Analysis Overview
SHA256
fe562eeea788b89139a2ce10f0c358896877e590fac48efe11570d1334c13657
Threat Level: Shows suspicious behavior
The file Stardock.Start11-2.1.1.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Modifies system executable filetype association
Event Triggered Execution: Component Object Model Hijacking
ACProtect 1.3x - 1.4x DLL software
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
UPX packed file
Drops file in Program Files directory
Drops file in Windows directory
Command and Scripting Interpreter: PowerShell
Unsigned PE
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 18:39
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 18:39
Reported
2024-11-09 18:46
Platform
win10v2004-20241007-en
Max time kernel
82s
Max time network
85s
Command Line
Signatures
ACProtect 1.3x - 1.4x DLL software
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Loads dropped DLL
Modifies system executable filetype association
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
Checks installed software on the system
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Stardock\Start11\Launch.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\zip.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-04.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 03 Mono.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\defs2.ini | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\26.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Corroded_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\TabMedium.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-12.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start10Config.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\1.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\20.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-22.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Fabric_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Rust_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 05.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\DeElevate64.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Element.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-20.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 04.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\es-la.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Leather_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\DefaultMedium.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Reflow.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-18.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Leather_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\tr.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\DeElevate.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\DeElevator.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start10ThemeEdit.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Small Angle Stripes_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\DeElevator64.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\SdAppServices.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\24.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Metallic_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Wood_x1.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Element Large.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-01.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 01.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\zh-tw.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-03.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-14.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Metal_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Rusty Metal Grid_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\cs.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start10tweak.exe | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\defs.ini | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\23.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Default.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-08.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\de.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\fi.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start10Shell32.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start10_32.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Old Wood_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Rusty Metal Grid_x2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Arsenic Orb.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Echo2.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 03.png | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\en-us.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\pt.lng | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\11.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\22.lnk | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\womtrust.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| File created | C:\Windows\wontrust.dll | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32\ = "C:\\Program Files (x86)\\Stardock\\Start11\\Start10Shell64.dll" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\ = "Start11 Theme" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell\ = "open" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.s8theme\ = "S8Theme" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\.s8theme\Treatment = "3" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell\open\ = "Set as Start11 theme" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell\open\command\ = "\"C:\\Program Files (x86)\\Stardock\\Start11\\ExtractS8Theme.exe\" \"%1\"" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.s8theme | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell\open | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\shell\open\command | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\Treatment = "3" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\ = "Start10Shell Class" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32 | C:\Windows\system32\regsvr32.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe | N/A |
