tcp |
| US | 147.182.211.77:443 | ev.pcapp.store | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| FR | 185.93.2.12:443 | repcdn.veryfast.io | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| DE | 152.199.19.74:80 | evcs-ocsp.ws.symantec.com | tcp |
| GB | 216.58.201.106:443 | tcp | |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| FR | 185.93.2.8:443 | repository.pcapp.store | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| GB | 92.123.128.178:443 | r.bing.com | tcp |
| US | 13.107.213.254:443 | t-ring-s2.msedge.net | tcp |
| US | 152.199.19.161:443 | fp-vs-nocache.azureedge.net | tcp |
| US | 150.171.70.254:443 | mcr-ring.msedge.net | tcp |
| SE | 192.229.221.95:80 | evcs-crl.ws.symantec.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 23.213.251.133:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 172.217.169.74:443 | udp | |
| US | 64.227.17.224:443 | veryfast.io | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a28bb0d36049e72d00393056dce10a26 |
| SHA1 | c753387b64cc15c0efc80084da393acdb4fc01d0 |
| SHA256 | 684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1 |
| SHA512 | 20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7 |
\??\pipe\LOCAL\crashpad_3616_ZPHBYRJENXBMDGJZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 554d6d27186fa7d6762d95dde7a17584 |
| SHA1 | 93ea7b20b8fae384cf0be0d65e4295097112fdca |
| SHA256 | 2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb |
| SHA512 | 57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 234364e11867de12f3e0c9c959013da6 |
| SHA1 | 543c758fc92b42573bc518f2d4374004e53c297b |
| SHA256 | c43987c2e2df6ae8d654731f22ae24bb43e7c5d369248972b779b93ed34b006a |
| SHA512 | 240a8f8de050100b41f9e4bed546c8187ee7fd26d9cdfb36ff5f9fc08a06d7cc04097bdeb415c4eb693dce1b57e551623c1991de15aae6faf267b5666faaf49a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 352a958b151b9dbdc58c98906845e24b |
| SHA1 | e01186db25cdac711c86cca949bd8130c6c9be98 |
| SHA256 | 98212f60f4bad4a310f10812f66ba346ea10f8fe42a857a5bca173997fd7c342 |
| SHA512 | 52213f0a82a3397a8b4aa5a5d22359c9932af80a974f52217325d45f9232a293196aa5c109c3ba2141a1d1abb73705a98d75336b98435e986eabe755bc52164f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 91970a7df7d12f8b2ae87cb7f98cc516 |
| SHA1 | e87d406858dce22789285efed726b61532de3a56 |
| SHA256 | 9300c88626aa9ac13f5377d8681d8ddaf65a3714682a8ff8d08faae430daccd2 |
| SHA512 | 1d2003b84afca2bbeacd7cddebc864547d171250a774f17d2992d866a550528fda13d3e8a3950d9b117d5fbc4ff68ce78bee396fa88019e322db29bdb78e05ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 280197e3b3d69b14a48a157727d3e740 |
| SHA1 | b3667cc41f755b5e012fd9134144c23a8187bb67 |
| SHA256 | c43297aaef8668e426c032e58e4055fb6c17cb2620a245ff6c62d9b84ebe514d |
| SHA512 | 07446aab19d384f41964a7d4169e301030e3be17bd0f63462b839ede6978779ea727215d69fdb2912936b14d5beb0a2909bfd6b64ae53d547c1544f76c68fdd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f05b.TMP
| MD5 | 73080000630aac58716ca8eb603b8b9a |
| SHA1 | 0c1bfbb0e82d0e85b5f37c09055663b345e99a91 |
| SHA256 | 72c6bc6896602b3678688c2c265fff991ecb974441d23bb3af8aad435821c5e6 |
| SHA512 | 543ea65f372b803b653f59f9c10afc871b12c660195eeb3830777394bbc03f3dc93b5deeef3df0549f211a822a6256bc089e33092089bf311d80915ad8da6fb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a4eca5ec8a6cae514c030a5ec20d1823 |
| SHA1 | a1202a368d6cc54391c5d2efc9ba3a968fb3faad |
| SHA256 | 0b3419cc0d251c2f87dbdd1861d26ba97621c62026eeb689e6e49ad1299c0c0c |
| SHA512 | ba5911463adcda6b24ec6147978932a3a3dc8d8d797fd58a070c41123df8f64996d4c5fa24e6badcb4d8fffbfb1e842e4f4aef1e1f88808b5557a74bde2e7ae7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 72684d892cfd3603dad4bd5ec2bb5d2e |
| SHA1 | 98026a9ea970d28060825179087a2a48942917fb |
| SHA256 | e1bcddde188af7467c53e8d104f3e26f08740702d9a64c2eacaa36f2bc70866b |
| SHA512 | 621ace838b5a594cbbef4cf180b0fb2c4141dc3ccdb81340506da15484fe7733bffe948905b8b82c2fe4ea6fce46df8d1da60d095ebcbf3cf764d9dd210c4f8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9a82285feff3bc45bcccae66db3ff901 |
| SHA1 | 0fe9c834c933a107162ad6e88c99555b1f9ec413 |
| SHA256 | a7852e32c0e62c711a03255969df9449e7fddb61a66c10fdb821d3221770a881 |
| SHA512 | a9d3e8719adf49b1da69de3181eac0915bc0b24e40a88ae36226275f86d7347fa7d7d3ea721c98069f63e4288fe6b8f9186ca4092ee9d74ea895b97a49845c2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c7085952f82b68640ad98e62c58cc307 |
| SHA1 | 882d990e5a6d9a25dbae54cc4319b07e91257bb5 |
| SHA256 | d474b40789ee328aed19f9356498ada107bffb9dcaf7cb174840ec21d651f83e |
| SHA512 | 91708903567715cc6e571baed05d95bfde00cdb64772602747ca34da1a67b01c45b0c77114e20665e1f2ed36a88c67fee2665def4e82cdf83efb8a55f979ace0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c57feb45ad6131297f77084328d39a9d |
| SHA1 | f63bf5d37e7a9746389f99c53f3a465b5c94a346 |
| SHA256 | 9d589ebc5af71b0003861511650be6eb998d0f1449dd4f50bfe6c8e00419fb0c |
| SHA512 | 536e86aa1c2f7c1164b6b6904c2d0e50114571e36bace7dec1ac20c386de7475de1da4ecfeeb16781742160256a0fd6cfab8c6ed3b85e810d9f336dd9dbdac15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1a39b6e271b3191a30fb348d62c337bc |
| SHA1 | 2ea2ffe67115790d4941410a11fadefb84cae0b1 |
| SHA256 | 00d28249c081a2340120bb7e35cf14b5d5d4515556d0f93f62e4111a70b3ca0a |
| SHA512 | 96d8f5c34fef8c4b0fe7aea7457a301a9067814bb599e37916bde9e7adab6c1fe4bb1de30d39060e50318b4db756b2c6fdb1c73e5415204fe46c0df449f7cf55 |
C:\Users\Admin\Downloads\KinitoPET.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7cdf0964138df8579b29c2e5294b0236 |
| SHA1 | 6f289c556d192b8ba827773413eccbb1c9e38e38 |
| SHA256 | 6e920b28c32c5c8523b82a6535e030e785664bf3e8af8bf9b9fae81d2213a9db |
| SHA512 | 32b8b599c5d34e6f3816446784686fff70e508efbd2fcee7976aa3d2a4367dd788a02452a7f41e7b1a5d5caea305e4e2752db78ce3add57cc56e98abda7b0ff2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0a08d207b1c0b9b3bb1a46a2d761e2d1 |
| SHA1 | 25f556bc0e446c8a50dfea92c8dde869d79a7d16 |
| SHA256 | e2df50080432de23928f96f1a9e8819e000e783bf1844d2a3a7f66009202991b |
| SHA512 | ec5b3ef786625c275fca5cd994c34a16cfb3dbf9b1427e6bd3a4421d2acf7b9dbdf17147299453994f71d4dd0a12b1f37eddacbf7b698fea26fded8ea60b8d55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 655676a292e8623ddb50f3915682cdeb |
| SHA1 | 6da5835cd78eff89efc068fcc58715b29989f82c |
| SHA256 | 414e1af89a321f759c985f476d310b29152874c93f6e2f23a741cdc939803385 |
| SHA512 | ed4386862e6c06dc720868be681baeac616cc6a34e97c09ecce1900e76893763756009bef3b630af099b782cca448bdf24ac6e290f357e18b3d20870c5be52e3 |
C:\Users\Admin\Downloads\Unconfirmed 900962.crdownload
| MD5 | 4dd2e871dd4608417fe7ea90075fd34d |
| SHA1 | 33171ef2aa1b27c37a6bb0d17152304cc10404af |
| SHA256 | 3d069536178d18eaa1299aa3d2d7a5c728e4d96a7df00cad7832b0422e19354a |
| SHA512 | 2106d08b904e87ea8279c567cac2f369255e4f5d508d95d9d12ba79d97bae5eb2d5ae686242de23756ef82fe7acde4be5156531154139478ae8807bfa299c8dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4713048518a73acacd378f96bf237d5b |
| SHA1 | d09ecaf5e125d34c3e2ea0f8e4d5d67abdfc65a7 |
| SHA256 | b39cbe180e426a89c8652ae0897facdd046471d3c58b90cdf3ea319a2d2c9753 |
| SHA512 | 0f546c7760ff8298ca9bd5087f420f40f4d7c730fe7b586905507c1bc4b6d3318c8eea79f3190ecce12113fe2300cac347943aca4019a6eb53d6d982a4c55c16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | da7cab1ede3e205704f74ab78a377396 |
| SHA1 | 5ffab5397e36aeea6fdd29fd02b0be8172b06e61 |
| SHA256 | 2dc667369127c2ada13ede5391b26b98096c285028d7d295a7e58a4a4cda4fbf |
| SHA512 | 94bc0461f4ccc6914f97eef8f46b7b114f7e0faaeafe6850b8fc900876acf6e232bdd531e019b5985ede1877ae138e341e0fb4c0099f32654a6b112769030cad |
C:\Users\Admin\Downloads\Setup (1).exe:Zone.Identifier
| MD5 | 3a3684cb99a02867a99272ce59bd40ef |
| SHA1 | 15ac670e5f6d3dd377a914e62d4dc82e91451d93 |
| SHA256 | c2d285b9336761752b9456a13e5bd0cf2f505f0bd7ee79228afe275f21002718 |
| SHA512 | b4513a005be7b8ec34f69bf9a10b16bfd9f64ae9c56f8e3b1250e5edde2d26e120d3a47e633bd27650ad428e616b676c445b742d2edea98a1cc99dd1b6603cd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ab90ce2253a56d1e3a23e082978d608f |
| SHA1 | 9afa8cdcc442dc8fd11147a6b548fc6c92e41fad |
| SHA256 | d2fe233207328b8d88bd5ed98410e6df28bc7a040de7c150d776c416e5f90e2e |
| SHA512 | dff6e6cd98de2c168f7d8be1ec2cbc1fc3a1697a420f084b11183009068a97f7e4274640d056951063fe64f56cfa94eb9d69dd7df8f7c9cc948fe0f013262055 |
C:\Users\Admin\AppData\Local\Temp\nsdFE42.tmp\System.dll
| MD5 | cff85c549d536f651d4fb8387f1976f2 |
| SHA1 | d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e |
| SHA256 | 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8 |
| SHA512 | 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88 |
C:\Users\Admin\AppData\Local\Temp\nsdFE42.tmp\nsJSON.dll
| MD5 | f4d89d9a2a3e2f164aea3e93864905c9 |