| Token: 33 | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| Token: 33 | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11_64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe
"C:\Users\Admin\AppData\Local\Temp\Stardock.Start11-2.1.1.exe"
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe" -install
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe"
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe"
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe" START
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe" START
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe" INSTALL
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /s "C:\Program Files (x86)\Stardock\Start11\Start10Shell64.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files (x86)\Stardock\Start11\Start10Shell64.dll"
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe" FIXSEARCH
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe" START
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -command "Export-StartLayout -UseDesktopApplicationID -path "C:\Users\Admin\AppData\Local\Temp\tempDS11.xml""
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -command "Export-StartLayout -UseDesktopApplicationID -path "C:\Users\Admin\AppData\Local\Temp\tempDS11A.xml""
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -command "Export-StartLayout -UseDesktopApplicationID -path "C:\Users\Admin\AppData\Local\Temp\tempDS11A.xml""
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe"
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe" REBUILDSEARCH
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | activate.api.stardock.net | udp |
| US | 66.79.209.82:443 | activate.api.stardock.net | tcp |
| US | 8.8.8.8:53 | 82.209.79.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\LangDLL.dll
| MD5 | 40eaa85160444940ff71d7aec7c6aa39 |
| SHA1 | 62b0c779f32af751f3ef00833d3f5c75ed9f081d |
| SHA256 | b4e00150349af7a646a84792b565a0c81f080a838a6e0da69e5cf8f4cdc560a3 |
| SHA512 | 6d9e04dae68f9fd78a4f20a1d3fd34a9b92cf78b554d1e3e8e7fc3b2881d4659e49346f707cab43fd72c001ac192516deea7ef458ecab6b9f74b16ec05382ab4 |
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\Aero.dll
| MD5 | 243bf44688b131c3171f2827a93e39dc |
| SHA1 | 07e9c7bd16ae47953e42c06ae2606de188386f35 |
| SHA256 | 04a577df50431eb0ff6fb103566402bf66c50415bcc1f8a86b9c235053131455 |
| SHA512 | a1a8c21d38c54a43d1c6c394f481dfbddcb359c617e9928ecca8f84d47354616a78d20735a1fe7bebd21626c21cf96d0e1a69e3e98f6b35f2a774cc0244f9516 |
memory/2268-15-0x0000000074E80000-0x0000000074E8A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\BrandingURL.dll
| MD5 | 71c46b663baa92ad941388d082af97e7 |
| SHA1 | 5a9fcce065366a526d75cc5ded9aade7cadd6421 |
| SHA256 | bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e |
| SHA512 | 5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce |
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\nsDialogs.dll
| MD5 | 2d4e6314e1291e211f3326b9e9a7be8c |
| SHA1 | 67236ee783506c854a40229f311eec7f8a74d218 |
| SHA256 | 01c37f54c7019f09734ce28ac929d2f1f3da1ae469282a6df1d34b69b8ff9280 |
| SHA512 | 6063b3f82376cacf95bcc70061cb29bd2c4261959cfa1063426f4b4617e399d263f4ad63551ec64187ec04b847304bfd1cbbbc6825c810cecdff5b17f0b64fd1 |
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\System.dll
| MD5 | 8571f5fc7f75b0ee8d99849a147e0a67 |
| SHA1 | 0881a57ef76dae56454d3af836f0f8da8e583d49 |
| SHA256 | 6c84f2582301ac235aa5ad222c7138f44f262d7a03dcab2a293f0f2a5e32c002 |
| SHA512 | e1e5854e9378f0c9d8590b66c10e23b56977ba367d724e272f5714b16845369d53a4bab29f0d41a9bb383032f7fb4ea3d814bf13b7fbb29a04f5876c14d61e76 |
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\md5dll.dll
| MD5 | 7059f133ea2316b9e7e39094a52a8c34 |
| SHA1 | ee9f1487c8152d8c42fecf2efb8ed1db68395802 |
| SHA256 | 32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f |
| SHA512 | 9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51 |
memory/2268-268-0x0000000074E80000-0x0000000074E8A000-memory.dmp
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
| MD5 | f70fbcc9916e38d414157a0deab1c4ef |
| SHA1 | e7da005c8fbc1d309b28902cd2fa3d11022f42bf |
| SHA256 | 915737d623601c90fb63745a2ce2086b0b6c9551ff3e4b0156d705d8452cb95b |
| SHA512 | 50ca193c257a4c2b47d024cd9a002473aa69b64378097677b1265d456716292aa8d27d780082227aef2629970f11de3c4bd5d2c5073fe3c25972d06ecf5b52ed |
C:\Program Files (x86)\Stardock\Start11\Start10_64.dll
| MD5 | 51058216d61f90009d5fadcfef3ecd76 |
| SHA1 | 6054662258788118e6cedb935dd9bfc7d0151068 |
| SHA256 | f7ff4396f0952c5bed6d9e9d438600a2ec238caddb759ad0860f7e6aa9ef789e |