| SHA1 | 4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a |
| SHA256 | 64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb |
| SHA512 | dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2 |
C:\Users\Admin\AppData\Local\Temp\nsdFE42.tmp\NSISFastLib.dll
| MD5 | 9c7a4d75f08d40ad6f5250df6739c1b8 |
| SHA1 | 793749511c61b00a793d0aea487e366256dd1b95 |
| SHA256 | 6eb17c527c9e7f7fea1fdb2ea152e957b50a56796e53ce1e5946b165b82deaef |
| SHA512 | e85235307b85ffd3aab76ff6290bee0b3b9fd74c61a812b5355fe7b854d4c6b77bd521e52638d28e249a43d9ec7aa6f2670af2b1c671091492c7fe19d6f9a4e6 |
C:\Users\Admin\AppData\Local\Temp\nsdFE42.tmp\nsDialogs.dll
| MD5 | 6c3f8c94d0727894d706940a8a980543 |
| SHA1 | 0d1bcad901be377f38d579aafc0c41c0ef8dcefd |
| SHA256 | 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2 |
| SHA512 | 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355 |
C:\Users\Admin\AppData\Local\Temp\nsdFE42.tmp\inetc.dll
| MD5 | a35cdc9cf1d17216c0ab8c5282488ead |
| SHA1 | ed8e8091a924343ad8791d85e2733c14839f0d36 |
| SHA256 | a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df |
| SHA512 | 0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\773CFF2C7835D48C4E76FE153DBA9F81_15174A80589B8DAF9768E9131F4845C0
| MD5 | 91b954a96bb503e26f9fcafb23491f9e |
| SHA1 | 8e52b6bf7e9370f8f5373526fbda01dbdc7e7c84 |
| SHA256 | a0ea41ee5191f0e631f38389b18b58b7663e97e04cc63e12cc2808a3b13e9aa6 |
| SHA512 | 1b0951932923b2e0519fd4e415bca1bb64d72154179e7a8db56ca885b7e32c690702c1dd1c1f2f8188ed383b13eb58c27a7743f04423050c1085431a4a5a6023 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\773CFF2C7835D48C4E76FE153DBA9F81_15174A80589B8DAF9768E9131F4845C0
| MD5 | 20f285b90661f7fb87c74563641de158 |
| SHA1 | 5505bf5cb27c3a83b3660a3c5d4d99ad499e78ad |
| SHA256 | bb811a2939f554e861ec572fe20a3f10ad302f87ffe3fdaca0e37b1b7ee88cc7 |
| SHA512 | d4792adf05030f5e49bac5e090e51a498a8731d73f244cc0c37b3d0bf08881c6ff316f340d8119c36bc165e01162ac9c177cce7c4a602ff0a2efe05150eac2e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_C39E9DBC666D19C07EEE7CD1E11AF8BE
| MD5 | a2eeb97d788bf80e54d203dcf5dd41e9 |
| SHA1 | 2884b7763ba6644c004251d2e2a8510981ee9619 |
| SHA256 | ce839e1b4779545cef3e3bde815d1e7931b22b6f3cac67ef8b95514790aad024 |
| SHA512 | ddfb5c669494cd91cba68cdb84e9497eb40e672f8c9f9f3935838b59c90435a5d8d89db386e07f96dfcbc6a13b9c15f55c7a6d0ea66ddbfd2fac436ebf2451ce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_C39E9DBC666D19C07EEE7CD1E11AF8BE
| MD5 | 7b75d054c354544217965de2b66889cb |
| SHA1 | 6ab7dffa0969e95b482af091cea51c9e1e3e260a |
| SHA256 | de216c2904aad6b18862b0b70293261edbc3c0c318737af39e63955d0e8ae50e |
| SHA512 | 18ebf882fc0414cad834200edc9afb9e056548f17de743415533c96b1092fd45381d4cbe5e1c65fd6e5f1cdc1a556e29a6fba8e90cb990db42394663d0d6da95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d3d3a58956ba8dc1b9b7a84239b2d37 |
| SHA1 | 4f58a2f28de1443eca17922465aeb2aabbd1e58c |
| SHA256 | e413e2459f327bba13d67f985fda2f38acafee23b2790ab06b47fbf21e189d9c |
| SHA512 | 70d9afa787fd51bf48acc03462dded52f567b6125e6f7a3f4b30db8ef6e95af79ca1bfffd28d5489dc47ea3fc9ea3010dfa6eadf9275c4a76932ec9d31441de6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bda883011edf216308a7f2f8a0a8aacb |
| SHA1 | 7cfbf758b0ec96bc5003c6655404e09ff803381d |
| SHA256 | 4867f8c0702883da98611eeb9c37fc907741b67d6cd98f6a640f752455b66344 |
| SHA512 | 40f435a06e420d5226487f8747f13a600f00a03a5b992c56f4be9445d8605c71d54fd9e9c10d2c109816a84d4003a5ca55d8507e07d99454ca673e0be1e14174 |
C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info
| MD5 | 82d7ab0ff6c34db264fd6778818f42b1 |
| SHA1 | eb508bd01721ba67f7daad55ba8e7acdb0a096eb |
| SHA256 | e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db |
| SHA512 | 176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d10d6dc589fe221b74a5e7c70998bf0e |
| SHA1 | 5bd19ea21c8a97c90d7b0d7a8607ac140c513214 |
| SHA256 | 2fc1740d9894743e6b6cca783e4c6bd0408cf9826b4b6a3c99a2d73d7f25cc0f |
| SHA512 | 977af474a7afbdd55fa60ff6dfaf4db4795a088e5e44399b4ab29e9dfc968cfdd51d578f1b07ad334446a4462ee640a5d1b23130825b6736ec4ee0471c7e35b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5965b5.TMP
| MD5 | 084fcb36609084485fc8b0e8f351dd40 |
| SHA1 | 77e63c8d76fd3f21ac954dedf37ff1b3efeaf4fd |
| SHA256 | 27b90f40ff91a5ed37f230635c26b0ee8de9243770e106e1253d290373f1eebf |