| SHA512 | ce62e194d41d70c8f83aa04e453317aee10eb7cb18df9084708a7b4187e6ff9355047537d8057d6042b2fe35c393c72b7f2b5b9b1841264dbe708eabcaf78b00 |
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
| MD5 | dca4c1b18db389e8e123f490e8d9886b |
| SHA1 | a876d20f2e34264e2d058f7bd734c53fc0c9ff37 |
| SHA256 | cc19c1dc46db180d67f1ed5e0ed0304860e4e988eb2cabc4c5a1cef4a28575b4 |
| SHA512 | 44f838f7c318571b1d241d932a1c952ec41faa7e2840324caf4528072436977833d118b9904b3d79c7e5390aa5dec1ccfb22ba7e69f5f12defc9a45b14a1d4f1 |
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
| MD5 | 46c398c5e82a61580b00b1aa8cc268f0 |
| SHA1 | b4d77f62a166521a791ac819d5f15b36089736b5 |
| SHA256 | 0edd8851ef648039d36f3669bbfdcaee1ef1e45048b224af7f0358758db4604f |
| SHA512 | 0ff323d3d6b8eaa699a808991ded23bf572c844cad11fa987d20f482cfcd6fa21c41724484b1b5f7c3c42e1b6181add58a29966dea1726d3eb2febb7d3abc2dc |
C:\Program Files (x86)\Stardock\Start11\PinMenu.exe
| MD5 | e704c5d11852cb776d950444c01e659b |
| SHA1 | 00fb5ea2cb4717f9e35cc6cd82f5d345d6192646 |
| SHA256 | 9ca4b38151db0e233d01a458a75abdc421a799823faa3d488d5a036b50b011cd |
| SHA512 | 952c25a2b0b9a4d51f9525f9fe7ed8d40c8d00ac48afcdc60eb228bfe2b25a45e3f351ec06cb85e4e8c54f223c32b0e6e0789fc1134b80d2992aff844c0c2a76 |
C:\Program Files (x86)\Stardock\Start11\PinLaunch.exe
| MD5 | e1c1d962824ecf764806166644e4911b |
| SHA1 | d895f81608a01023df27e4bfda228341997f7244 |
| SHA256 | 351312eb20abf40983ac6bba7a33766355e7b3d4f5ea0e173fd537cb910b900a |
| SHA512 | 8c8868d569d381f4927431b582ef0adb301ab12f7aae782f629508a1ce3c44027315799c374cfcd274d0229c3a319af4e0dfb7ead86a794e80ac3208cbf9ba12 |
C:\Program Files (x86)\Stardock\Start11\Start10Shell64.dll
| MD5 | 1c9970a72a8e0bb84f5dde21c7c58b31 |
| SHA1 | 6d7ea434f0b29370d4189b51b095720d141fbf8c |
| SHA256 | b276fe71fa4fafd2b0badbedf9a783a285a7a375bf90769ab23189aba733e30f |
| SHA512 | c1889eb164a517e2a56188c26c0bceb70d9b744f5898f525ce44fe0a8d92190bdf624fab63bc5d69d7648f579cf067c8ba5cddf2239a0215f2b011b89b3190cb |
C:\Program Files (x86)\Stardock\Start11\Start10Shell32.dll
| MD5 | fc4111fa75f85e393284ee0f5ec07bac |
| SHA1 | 783b97bc33074854efdb30eae2876dbe3d049f78 |
| SHA256 | 71a5a79566374da4a9a1048bf7d26165a71fe9e57ca03d6b07a0ea41a8ae8667 |
| SHA512 | c126e28c2671edbae8f7ad283ef8c4947fb388f02f069d49d1928cdd8e14e1b749ee943f66414b26e7cc29c5ca205fddeb48e177cd2d255918e3ef4f8bae846a |
C:\Program Files (x86)\Stardock\Start11\S11Search64.exe
| MD5 | babbd30ce081bee9a63b399cd2ef9be0 |
| SHA1 | 5fc81ad3e5437c30949cec375b6fe5d25a5aba4d |
| SHA256 | 26c86b920c6f5837078f3eca3a51b5b23563ebb763f7605531c3fc4a8cb2c5f4 |
| SHA512 | 158d493e2967ecb6ff1a9603886166554c668407f83ad665e043453a1ce9c087473e40055c7c129de4fe02f1107accfb363753bfa322c82a8bd8a76679991980 |
C:\Program Files (x86)\Stardock\Start11\S11Search.exe
| MD5 | def5fe3a48b2bebb5d0bc4ffa4e68c8c |
| SHA1 | fdfd31a5c27ae9e163e5400e0efefbbffdc1edee |
| SHA256 | 83f01e9fa92a596f1eb5665d0e1dbc94f2b97baa1d1e9f3d96607a6252e5fbdf |
| SHA512 | ce98f707ec1a5fe41171a29b8c57f477783ec2b2bb7a04d2cf62e946179fe51b01cdad12211cfd93d11f229d2ce08ea0c99788f168fa2bb2b4a8539548c16245 |
C:\Program Files (x86)\Stardock\Start11\Start11.exe
| MD5 | 0d905bdf98a16dc6662c5b117e213e06 |
| SHA1 | 12342c7bf296e027fcc9b61778880767c4bc4c72 |
| SHA256 | 9cafbcc00ebc8860c3e9c2e0a278b24ae5205e8c36745e6ce377fa680afaa72d |
| SHA512 | 832ff7575e9bb44d6cfc9e497ae2fe9cb9b916459af7aeba98a1fdfed8bcccf517b178dcd8ab6b09f0c6e054628d2e36095ff3a18bf9165dd685d02e4a582286 |
C:\Program Files (x86)\Stardock\Start11\Start10.exe
| MD5 | 3e9994b595f6bffec24ed705398ea2fb |
| SHA1 | 01307767dcd1ba3ceab55c69e3e13d569ba1a202 |
| SHA256 | 02dc0a089946622f72e685dfa24f3530f28cf62f342b2e82a7e0bfab7013c114 |
| SHA512 | d9fbce892cc0f848293c927c62085aa43b51e23eb82b03c41a8f4c95dda5e949e5a9a14934fa61723f49bf411d4391a2c45666c3c7b8a508055a3be55d269c63 |
C:\Program Files (x86)\Stardock\Start11\Start10_32.dll
| MD5 | 01904e8441ab3441b0020df516ca9e92 |
| SHA1 | 44355694e27bf453655a6f099b40d5bb937b549d |
| SHA256 | 6aba79470494ddbe679d6cb1566cc85bb6b614c000e1c93971b9e06a7485b00f |
| SHA512 | 3800631fec0ad4606b55cb6a106eed78c186beb418bde90bc26a230ea52164e15ae6de87aa0cf4efa39c58edee737d90a23bdd867ddd51eed1be9e1735c5ec5d |
memory/2268-358-0x0000000007320000-0x000000000732A000-memory.dmp
memory/2268-357-0x0000000007320000-0x000000000732A000-memory.dmp
memory/2268-360-0x0000000007320000-0x000000000732A000-memory.dmp
memory/2268-359-0x0000000007320000-0x000000000732A000-memory.dmp
C:\Program Files (x86)\Stardock\Start11\SdAppServices.dll
| MD5 | 711c1ea8116790f74dbe453e94e11c69 |
| SHA1 | 563406c07d4c2a3c323d9a887a1b9217f7af9ff2 |
| SHA256 | d041bb8f46c7fd00f8f8a10eb5e4cdfa02a7bc04793b8b38bb58c313558a42d0 |
| SHA512 | 9b50bc996d9edff9f0e2798567a33145212994ebbef611de7fc6168bfbacb40adac6b2ff3b6cc0432ad469d4e29cfed6aec618fa6a3c66897595201709d001f8 |
C:\Program Files (x86)\Stardock\Start11\Default.spak
| MD5 | 21f335860a7e46e07a27282294e2a89b |
| SHA1 | 9bb0459be4493aaeb65cdbf67a85430259f33ddb |
| SHA256 | 70f6191e78b2603be47faf53052b3eab4897b311e932c01570444e9b147fa50e |
| SHA512 | 78db92966c58cba012d4a876599724d3e4b91e971ac837c85edfcb1603b004c002c799ae287b3b27eb604798a1500be4b3237d2f79fa7e7315b1e3b379d8c8f1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_B460DBDB6691F360C14B4617119E5588
| MD5 | 2aceb2f9a214adc6de28d8213df724ef |
| SHA1 | 98665218389376d18edc18bcddb5e22602db47a4 |
| SHA256 | 09d8ee872e0964d56dbc41971335fc7a945df632af1ad8bcf1328d89d92bc252 |