| SHA512 | ab7b2a86b11ec5343309b20bb70752dcbd26dfb48465ce1c3eeb12512b658ebc117f9c691dc298b8bcf82387809d7931bac42a05c6a9e5b1b7bdc344e654fd92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 368ced12416bf08549c4d75b521a4763 |
| SHA1 | 401bc4c4723c9978b30394e0c8ca3a2b45e6f4a5 |
| SHA256 | db949937c85183fdce84d3ef0d1f634fae3f0a74e3ab9f3ff29762f8b75a884e |
| SHA512 | 608254d9e0f7d5af37965d13ef1c53ac6361853308712de61babfb1ca1bc06a40254b87b7abe61d67a844f279a4786ed765d87f92a63456392aee50a540f3b14 |
C:\Users\Admin\AppData\Local\Temp\nsk36F6.tmp\Math.dll
| MD5 | 85428cf1f140e5023f4c9d179b704702 |
| SHA1 | 1b51213ddbaedfffb7e7f098f172f1d4e5c9efba |
| SHA256 | 8d9a23dd2004b68c0d2e64e6c6ad330d0c648bffe2b9f619a1e9760ef978207a |
| SHA512 | dfe7f9f3030485caf30ec631424120030c3985df778993342a371bf1724fa84aa885b4e466c6f6b356d99cc24e564b9c702c7bcdd33052172e0794c2fdecce59 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\98ab3375-dacc-4566-9c6f-b52897795845.tmp
| MD5 | 728fe78292f104659fea5fc90570cc75 |
| SHA1 | 11b623f76f31ec773b79cdb74869acb08c4052cb |
| SHA256 | d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20 |
| SHA512 | 91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 054ead68d4ba655ec3327a297b60f06f |
| SHA1 | 7aaf3d4c32db91009b9a11f226258f1b4552485b |
| SHA256 | 0143a33910d6a15b6f87d31dfede439a542d6dfff1ba675cbc1dfbd44cdea797 |
| SHA512 | 7fdd00c52b65fd193216d2c2a12f9acd6f2b934cb2473816fdc9dd88bd83f45b063d298dc8603853ebc57d2b55ad563ea94a8b710e3ea578a140191b71d37505 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5
| MD5 | 03e9f614a008075733c76883156b568b |
| SHA1 | 5f9cb1b06928487c4b836e9dedc688e8a9650b0b |
| SHA256 | b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416 |
| SHA512 | 7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 15edbb4d85cf503917a877d894fa0a18 |
| SHA1 | 45b9165e1a659c3aabecaaf3ef8672f10541ee17 |
| SHA256 | 6b99a2c0c946d59d80a1d56f795c61059cec833c904aaf6397eebd21d8129d8a |
| SHA512 | 4dc82a722cedbb945177fde76aa5f5990f81aa6cc09988949340ffc1c7ece507508b6b5f239c22388c39716cbe4bdb48d88b2fde257b8f40cdfed695a060326f |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 8e433c0592f77beb6dc527d7b90be120 |
| SHA1 | d7402416753ae1bb4cbd4b10d33a0c10517838bd |
| SHA256 | f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af |
| SHA512 | 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3 |
C:\Users\Admin\PCAppStore\download\SetupEngine.exe
| MD5 | 85f2849f25944fc15e58521a52b800ff |
| SHA1 | 718d11673de4743835523983ab5e06f88785a03d |
| SHA256 | c4942bad2eaaca0bb5ed7e6900d6c85f12f0db6de790072838ce3f854b9ad677 |
| SHA512 | f5723f93695e84fc41f48f0153f024249e9abc9fd03d788af1c31d6084acfbe4c85a76de55ab8be4f68d16807bc0381c269cc3834510d538e9710f528b04beb7 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 457442c95842e19e6aca17d451148620 |
| SHA1 | ac7565494cddaf1fd99ab3b27ff71f8ad3716d2b |
| SHA256 | 8fe7289e77a9393a85514009d489c3cbf73db5713ed2cd88d6263b5d4377b15a |
| SHA512 | 13a4c99bc8669032baccf0e78957e21a9bc745c10da1e716ab79ff38508f18800cdc0d149272802035e6b83aca069c9a3fb39b96fb63ea206f34ca866e15b6c7 |
C:\Users\Admin\AppData\Local\Temp\nse8BBD.tmp\modern-wizard.bmp
| MD5 | cbe40fd2b1ec96daedc65da172d90022 |
| SHA1 | 366c216220aa4329dff6c485fd0e9b0f4f0a7944 |
| SHA256 | 3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2 |
| SHA512 | 62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State
| MD5 | 774af30309f3e5992de11c145c81760a |
| SHA1 | 51fc790436c82e7a47b68e0c8f2c09893a1495bb |
| SHA256 | bc17be26819880579fb8813d17a894ae3fdc7560e1c518cee173de4fff6001cb |
| SHA512 | 1d6cbc5cb3a2fb33227ece6c92c56e2ec392a04f72f67409efa2e9f5a85521b061c2ee1a7a9577a2dcd8228c1f9693bcd9a05bb6f642b5ab133b5ae3d4c6dd7b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State
| MD5 | 046ecf613ad52836fb0c381f2604db12 |
| SHA1 | 2e324a96d7204552cfb48049069fb50a85acf04b |
| SHA256 | c65c63a9c74c5798293d8431bcbb4302a2806e3788fa71078bddeb5a7e44f354 |
| SHA512 | b5d20e0b1fb4d1c6076338de7281c4fcf88e2ab7732f2fbaff0562293e67ba01776d6d39b4f19d3e69b335abbf1e447a674d93039acf4275f5dcdf27379260de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f8fb8809a48c51b3f21b084407284632 |
| SHA1 | bd8cf4539cd42bc78729a9e8c1b12a9d03cc4309 |
| SHA256 | fe75aca79efcfbb6cdfd07e9d66e22f44e835de6759c084ebe956ab085dcc3fd |
| SHA512 | f1eab4ce76f2bee608d2f09cbaf0b6bb29b66412021a3405ba283ecbbf281368b977caea788f7a438dbfa6216acfc1bfcbd8e646b87234744841ab6249133670 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe59beb2.TMP
| MD5 | 9a9fb9b2b77f356e47ba4a3dde362c59 |
| SHA1 | 434f0bcca9184102fb5fbd9a88c376f92dd0540f |
| SHA256 | 3553aca8e0228409320158c5cf89ed7194ca8d77d20f94669245ccc1b8e7a1fd |
| SHA512 | 162430c9d891206d0028140bce7cb23d73ae50d768ca68ed65cf8b4c0b6679d68b892b94b9ed28900d1358d4d8e9dbe0754895c024814d0cb6a801025c98dc6e |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d4d569f799e993e5e03765c3eab92b56 |
| SHA1 | 3113334809fe0d0fdfc59548de8fa05d92177cb4 |
| SHA256 | 04863bc19cac353ee9e027c43d913efea8b16e018f4c188b827060184b30cc02 |
| SHA512 | 5ae39c5fc4bbeb720ac2294e8229de1b094b5224fcae37b817cbf969482d8680c06535490e3a89837575df8e8927608c1dc55ad265e01162ef188b8f49d9ee3a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 34f427a24a59266dd1902af50050e30d |
| SHA1 | 0f2b80d95e73116710e3a6d590b482c4b56b0115 |
| SHA256 | 328c0e4230df902607b16acfd98f7283d1cf4c03c1717295783ebaa488436f1b |
| SHA512 | 7bd4fe36f49535a67497e7063a1d0cdf1bf5136ce8efb079e5a4e29527cc0f6b37bb875dffb5153085aae5386ee386ca05b98535f51c7a826a2bd2d802030160 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe59c26c.TMP
| MD5 | b323a80d06532559bae3fc99b413e214 |
| SHA1 | 3ad3a1b3de99efa1ee71d7bb1b703684f9f474a4 |
| SHA256 | d7b10020f7aa361bd26a4367dd2e6de99d6ca58a867e6444e4a9b976a4d8dde0 |
| SHA512 | d13f456ee6b691cd104e961403afb4f22d9803c0a9f010a8b37f5341ea1886565eb989da102198b5da4c60c927f47f6bc2c301a100d736b5799f3ca6304aeb48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c1b6b52a89a79e01b583436ed8e240ff |
| SHA1 | 91f5b65bfb657c3feb934fe0b8744332d551191f |
| SHA256 | 2b0733df533ade6bb2d1b19845fec63b165a1bffcf38b661c50f02198ca0f3b9 |
| SHA512 | c57b61b310c3880a52e4f98bae83e01c5c7cd7b9a67ca10636e0d9603aa8f9dfbd724da7b9f4e4a8ba6498c56d29ca70c9970db70168471f61c8b1cc5f260954 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe59cab9.TMP
| MD5 | 46ccab97b7c8f07f29f22aa8d9dd5baa |
| SHA1 | b0f0b2576ee4608746f9133384217feec6e7d332 |
| SHA256 | 85f579d101b46147b5ca1ef09078dae6e96cde3a1c5929f8f2be779449267710 |
| SHA512 | f4420f788008a117c405d28a4643d3dee76b64d7bf6696fd994e9b6728770323d910e521e1b14ddc72ea2922b3b66b7b3346c94bc4305d32fb32b52594ffed58 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 696f9fc61e34fc0d109cf9e3ad1e3a0e |
| SHA1 | 4a4ad84c75955a2ff8013fdf05a3ca1a58538c78 |
| SHA256 | 19f1b0da07abf6fcd2087815bcdc024ced9b00b32b591ddf772a8bc4fefda3cc |
| SHA512 | 954a26938d19f98861fc118a32d2fa622f65a7b533a40130abfcfed70944e3d85df62d1490ce69cd0b6e098284ede2169c8ddc9164dc7551d373c9b54a1ad0e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7cf8adf2059ec3ccb4b11583743c93a4 |
| SHA1 | bc2d8b129fd7ed96e2fc218115883f0c48bec7d8 |
| SHA256 | c07f04b02650979dbc90486beed00090f5368e8f3eb71d78df74256992817c4f |
| SHA512 | 051af288843678f256bdcd9fbacd968339427d08a3554d59eae2ba97c3feebd3cc09423bb9770b798207274f1b768866632c85633926c0c1711973079b9ea20b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | fbce5f65630a1f8b3db1cfa9c68759fd |
| SHA1 | 9af3e923321805659a1ce7a3457fe354bcf52852 |
| SHA256 | 78c87c3a19367c0e073e740a1d622e35d706d65f6ce3041d54109520d028d76a |
| SHA512 | b62a9541c666f0a5fe67b51e024e30957a8326f73dbce207911c85b6c64e30f9fe1c838f02742d1f705de938e48335149c57b83b65d78ba90ebf13ae9f12bf7a |
C:\Users\Admin\AppData\Local\Temp\nse8BBD.tmp\Banner.dll
| MD5 | a1b9bdee9fc87d11676605bd79037646 |
| SHA1 | 8d6879f63048eb93b9657d0b78f534869d1fff64 |
| SHA256 | 39e3108e0a4ccfb9fe4d8caf4fb40baa39bdd797f3a4c1fa886086226e00f465 |
| SHA512 | cd65d18eca885807c7c810286cebef75555d13889a4847bb30dc1a08d8948893899cc411728097641a8c07a8dcc59e1c1efa0e860e93dada871d5b7acc61b1e5 |
memory/5032-1598-0x0000000005270000-0x00000000052A6000-memory.dmp
memory/5032-1599-0x0000000005910000-0x0000000005F3A000-memory.dmp
memory/5032-1600-0x0000000005890000-0x00000000058B2000-memory.dmp
memory/5032-1601-0x0000000006170000-0x00000000061D6000-memory.dmp
memory/5032-1602-0x0000000006200000-0x0000000006266000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_ksy0denh.kyd.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/5032-1611-0x0000000006270000-0x00000000065C7000-memory.dmp
memory/5032-1612-0x0000000006720000-0x000000000673E000-memory.dmp
memory/5032-1613-0x0000000006750000-0x000000000679C000-memory.dmp