| SHA512 | 10922e3872c8299d2076b32289aec73a5fa8fe4ea5e029027aa0349800ae7ec6b605d2211601a48404c252fc8f5645cc152a9d161d8869b1380dafc059bcb4e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_B460DBDB6691F360C14B4617119E5588
| MD5 | 98e0d7d90d65c66cb9037f03bec87220 |
| SHA1 | 330e9ea77c7008a365965d25092ec463cea7399b |
| SHA256 | d7582583196a42fb60098eb1a1e5b667fbc33d3ab1fe9e3537c388866fbd1136 |
| SHA512 | 74a49b57660f7126e194078ce6351e3950a9c7183598b38d883df79cdbd7f2b031766012d402233ab0027107bae74e426374b8e5e886a991c82deb8c6eee04de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | f0339c0506fe0b51215f7227b14e656f |
| SHA1 | cf937eeed1483e23e81244baa03d5e8f112c56d5 |
| SHA256 | 47bf8749c1ac54c6586d625c99219f03c6a073f3b3f5689444985aae85a3e5b1 |
| SHA512 | afb55465411bce78b7453e17aca382e0add24a1b0dd7f116cb077a2641abcbde8684e076d69ca6a3a61a3e47d156f85c80621082ab1a80f4a5b3b1b75f20d5bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | 6e8ec4a1c297c9f967477c43db1906b4 |
| SHA1 | 453c5479e520cb4783929495c53c7f5d98c6c3cc |
| SHA256 | 860c45c140ae0107c7e445f2874ec8a54f3bd94e24fed499983f17a9da03a970 |
| SHA512 | a0d6aab46316bccb6d0b479f6d5de6ee78c604a931424091c818e23fd8824700e05ffa59c9bf0ea4bb83dddf8fe21273e39542618bf5cd92b651f29ab2fc228d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | 766cf5cd1ccee5f31bf4332b8c8629be |
| SHA1 | b2937666b4f615601081a7e1bdaee0326b820e38 |
| SHA256 | 1e929742ccc963109fe468e0efed37be626873b4d70006928d1ce413c4019c69 |
| SHA512 | 242343410a5d8ebe6e9d8d0b2fe833e9320068ae163ef02eab7cbb784afd66eb5a9e210cbc12ca419f559e3366d790ccd541e9027efc244ead30035abef6c538 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | 99b82598a8bb137b96e1a1a5a1964f3e |
| SHA1 | 5742a6a9151211658bdf5eac6cc35f43d1226a16 |
| SHA256 | 26f053894eb65dab882079aca3a5f100398f23dd4e4e7dad538f6e34fa7f04e5 |
| SHA512 | 401cf7afc6a245bd6856301ea4fcac9c60a875355222f2259ab2a1844d8cd53300d69a7f074ba354f527eee05209738bc8f5fd11009f007ce230246cdf1ec40a |
C:\Users\Admin\AppData\Local\Stardock\Start11\SasLog.txt
| MD5 | 1f8be1ca95e9d8a3af44cb16947e9d60 |
| SHA1 | 42338b543fd1e30844365c1097b5b08e97f3faed |
| SHA256 | f448f31e0d10bf678fdd252991607a542def274a1b0d85e5f1a03f3f08e8d280 |
| SHA512 | 1ccf0acedb8641673213202fd3632fca15dabc8e4ac5117777d67b5e6aa2d401f0c4b570d61bd55cc2eccfb2c9e4e4a68ce062da88351731d4598f2c3e99529f |
C:\Users\Admin\AppData\Local\Temp\nsg63DB.tmp\modern-wizard.bmp
| MD5 | 269a1c7ecd88b232765355c9dbeec1b6 |
| SHA1 | 76362730e4cc62a4f581aad5c71aa131fd0331ec |
| SHA256 | d14457230cfb56c512d52a522954be42c510b8895dd12f8157163d470f270324 |
| SHA512 | fc9bdf6bc2adf42148d62ce3eaf287ac5f8eba722ecade73f453a5f665c6d7aa66fdef154f481862dd79ae7f1f20a4129d178c0781ca1dd4e2a0e006982acf6e |
memory/2268-398-0x0000000074E80000-0x0000000074E8A000-memory.dmp
C:\Windows\womtrust.dll
| MD5 | d24ada011a7440b33b625612bd549fde |
| SHA1 | 2c4ac5e8d63bd3cc14f35fc6f3898c8814811d59 |
| SHA256 | c5ba737662ff8a5fe634b77b44b0bfa028ab7d756b9cc608026da3d8b4cdb9be |
| SHA512 | c3196482aab2e831d29870404200758d2e0b8784f699b3236cc031a7b0e5ac485ba2c4dfeaa0c1b3bcbeda29e5425af5a661f48dec9f1adcccf3f4040a528c23 |
memory/4992-405-0x0000028E1D120000-0x0000028E1D142000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_h22cocqk.0ie.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/4992-427-0x0000028E1D190000-0x0000028E1D19A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | 4ddffa34ba64b4a0f233e8a5460390c7 |
| SHA1 | cb81e25fd15badccc03954f0f9e3c129df4c8f0a |
| SHA256 | 33910de4403096fe3eadbcb20989bc1ff822b8c07d32cd230ae6655a88a5a204 |
| SHA512 | af8e8ebaa8b33d49652adc68e6be2785cda3935db4366fb5ea76b17a82ab15dd289cb90a060a0e738e7019b2cacba10b1c383b71ef765d65e7039c9e7b37969a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 0dcbc7484a8b41482119223e9fb036dd |
| SHA1 | 2750927701a6be7cae7796d99cb44ccb921ce4d8 |
| SHA256 | abd8095f837964160224840ff0dd9d47c74512ac8fb83e274f30d4262c1a7255 |
| SHA512 | a37e8c043c3a86d2563ece1f9ba6c128fcbd26b9b29779c2e71b3349ba8957a283298601c752ee89ce7bca8ee53b560759e5b42a420edf94dcf26a6ccdf0175b |
memory/2268-466-0x0000000074E80000-0x0000000074E8A000-memory.dmp
C:\Users\Admin\AppData\Local\Stardock\Start11\SasLog.txt
| MD5 | 27d0b8fe131db16e0f9aedaff281eccc |
| SHA1 | d1808d9cc08c6246c6854e33815d116c32b24dee |
| SHA256 | 896fe9dc87e05f0a8ba2f3167576e1e6dd3783ac1159012c403ecea8095a8b60 |
| SHA512 | 84a4779fa64c32d67c2fb4e3761ddf96d80f949158c55069986ad7d82ea3dafc03379b5473b1a069a750bb56959bf6c4ed211e4089f096cf99011022c3e382f4 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off taps or change the delay on your touchpad.lnk
| MD5 | 3761dab3d0fb874b4ecff252d865f900 |
| SHA1 | 34c22369158cc6d28ffc26d9ab0e397cb8bc2e81 |
| SHA256 | dd95f92c5a1eba5343ad1655c85727ac8c460d6f29da843c10185eb15a5083f4 |
| SHA512 | 639c53caeaabd5ad2326273c4d350834cb5a53e1ab985c33df9295e95917284d4044e9d102a064d7266ea2068a9be7d4a14950db2002736e362e21744d880ca3 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Windows specifications.lnk
| MD5 | f2dbe074f53caa49b7fdafb2b3abc4cf |
| SHA1 | 0a38ae3258f632da6831733e5d7b861f38bc513b |
| SHA256 | 3e11753ef41dce8b635f97429d65929cb61854a08dd6d0d0c8e43a1ad22527da |
| SHA512 | 49d1db78e07a939f413032e30184314ae1e95c8559d72a1d15dacbdf66d2a6f0371faaae9db279d93ef1bfcc24ff163c9c67663cd313f5aeffcba910e4569464 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Handwriting Input Panel settings.lnk
| MD5 | 291965faed6c8ca9b7ddea34e0430038 |
| SHA1 | 2a4406e24f6e520dabfe2ceffd7ddf5ca0a2af36 |
| SHA256 | c62d602968283fb5ad7609d612b8f08c8252a3a252f6d38cf7250cd9c6398464 |
| SHA512 | 71c669caa5755e207d9f6d75a926683a0aaa36676e9cfef6c9055e0d67d5077639e5248b15db7feefadfba278f0dd07dbee94f98c1318eab186b4dab78b332cd |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change when the PC sleeps.lnk
| MD5 | e31783863c0d22019f46952b4028e24c |
| SHA1 | 34fe06fbc37d3854ffad0988b9bed5f72566a38f |
| SHA256 | d1fb63ca3ae2dc2d0e3af743c2cb64017d6cf1a8bc83a4770126b362c3e52d1b |
| SHA512 | 0ed1abbc8a011e0acd7ad8b22ddbcb9666b4f380c57ed439a2729b7bb8bc099f6a204d6487e1eac079d212da9f8f805e322733abe8d1de401b567a5aff48bb46 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Tabs in apps settings.lnk
| MD5 | 635941a27c93499666e4cb14e9b4b882 |
| SHA1 | e0a607b93d54b441ccc49f8b2c550891bf03488f |
| SHA256 | 1045697a110b1555d6d2e7f2226d9af2777aa47fdfe71bef4e7ac8ab6b1f179e |
| SHA512 | 24f6c9d84a82184786f0d9ef1590eef871c99d59f922bf21c539d0582e9d3bde9309f5c0a007b6f838f6469a80b9f39ead0400becd87b09721e64f1c50449501 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose a default app for each type of file.lnk
| MD5 | a7b5ffa895c46883acaec5444d370839 |
| SHA1 | 541c596f101f1c824cc127e7fa83b28b3833b4a6 |
| SHA256 | c25bf8cd1e9bfc6e94c50c92b28507ed778754a573570f656aef1acdebbabad0 |
| SHA512 | 84662f091a1390ca09f5588dbf82d38e614a2f655450a4277b826581d27c9f3b324a53e00010f44b530534b3e469784423b8858eb77c09c4ce3c463b3260c34c |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Ease of Access settings.lnk
| MD5 | b19fcebc4ec8c56537801daec153031b |
| SHA1 | ddee86ccec03bac1f86651ddab9cc9edc4136bf0 |
| SHA256 | 649aec906d3764ded37ac896e7db280250a384d04f0f7770bf0147d04153de46 |
| SHA512 | 529d46e5aeecb31440621cbb86a28473366f78feca074ad96b6d44dcd90c5530c22a9127f6e1240eda9bef5543293363e28ccf64fc714878b52f436193daf138 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Battery saver settings.lnk
| MD5 | 9077541552701da1e54476c4d3ee22fc |
| SHA1 | 6e9c10d31fbf93b8d4e9e0c7ed20b6f36169f4f5 |
| SHA256 | 57682f00e82e7c69066545919cdf3383c5490966cdb158fce191c126a63fbab6 |
| SHA512 | 1f613a881afa0ca2d6e7f480db564c59dfaadbea8b2ed3b4885acbba345db0e017d0824220662222ea21e7639b6760553876d8bc42c1ac8a81c66d32019a8959 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Ease of Access interaction settings.lnk
| MD5 | 60a193201335c58a50c1d7ad5153a729 |
| SHA1 | 283101c45cd3315eeabbc53d3bba393dfcf498cb |
| SHA256 | 8538178262c6ef1ef3cbb00edb8d8564cac0f38f6da66b340bf37d8391ef8b10 |
| SHA512 | 883a4ea4558cceb68c03f724d47094671029a44180248dbb9511d280cbf27981e4976988cf8a30e34ab2ec705f6280e7b8b19ebf432f99fe57a0e35c411a247c |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Cloud Search settings.lnk
| MD5 | e6bbd5f549161c72f4242fc461a7862b |
| SHA1 | 926e780e877352ea4b1eec451de3a0e5512a0f52 |
| SHA256 | 3f1381496042727637ad05a99477fed60ce5361f0d987ca0e9eda4f4427c8026 |
| SHA512 | 9f0018612e42c5de8e7557259e38971c1603c7a46e734997e972c30ff487e55a4f14dabad85a211955df95fb9b6a102caffae76ca811dff416094eedc8831db8 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Recovery options.lnk
| MD5 | 3b5e1bc5dbb0906ac9256f507b970610 |
| SHA1 | 4cf8af8c53e560826e7a8d3a1b822326dd42d940 |
| SHA256 | 7340dec88257c5acf6b1b711bea215d41ba4769c45408ea032735460432ccf04 |
| SHA512 | bd4bf0496d5a9283081ef8b731cc9860e067bdfd9867344046e1a57158e98bfd272d4ae4017a16234c204697ba0ca418a930f295090a2c4a518d8d928689cb96 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Speech settings.lnk
| MD5 | 2e5aca9ec8f3f4a49a887f1c19af7d23 |
| SHA1 | 7f9790c88d57a1df395d993459ba91d0c76a1e9a |
| SHA256 | 4e2130e210d01d5cd3e49a4c466d360d352e679f91b734b499b0f7f581eb0b5a |
| SHA512 | e9170499216853cec23b628fe477e8427b65cd2c005cf4871ff3438b651d16c35af8e02ae58dbf49a079370d0e522218ce8656fcbe70f63db7cf4a4817a7e6bc |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Taskbar settings.lnk
| MD5 | 0047495360b441580ded1b9233b61c1a |
| SHA1 | fbe920528c53808c23ca622a25ecf52d37d67b8b |
| SHA256 | f509b4b8125e20f46b5747ece61909ddfbdadc466fa4c8c130db996b8d4875b0 |
| SHA512 | acd719aa23568f5607acc75248c543e463e79c0b18a7f8ee082c9c9b941acbec43aaa352d0fca5e11c4d2ac505c60a606be60bcb17c633fa906b6e9609922b22 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Shared experience settings.lnk
| MD5 | cf77bb0d3e250d8dc710bf43a1f17db8 |
| SHA1 | 45440eeb3bcc4c90b0d683149e5a26432cd9e902 |
| SHA256 | e53b625bca75ef839b6cb4ba5d6035263b98a771b30119832dd0fefb121af6a6 |
| SHA512 | 8ff15a4d6bf70526d0200fd46b3db8dc397788623048d2e8c6547d9cd24530fade3b8345e6ad1fbf891caa9aaa2ae9eff98a46b6fd6177e5c608970b96289f20 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\PowerShell Developer Settings.lnk
| MD5 | 6081a51afb513f4ff76322700a5f0f70 |
| SHA1 | 9586b155821fd3b6dfa41b5bed7f41a142b3c0b0 |
| SHA256 | 5b2b02f9608ca235b5038ab9db3c1186309e9f14937746bb2fa6c302f40397a8 |
| SHA512 | f64119bbff28b1a6958d6b271552f10637c319560d2a4aeb00d381a64e90e054fc9d9d393bef3735843229bb58f30db7b3af929ac296814783029fb60d66325e |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Search permissions and history.lnk
| MD5 | 571d673b6a9741940007c2c4af42fdd4 |
| SHA1 | ae0200e7a9261190e3a66129e8b121c166491ea1 |
| SHA256 | 1a8a3c47e5e994bfb5fcd05a499ad78a55427272eae0321bf14c9df7676f83c3 |
| SHA512 | 2ec76862e1434a0f7bf6d97e540d962c3b44213d9e896e2d4069330714da1cea010ff9cd2aac4a7e4dbeb45b8a736734ff318715fb16f1d32bf4539295fee9d2 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose how the cursor is shown on a braille display.lnk