memory/5032-1636-0x0000000006D00000-0x0000000006D34000-memory.dmp
memory/5032-1637-0x0000000073390000-0x00000000733DC000-memory.dmp
memory/5032-1646-0x0000000006D40000-0x0000000006D5E000-memory.dmp
memory/5032-1647-0x0000000007920000-0x00000000079C4000-memory.dmp
memory/5032-1650-0x0000000007A90000-0x0000000007AAA000-memory.dmp
memory/5032-1649-0x00000000080E0000-0x000000000875A000-memory.dmp
memory/5032-1651-0x0000000007B00000-0x0000000007B0A000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\77906237-0874-4234-a4c7-1f49f6e2935f.down_data
| MD5 | 5683c0028832cae4ef93ca39c8ac5029 |
| SHA1 | 248755e4e1db552e0b6f8651b04ca6d1b31a86fb |
| SHA256 | 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e |
| SHA512 | aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3 |
memory/5032-1662-0x0000000007D40000-0x0000000007DD6000-memory.dmp
memory/5032-1663-0x0000000007CA0000-0x0000000007CB1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1ac018085758e312d43e614a5ba26efa |
| SHA1 | 77520120aef0e4759c9ea0c08bfa631f716aa27b |
| SHA256 | 46c56b33ed1d3e4d105d58a982e3ef1bfc551f4fb3677d35aeff34d11f7a9fc6 |
| SHA512 | d7d5134d044872b79b68a2ed684979abfa786d2efbe0f732b8eda93c30638989cfd59cbb9d9c699c6b417107bd04a8cd3edab1ece5314507e0706a0ed8bc8273 |
C:\Users\Admin\AppData\Local\Temp\nsaF573.tmp\nsExec.dll
| MD5 | 675c4948e1efc929edcabfe67148eddd |
| SHA1 | f5bdd2c4329ed2732ecfe3423c3cc482606eb28e |
| SHA256 | 1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906 |
| SHA512 | 61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 591a7186cf1aebc2b7445eb0ce7f153d |
| SHA1 | 865c12529d3ae11b94a05d75b1fb3450ae9bd969 |
| SHA256 | 9a3ebeedaefedc8045daa239963f73b52ea72880488075b4fe350bf954445617 |
| SHA512 | d6e17de75e1eecb7b87674565254c88f977206821966a055c0ca11842a42746eda5033122a9d54a2c92ff0eedd286a29dd4d0befd839a363dd8d080fc8549153 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 048ae1b46270d1eb7d11d11f94a0c948 |
| SHA1 | 3b9d15a9a918f53cb37159f3a4b301852cdc9d30 |
| SHA256 | 1479595ee9599220329981b6c4d86f2a774b8aa99219980a65dc69981eee4208 |
| SHA512 | 71ec610757757c9fa0287aa2ef0d8be24752436a88f120d729ca8f74d85741649f8be6cf6fed654309493059ba671ea8e1595bc18a5bd1cb81fbba8127a2dd71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e84359e39c87cbee68d8052edeef7b9f |
| SHA1 | 379546d4b1463989cac3df3dc72d87b0b025a969 |
| SHA256 | 9f69e406eda4321cd45513005c20de8c03bf9948cef81db00a120b121c4b2c06 |
| SHA512 | e0483b78c4faec6e9a73e502cfc48290bbf92ae303d9e34d05aa5e4b93a1699601ea4d8c882504c9fa8e54fd1c68230ccda70fb74376698813f64c818d9ad75b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 58374b575b88ec69639eb1e8605a92a7 |
| SHA1 | 76c3ed1e5003d90949898be688ae57e725d1c170 |
| SHA256 | 64bffb169760eb2900f9cacfd3518b8e1bc44455bed5534a5328ff8f506b5995 |
| SHA512 | 5aa6a23e84691e0e64727b0a968f3c27d6665c17550f46e9cb5b7a4701de4f581b2a7b20d292f2e5cca1fc8e6422d6b115d507a297f02c6e0e80aefa6f9223f5 |
memory/384-1738-0x0000000003260000-0x000000000337C000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsaF573.tmp\SimpleSC.dll
| MD5 | 7b89329c6d8693fb2f6a4330100490a0 |
| SHA1 | 851b605cdc1c390c4244db56659b6b9aa8abd22c |
| SHA256 | 1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d |
| SHA512 | ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a |
C:\Program Files (x86)\Fast!\uninstaller.exe
| MD5 | 7b84320c38dec82dd5dd432f2bd40b93 |
| SHA1 | 9d0050434cf6f3b71bd404eafc77fa9a3e3e1924 |
| SHA256 | 301d71a9350673254bb2c7e0f2954217b46b876d9af393029bbbfe5f852a41e7 |
| SHA512 | 8569263ea8e405f11bd0d2d99949ec5f84f593d8a2210c2a82aabad5b98969dd79414f0072cf3b79d6ffd0703dcb73fbf72a2c56a75315fa4d89b50c024fdc28 |
memory/384-1928-0x0000000004A50000-0x0000000004B6C000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 587d983942246e4f77af2e004ce4dff8 |
| SHA1 | 76bcbf860fd2cbecdf04963a381068a776507333 |
| SHA256 | 14a7416a2fea472dbe72086c176f714ec98b0425a76cb6ec05947d61a3b21a5c |
| SHA512 | b99c8784995c05703838b081cb262acfa9c2f4acdeccefdc30d8d577de67bb02cd6a8f15959c966a7027b33064f9747d8969daa34e11b368e502d4da9203bb81 |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | fe082f4113888229b6ef694a07c7ce5f |
| SHA1 | 1ffb2d6acba55f8629f22622e175f4947d1dc554 |
| SHA256 | bd4d9626b43897ddac718e07003d4eeda39b9202651d9a2fc2fbbd552ef41367 |