| MD5 | bbf98fdef93f584d0757029d3ba39bd1 |
| SHA1 | 30bb0afcc07593bcdaf453445bdf01421064f5d2 |
| SHA256 | 1578eed6884f8111992c707a6ab9dd1927c7bc6554f72d5f084a318a25547c3f |
| SHA512 | 693997b28e1881114e5933b72fda2fc95ebbbe991d3b95fd6f9dd9e8affc6eefce08c3270efc34d08e6016bdd571690b26bd85ce10d0bfd5fcb2eabff09d86fa |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change caption font color.lnk
| MD5 | 97d0548416f0ef4d331bd01ebffb6e0c |
| SHA1 | 1cbdf28d62b8ba000521c8223b6ddd7c4c9783f9 |
| SHA256 | fa08def4ed9f4ea292a5fb60d502615f0def48ba4730167cf60377322e92adff |
| SHA512 | e808ab8864c9998caf00e604fdca8ba9abb8c0dee8011735f9456733ca76867cc6c0fab94f86bc221a79ceb458ad9271c3a38f410977f41265328d9d6410968b |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn on text cursor indicator.lnk
| MD5 | 47d7abe5c49016b71b139653767bd8e3 |
| SHA1 | c29229e8d1a4e1e9f01223f4285e7758b37a7243 |
| SHA256 | ccc64fc96c1ed700a669b7aeb140af3258963c46166888d48de59f3aed67d914 |
| SHA512 | 91f629fbc77a25d7459b6fd25fccec1502e42e33b608bfa670895e07a1b73683d3a16b3d52fb6503fc95b6dfc100b4fbea861e45b1de76f4bb582f51df771f5e |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Allow the shortcut key to turn color filters on or off.lnk
| MD5 | 39b870d0bc33d7c28b402cdfb426855e |
| SHA1 | 4237025e87440f2a7327cbec5dede0a80ac0b9f5 |
| SHA256 | 4afe180c3985bc1874008a2701f91fa50132e6b48a1ae85b748e5d1f01834023 |
| SHA512 | 7650237043be5c393db98bec519bd01d4735cdd73f321f92767884606bb8553b26f221b83f3da2834718f2cad6a8a69a77ba42366758c2d54bcab06d3a444763 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Show the Mouse Keys icon on the taskbar.lnk
| MD5 | 5e1748ca8b864832b6d1fd27db867b6a |
| SHA1 | 9778963e21e65f9c5920ab1dafc43d411015693d |
| SHA256 | 101385bc3a7585a0dc165bb490afc881e0193d65e90f9fdc6c0116729481d936 |
| SHA512 | 846742136295ee87907ad17cbea088f288599d74deea8a68383f263215ad53662153b41f8e0ab41e3c480b6650543d8c7ed932e3e3c8a9fa81196dfc705b0128 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn mono audio on or off.lnk
| MD5 | 7134f8a18be5f463d427f0a0037df377 |
| SHA1 | 6b0ad4c36de6ce1c5b9ad43394d5110ea79fbd26 |
| SHA256 | 3ff1dcdf775dafa29dfb7aa630dced9baa0501a1086e8765a8727f12ceaaf228 |
| SHA512 | 323f69cfa2842d2b5b09601714a0eb2afbef7c5d55b7dd9d0b10084859cebf55de915af8b2f197503a8ab453c075914a071a71ce1d73d86bab5e01ab99b22fc7 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn high contrast on or off.lnk
| MD5 | cb010cdefd65876698aefc37d75fbde3 |
| SHA1 | abe4745ccf42b2f9f456c7b60d7a34d56580add1 |
| SHA256 | 6d1ec1d9c47f1f5369a84831b505e1e258289dae50b03a1cc3771f529c98f879 |
| SHA512 | 4ff8721e969273c5ed43963f32d3702038596148d7f42a2b6fa40674d43214fde66d9dbb4cc9728dd3b7d0ab2aa79ea9d311062b378e10197c03c2c5836ece78 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Show the Filter Keys icon on the taskbar.lnk
| MD5 | 2c8e1e3a3cb6a1d06b7a218ee5812bda |
| SHA1 | 6e6bd5a4c5a781be5543be81fdcaec7770a1a77f |
| SHA256 | 0af926a5b56a228c9de8f0bffbb7d751dada2bd30ca38cc97c194ff1bf7a8d7f |
| SHA512 | e5ad034baf57c5ffb44d83ed419359f85af7ff72bf63fa4aca3072557d74c31073618456b1b86bb8e5792ed9d17259e51b714a0262fe84bc45ad87af7efd81c7 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Keep the mouse centered.lnk
| MD5 | d4c4de0cab16f8d18bae11cedd75678e |
| SHA1 | edecb7b926f6144bd968c10e5aabb2a696f20a66 |
| SHA256 | 5cce47fb2bf8fb5e4a959430fc9443a58d8f2501d6e3e4a9e720b343a18fcaa6 |
| SHA512 | 839a85fe9e202b1365bbff74530024d8e41b092645925eee178ea48b9cfb417ac1d7e36e56772163b9a59aa4ee0612205044b349039418ee7138661572939879 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change mouse pointer size.lnk
| MD5 | 5605920f5809ce178c4f494fdc13c5f3 |
| SHA1 | 1e9fa7580ead80c5411c00bc42ce762420b46f8c |
| SHA256 | 1174f00ce2c16685fe281a1f27b5c404edc78873b20c86ca883ab1440889c5a2 |
| SHA512 | 6a25647f71682481d508538aad4a25998b7390ce18c3cb4ddebaa683471a3734af7bc6571c03e42b008129bee67c03678a0d09d982c48eb025ec0f806662a294 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Buy product key.lnk
| MD5 | abae748472ccae5bf442f1c15d148d79 |
| SHA1 | 3241fbe9cbd7d26b71abcec50fa3f1845a5c4849 |
| SHA256 | 5e6f1875431a189d291462f53a44cb883b16bc1dd79cb0095bd96c44f0f7bf7b |
| SHA512 | da8529754df4878c4025b81a81b9befb43a4f9ed1709c2e72ce6448795afc6fd9f0e9bc487eee6e6ea85108bc28c7b03f0065319f7c8625628c2eb5ff56c5b12 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn AutoPlay on or off.lnk
| MD5 | df82c4ce9682d5142b3f1f92a3cbb1d3 |
| SHA1 | 77343dca43c0617179522e915857871b59016f20 |
| SHA256 | c3227da3ac420e640eb8ca6a1c9b6c6c01a30f10d557dae9f3538b28d6c31a4f |
| SHA512 | ec42881f4b3f26dc3ea1455acab62e7448c8547ce2a0a032e4715460f97d068b203810d37d911e40e5bd86e3be7729b855be2223ae0bfb18ae0d545e1c9ad46f |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to account info for all apps.lnk
| MD5 | 0b515c92e92484c1e63c6dd2187ad4bf |
| SHA1 | f55153e1323ab716a5514d8ff58d54faddc5e81b |
| SHA256 | a1391c7fe720a90e42783fdb6d37b5a125c84e5bb24983e381f802022d2a2866 |
| SHA512 | 6ca4df527bb4878a230ed1d2bc4f77fda4046d1c08257e25f80c0721aa8a35b6828f55e557430aef00237f5a0f0be5397f7a57d810d009f55246467704f2947a |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to diagnostic information for all apps.lnk
| MD5 | 5829df6d19f892d48a663237f2a91f8a |
| SHA1 | 5c82ca7d8026225dd2bb43d96e8827010e10c677 |
| SHA256 | a18c9122052fa5d66cef2afa93692907e57b3693c3e829e162f56cf252f3e074 |