| SHA512 | 1c1457803a7aed1cf7eafde300bc13ce7d03dfb705128c8aa51003d1677841991be103950ad5a7470a12539a300dabbecff8c75b67e857343d995dd3ac1cf630 |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | a71e4b78e5db0a82ac8c8e4ceee96d68 |
| SHA1 | 61138d07df512d2c7c20ea56a08b905a78edcda5 |
| SHA256 | 8cb40c8b4f4670dd227571bbc325d3965366f72d0a838b65aeb82e0eefffb2bd |
| SHA512 | db6f43b301a4a919a58c3efb79c4ec7d3777677c57d48b3c20e27b3dc637ca82f9eb2e36d0a37dbb7e6279ad5f4e39a0f11367f011a178087ff3dc87685dfba0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84a9c2a23d409ba595aa4e1718f027be |
| SHA1 | 32618e6e77d99e907e78954af94bae762a9992c7 |
| SHA256 | 86bf456099b81717add7a17921e5b8fec3ee9d991122e5619228895448dd0b91 |
| SHA512 | 4f7e2c44844eb8a93ef1f92c9ee624929fca9e2dd87b5937ef7f262ea11c8279ed765a06e668ad4e4a2642e6e89b6cb125c6c4457e1d5e0f04b2dd7c4251f0c6 |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | 77f1a79141ce86074d9181159f77cae0 |
| SHA1 | d6150a013d04e6683d8e613448297aa6dbf84701 |
| SHA256 | 8a8922d6b1d6d34f388991497783570fb45e508d88c40ca97463c3f116adf33b |
| SHA512 | 18330f6e617bf8e95c691e6317e4abba0f232598165bdd0b203520ef90d0da9cb8e1c5c7b460ce120f14e10217595905c8150edc09a3c447e02a30083fae145f |
C:\Program Files (x86)\Fast!\BigTestFile
| MD5 | 312010697eb4c5ccaf335050c38f17c5 |
| SHA1 | cb75fb814d5595e9369389470977d8b040e93dc9 |
| SHA256 | 54c393100e42692bedb64eab1129d7f91f0292e8b2ab2cdc5e631495be63e738 |
| SHA512 | 952a9fcf35ce4109c9a28b773519acafb630d2f34868b5263671989d55ca9177000b99684aaa1447ea85ee7e371fc833e4f5e7356456d83a051e7b728548aaae |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | b529f1e293bffd8f07ea487faa4a8a59 |
| SHA1 | 9c56f1c9bf552d1fe93a4bbb820f9df6f6e6412f |
| SHA256 | f8eeeb04c1fb7a96a7ced7e6c195a52b4e936c68d2cb0a7bf7a783ff99f983c6 |
| SHA512 | 7999f9f758bd032c4d1d70677183719c87ef0879cfc1d870785cc82edac8183aba033b17309e4565f1bcd398b636ac3a8bde51ed71230697ae8ea7a689e50102 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State
| MD5 | 773da39ba0033ea5051a92221f1ec4e0 |
| SHA1 | ec09110a9bcafa236bcddd72b5724660cb301ee7 |
| SHA256 | 39a029088f8ec2d43bb1c21278de1d8b6c4f04c6f0d09091a113b50784687d75 |
| SHA512 | 5303b9d792c985c05e6200c8c018aefe83caa471210464548c10da27384ee5d87af7c03ec61386b9e56954d4f0ae4961f347d7572dca2e8d4d181e3c3591920a |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State~RFe5a8984.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | 976cb28cd599f7b4d223e5b1acca512f |
| SHA1 | 1388899b24c75e068d6d3433c0356add7b0b3a8d |
| SHA256 | 2022ff984fe980025d3e88a8b31c9dbe9ea2ebf87cc02c6610da1f783bade574 |
| SHA512 | 2f52b1afab704387b1b8b79acbdcb9b0ca52efeadd2fc41a11c3b9532b3abce2f4183ea491135f5040cad0625c9ff9d000c85d82aee0a3c759b2560e2e018194 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8686f7bce1596b30b9ae453fbc8a6e98 |
| SHA1 | 9f425e4b0a229ce4e930e8d9cf8a95e40e7ed7f2 |
| SHA256 | d1454eb54d153086411c9ad339dae603c720b0dead07c369443607e8a239aa27 |
| SHA512 | f7c44fd0f7094cf0e3c175e4da4e1771c547c7331b714366a43d750e92d828519cf5876745a96834a3ef96e7c02c898f3284a812dfeb01ae6ee2a7fafa679667 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 47c8fc3593e7558c0e23ca77561c15d6 |
| SHA1 | 8c46364928f5a031e11f9171cf0f5874166d9546 |
| SHA256 | ee30ad19ce5c4c4aebbe501db0dcd5eff55af57c8f75552594c9d9fa7953a832 |
| SHA512 | c5e6d52ba4e1ab69edcea5e63e3df41fe451745c80600c80cf8f27b5368836976edac30bfc4f96c93985a0facb662baa083a45957f9f3bcad62d314c46d7962a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3901a7014f8a4a4df82fc84b6e66b690 |
| SHA1 | c4e3d35b0895de880138671b735aa3457ccc4040 |
| SHA256 | ed2fbf1392216a039673e87875962d7cdadbc69b65b752fa2c6f992272240996 |
| SHA512 | 768c5ff3d38f26de311231746c4d6feead12ddcdd54a244eb11a0e6e0fc53c55efc25d47543901f9f97b8353b3ca94436b9722b0c7595ff8ca9d6c86a034247e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca1cb86cfb7dc0e31b5509012489eb93 |
| SHA1 | d187001f24bf58af233508645e348a96923bf6af |
| SHA256 | 3cfeab032c9cf2b91167c1487905af1335aaf058a6ad9e00d9cdbf5bc96553c1 |
| SHA512 | 41d1bb0be264fd0451ec99d38824cbadd454a0920cf5a0294cc0d28c64163d9e1951d9739082f8c246da90beea5bce376087f23120a572b2f15e84b8ade3ef0b |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | fec1c939f5622429cef671a6eadb8bf9 |
| SHA1 | f656c2777650bf970b12b815208aafe298d1c286 |
| SHA256 | cf7132c82c20aa7ddd8b61dd72314826fac828702867770830c6bcbd88ca86ee |
| SHA512 | 82bfcd05f84a8268c8b6da8e9f13ee11e0c4663b7140ca01f694fd8ed6769dcb438a9db0571f13557ab088fb2505bbe6e5530eb15f2d21ad0f039c5ac4db3de6 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | d1443dfe85310c73ace6a9fae8cf281f |
| SHA1 | a69e215b8f06dc85164d1b23b173fdd233b56d57 |
| SHA256 | 39d2264795975655b91996040d8122f0900cc8d95449c13e283b8df54402b78b |
| SHA512 | ececcf7129b54ca22709174ab1e42f1b69a243798d21b449e96570a606a18355c53e625c5199ddc0b64a59e2aa18b7943b973586b3c39bebc3a6c96fc3060d36 |
memory/7240-3510-0x0000000000010000-0x0000000001C65000-memory.dmp
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity
| MD5 | c1df0195e9e7a3e5dc1dc393851a1021 |
| SHA1 | 376bae6cfc264bb3be2427ea15bc2f236cb227ad |
| SHA256 | 011ae3eac3b82e46f3a9a34a049d4f0205360e641f1c73b6d1528737ce87a3d5 |
| SHA512 | ee23ecff16ae8074b0bee35ed465d50b2de6f39589554cd810301f45fd2d9a387120b440267793d17952d8466d646c982a9daa36f0b0f813cbea672864dd173d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 815983230cbc29306544f378709d835a |
| SHA1 | 094dbe9fd958aebd6b39eaadf447082f594527f0 |
| SHA256 | 4c39a80c8240f9b84f0866f35a78a2f1239fd6298da0bba31e9a9259d67a27ee |
| SHA512 | b693fa57b5401cb189c480ab14676c2f2c6242891d39fabbf921dd455f35a4c6b2574fb7339302f0a950c04f8af88a304c5a6f99d4685a9dd5f07cf0ca4f7930 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 56b08747bba188e40948df249ba6d789 |
| SHA1 | 135e142553287d3823ea4b2837b42fb5153a9c16 |
| SHA256 | eaf2ac348d5a7abd27ec1e07aa4e1db33dfdf98d053ba688cf9803b354cb378d |
| SHA512 | 3b6bd28ef1153fa8280d7219a47c761a626cd04e862a5153f9a3e989789d5c552d7f78fef1b9b2f9b04b3b4fd210898488bb7016a5e6c700b6565d5ccb0cc138 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 9df4d268dc0eef1d2fa20ff4efcb95c8 |
| SHA1 | f5e4431cf58c625b626897b7acf5cf4bdc97c62d |
| SHA256 | a3b92ae32b421595fc77d8695c58121556dbebcf4ceab73e2a17425236e83500 |
| SHA512 | 0cebc8d8c8618c6e73408f2344b4a0534e72c239bcff88b01654bb568cc999e033ea5ad4f7c5659c2063bcc69014f913b1d9b1a3c4c61cea62624ef55e8fef98 |
memory/7864-3555-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3554-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3553-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3561-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3565-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3564-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3563-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3562-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3560-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
memory/7864-3559-0x000001C4BFF00000-0x000001C4BFF01000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | 5da7aad8df6342db4528ce16b4f4e467 |
| SHA1 | 08917ed58cc5bfdfdf2a34de4275356affdf2d2c |
| SHA256 | 690c594920f91b28ca311b79af9888c924db3b4fd31f3eb7e480045749b65307 |
| SHA512 | 043c94c4695499e7a2047a9ae670942edf21822ff1a0a4c087fa008c64aa983eb2b34ddf27add6cdef091dac2bd7e5e282cb517128f983d51bf47e3391130880 |
C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | 7119cee8c52ce1ca22890ca45bebba27 |
| SHA1 | a8292fd51a05a8d6697db3dbb5a15a743019a019 |
| SHA256 | 53178bac0a9f65e4f9a5c5a29dec03d0d34a048aaed4fa8625b68004725bcdeb |
| SHA512 | 197fd9a7cff0127cdbf3769bd1ec3c0f97f28782e6569f71484d0d459d313c057472b38a94f79b96ca6e5a4ca698c59ad25a929912a641e758f3561480600fcf |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | ebe42a12bfc3939163517e8ece3356bb |
| SHA1 | fa99dcdfe6a27e902e2453ad82677e72a53bd247 |
| SHA256 | 267340d2b44d959eecabc607af0b415dcf872a4720a03c76d3f3be280d3cb4bd |
| SHA512 | 4750371bbc2e7a53dc3efbe1980b4bf5855b77ae9d8b4f0d6c7ec424a543e09a20c377d02aff5faa65ec8056b1153c95742dacb46a3a8149f676047b4f501f00 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 8b39fa365e38d2450ff356a8f9b9a971 |
| SHA1 | 427325285d8652b486b2a570aba2b5679196dd14 |
| SHA256 | 08bdb1891364df5a93081eeefa4ea42cb0531e5f13e7c71e0a1fdca266269be5 |
| SHA512 | 880b2e8fa8cbf50d83a4d83a6c584123d1c85d8f01215141668cdd430270233c753733414ac4a15e3be642a2ae9683ef7b65b1a8c510b9e84a9da32163ee89d3 |
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences
| MD5 | 43f0944ea59a020feaba3920f938e391 |
| SHA1 | f38e6bff3516713a4fb193ad4ad028a6e407110c |
| SHA256 | edd2f90c03e6748c2d3857929e3372bb07167bd6e15f955bfafbef9631bafa36 |
| SHA512 | 63a97c08137a3c6dff5a8061521cd9f89061f73df8e99d9886b92b85159ee351e50d0c8e25b3f67571e5348e1fc26cd6218c8b9529d1d893eac488f98847ac90 |