| SHA512 | e0768fb0059a95c63cab12c00c0570ca7e33d8c6ebc5ca42fe9f803c3c8a3ce66ad1790404da212795b19585bdd08227de0cc3a05daeb03dcfda1f9a30dbf872 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off calendar access for all apps.lnk
| MD5 | 31069af5d395b9cd331974012aca8c1f |
| SHA1 | d8657e5812c7d3fea179b8a46eb0e3057848a5a9 |
| SHA256 | 6eaf37ffb1a5d539893ebc10a6c409401a0c3dab6e186aa42c44de10ae98ef26 |
| SHA512 | 707a655c1c0f88d7f0a18382331b10038f339f09c3636d6bdb3ba6f306b561a97701f3a683f9841512e98739c926da405c1724b11771f2ab850c991a27c65e7f |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off camera access for all apps.lnk
| MD5 | fc32aed0465703b5dfe7e61946bfcefa |
| SHA1 | 71abd48155f9c35cab110446910648da128db244 |
| SHA256 | 854656aa4c2b0e3d652b4c50add9ea5107f2154911af7ce678fa3c24c1b34642 |
| SHA512 | 852805ef4af3344631c44ccf3fc49c509d040264844faa868a0a121f73e39bcc08ae2e6ddbea7720c7e5fa0be1f01a91ef512d31bb1be05808e9fb715392d6ca |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off email access for all apps.lnk
| MD5 | 8d861c536097c949989581b890b2eafa |
| SHA1 | f8756b31ee8b9d1d10de30449d4f8e2dc97d954c |
| SHA256 | 7f54739e967c8d3825f4787f14287973d9dd4c87a19d6e0333935b1bf09506bb |
| SHA512 | 9aee7a189ad412bb468960deb0079ffcd75cb0138967edecfc88a69902c53c765b5023edb205496cee7f5a19d3a309ab20c25b04b539cba6d2efa5621f7edaa0 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to document libraries for all apps.lnk
| MD5 | 276d9b8495b8d598ac0755b1cb0137b5 |
| SHA1 | 9db3ae45b693160e36de95c94e679d7e60a97f53 |
| SHA256 | b8ee44b09161fe8587aaedfb24462a93b6be442a475627ddd958e78ca6db7e18 |
| SHA512 | 20416ed3e1873572aead6fb5d13f533637d40b92b9525fc673b3fef6efef3a3d700b99db92170bbb4b83f51f02b71c1adeef56111369bc12c4c8acbf378071fc |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off eye tracker access for all apps.lnk
| MD5 | e8410b0e76e7fe3c111ff51292f840a3 |
| SHA1 | 5038a6c730b23507e8d960401683ec9ee811b230 |
| SHA256 | 2438ab8df0b0f466fbbc400930165bad094967dbdfd20a39f812c59cf5fcdda2 |
| SHA512 | c4beee72b1d59d26d3b5eb9b9d2e9ce9255bb461d160de229793d8995626de270728b36c99e76e0efdcd045e5d8951a5904beb6630d4ed1582daf4ab6246f77e |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to motion data for all apps.lnk
| MD5 | 589713b96eea442a7e4bb7057d3887b4 |
| SHA1 | cc69d70da0a60320ebd6a5ff53fa2190b47e594f |
| SHA256 | f80cee18c5b02c3f3fda3501523cf36c5659a7997d1b54ee6027f392b74ffc04 |
| SHA512 | d495ccfee4678b4c9b93699586f44def431d8c88cea36eca237e6e6d93c88cc0aa7228b4b13c2d2bfb5519e1b7df4fa53ffabb735698332669945001c517d9d9 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off microphone access for all apps.lnk
| MD5 | cc8a115bb2e34c5c1b13003e8fa86e88 |
| SHA1 | cb3e20d63e7658241ea1544efa0c2a1c37535a6c |
| SHA256 | 8894c700d70058196c49863cef695506e371f60b9bd8a1c272de47b4b53bf7a2 |
| SHA512 | 2dbfa88b6bfb834300448fc3e105911bf62db1a77423bcfecb49fb574cdb61c51366686c765ea1d3b27a35c04ab51a8bb9820400266404b57b72ea876b09a6e8 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to notifications for all apps.lnk
| MD5 | 503ce5a79498da324fdc1ac56034d000 |
| SHA1 | 70f1dd53ad1500fef7d7dab0c6c2bcf262a5eaea |
| SHA256 | 8a3359caffdbca2aa38a4e7c280ed48387c142099a2b8f5fee8476face45cb7b |
| SHA512 | 17892122c07dff1370ba6d43b7c36fb6db1e9ba5bf29cfe8f4d64b0da8e6ab8c4c02fa4d138b5dcecde87a3826d20cc7ae70c23e76d982cb708a7658e917d8ba |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Allow apps to make phone calls.lnk
| MD5 | 5838a3ed16367cfd6bfd3d65ce7fefd6 |
| SHA1 | 58ff2e8763d64d6689cb48544ee76494b3a9372f |
| SHA256 | d76815b63831d8344def8082d94c24ff9655422a89a506a7b3e66660c5652c3a |
| SHA512 | 333b02d26e4722a4fa84731d2752fba675280a948d3f8464141996b6848b6b1f465f9e990d25c1375fb1c2126af8b22a9691106e495cf575dde221c2604bdc21 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to call history for all apps.lnk
| MD5 | 0fc7528e3acb1834f43f671663ec71db |
| SHA1 | c30471e71ab18fd43207d9bfefa2cb13538c09fd |
| SHA256 | 84548ff0b7426501ba17a8ca4790c216c0fdabb6aefb040233d164f88f95193d |
| SHA512 | cf6aaed3a75edfb491cc09e4b266ce0b0898e6660655f9b90bc5e6d54bcfaf234933587d58242b25d9fdf01831d03dc59bd4d76b279b5df211aa79642efd012c |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Clear clipboard data.lnk
| MD5 | 110b400dd6f2a0e9d57a02fcd250aaf6 |
| SHA1 | 26fc40e3d7e49feeb7a0112face1a8e4efa69bab |
| SHA256 | feeb5a4700adca45e23174d7526075578ee58d1ba64d7f91ae60039b1a2cd1ce |
| SHA512 | ddb28479e8f30e01fe57272c3727bc6c43398c895ac138063f224128a8c19fc6709e383ccabf4c1867126361a184df43bb5be670e426f5c8991dcdaac105cb98 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to radios for all apps.lnk
| MD5 | 6a99de5c4d12852f86dbeba267b8d281 |
| SHA1 | f665394adb59ae9b9cbdef23ea545cbafe82ef1f |
| SHA256 | 73cc9f0c1ac851a17219e30ee81e61466bd07d6524bff54d39f4928ed10ed3cb |
| SHA512 | 5f744c6a0b5806f5071a2075ae709425d03056328fde89b8b194109b9b49eb210e661ac36e6be6b4f32cb766adeddd76e8d1d3b9e0fda696ff5c01790ffb0d16 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off access to picture libraries for all apps.lnk
| MD5 | ac93b1248b8d7bf70f14db2163fd6a9f |
| SHA1 | cb12be35954a44e859850c6940933478db301888 |
| SHA256 | 6c5ad3bbd63c22608214fbe0c67b0ff5767966f409625e8580eaf32f69aa4734 |
| SHA512 | 6f4129d3f7e3d24038e7fa71a6f2ecd80d26c113a91ac0ff13f9186e10f1a25f5ec84e1b89fbaf180aa8f259c07fe15d4f1138762bc18ba4d42977e63e0d5c7b |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\View your network properties.lnk
| MD5 | 64fc31ac34afd34b8fbff2dd48854bc5 |
| SHA1 | a25f5643a448a64737c56f7ea5652754ce801da7 |
| SHA256 | 8adfe50a191d764940eee54fd548da735a9034254c0a17c0575db8ad8dcfce88 |
| SHA512 | ba85a70dff54d103095fd954d5f4cee3f9ad16bcc0b4da6e6ed20768e4af6ed615da9387a3099c570ffad9c8fa07b7b140bf7917d47fab90ffc1669e45e3b5cd |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Sync and display your button flows as quick actions.lnk
| MD5 | bdd44d417a9ca05a106ce3206df9a195 |
| SHA1 | 82be572f54675cb8143f805234d87087c7280cc1 |
| SHA256 | 397a797c59ded4e755c57963a97fdcc6d374f37b84b493ff6a98847527c1ebd4 |
| SHA512 | 0eebf05b491d3c734836a9523e5080f29065bd12b57e4c16ebd657a191d38dad9aa8c2ee943a129270589a0113d5d9777c431882f875528adf87769d305d80b5 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Use random hardware addresses.lnk
| MD5 | 256ec8dd048478d8e215c56acc7caaf0 |
| SHA1 | 86dddfad6c086036ab5304f583db73e759d27661 |
| SHA256 | dc0923800a67fc7400ff2c57f4cdaf60e711243ed40876f4880eae315669434c |
| SHA512 | 100a05db27473b4c5007d30325ed1a2b5cdc81c44527a408adb338f5edf127e9d7e874b5f8d305ffaa477348fb2d9c9b0a6a1f22923a8cdf957f136176da5e01 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Use Cortana even when my device is locked.lnk
| MD5 | 93510794b0a27f178dfb7816d0e55ffc |
| SHA1 | 0c0d4d65eeddf00205d4f0ed620761ef43b4c9ef |
| SHA256 | ba27eb6787c29f3bb7181db971c03b93018ea2519362be54a0f4ffa806ba482b |
| SHA512 | 0e94e166f2745e053434b6552e52f06756a1172895b03625888acae18ac4d77c2b29cc551571d4b6bd35e081e725923e237c41092c009a2273667042f3534dba |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Allow another device to turn on mobile hotspot.lnk
| MD5 | e6567d317588919fa9e447930f1df788 |
| SHA1 | 8001012d802de109bf99b4f751144dc058c11f1f |
| SHA256 | daae25bf3c5bbe39b3390a6399f38481fff3fbb46993f4fb042d610c569ec24c |
| SHA512 | c6aad3de912c02fea71945b86fcb4e13098e2776805e87f3349a2d1f30967f5c42ba150ee861e6b1c84ad3b214c8b3290aee16e9e81bd6965b7314fce3b0f517 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose which files and folders are indexed.lnk
| MD5 | 704ad4041197186bea8bccd54769069f |
| SHA1 | 6105a31e042b8f66e493f24fff4e5d9a01ac0699 |
| SHA256 | 56bba79a6a8c4122e785730014b39356b540caa9cfb0f27ca23999d96bb8e6db |
| SHA512 | 4f950c4a6bdf6ee71af9868ce4735cd921b94046a7449f0f58f007c643a803a5715de579415fd291a0813c3989e28e2e087262c740bf19e42cfc4d98b697e2b8 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Set the time automatically.lnk
| MD5 | 94e0d01a5ec4e85bc9777b6766f4ca38 |
| SHA1 | 72fae34dfdf2fb31157680bd0464a58ed9de57f6 |
| SHA256 | 3aa38db82c1349e8f7ddf7ff8655db3acac4683d13540b3eb9668481564b5140 |
| SHA512 | 462df22dabbc40033b22ab59c566d83309a9be18971d219234f0d1b71e38c679d4905f4f4cddcea251fe331ee32b45dccbdf97ff027717729274fa4714077cb8 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Allow downloads from other PCs.lnk
| MD5 | d315fed9764bfad3c401d4c2caaad768 |
| SHA1 | b7a752c70e8ee6d232ac1903faf54d348dcae057 |
| SHA256 | b8019a0e81ad98833a5e33a41bcae45858359e0f43bbb4c8390b01df5462b841 |
| SHA512 | 5d9c9f93f86cc78be4f85d0b7efd097d68adfe0e46194429b84678536035f83c09e4592cf26aa7cfa355fc6c50074d001bea6d24e2e6b22e5e646fa53f6b6c06 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Adjust strength of adaptive color.lnk
| MD5 | a013a3626693e88bcd2a87a4ee4947d5 |
| SHA1 | 262e0c14f044b8aacb1018fe732d6df8c568f07a |
| SHA256 | 1937be651f324f8b18b5f2965ba3e740bbce53edb2ba2205374efe0be53e6d55 |
| SHA512 | 53785918a49f8c25209c548bee33d175c45ab120e60fedefde473a608e2597e0e776d805821dd60a04c14a1521d79e89d83c9cc1a2eebd1364288faa2b8aa1c1 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Wheel vibration settings.lnk
| MD5 | ee246e39c9e47e4bbb2fab3a75709cf4 |
| SHA1 | 643964ef90a89377572dbe66682e84799525ffaa |
| SHA256 | ab95bc3d5ea6dc27caee0ad4e7c1b616fece4de1e91fd59ee9c51952a74675fe |
| SHA512 | 6c7e04c43b7932e03ce7eebb616f94353d4ab8ec9581329f7f44d55725ab610f03962a6dd5ea19bc1be0b5c7683132daff609ca46e80b9885cdd0970511c5114 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn mic on by default when I record.lnk
| MD5 | b08e303d74a5617a8fc01c3a8a0c3918 |
| SHA1 | 063ddba95871fe05719dbbfcbb2f74fc01f3d0f6 |
| SHA256 | 0faed293f8dd026a2604dc82b64cfdb8ecbc1fe72b39712b703fe39052759763 |
| SHA512 | 8fb849e4b6249bbcc348d55581aa67945cb851d8dd205d8e3fb06141c796ac93ffc21ce28dccf95a6c06f584867da2943018612657c2afa6b79c15236e4a16dd |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose a microphone to use with Windows Mixed Reality.lnk
| MD5 | 6fb78b5a5bf9b43168fa8fdb9d8feeb3 |
| SHA1 | e453e4a081c065d7bbc19e8834b0dfb4754c042a |
| SHA256 | b3bc74aee07c2aaefe03bb784fc162112fae1b567579f677f31e4ff6550582a7 |
| SHA512 | 03fa1f7a1deb65ed18208681be52ec277f5e29136fb83b3b8a2091b0d755aed59000d794da9b0cd307c0265053485f939a5984a33308d2904b0b247722c48d06 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Enable Xbox Game Bar.lnk
| MD5 | e5d9329a8de676bdf4900391036b0eac |
| SHA1 | 9926115e6ded438a2c306a62fdefb1bb03f778f3 |
| SHA256 | 01e1ec24957f26938528ed31f08f45467446b1d4a6f149a979fb919a84254205 |
| SHA512 | 5761c6df545e99e1eebeccd8c465916e74bd481a9fad3e4e7ed51539a2867a40e5443ae32b3edbb27c81fe35b2cf4cf96ddfd77113e15a930da0ce1c2f30f189 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change performance optimization in Mixed Reality.lnk
| MD5 | 7ca8b0e33148288e52f92883a4c4ec50 |
| SHA1 | 89a7641d568cd207c4e38df3ed98f81ed65ca380 |
| SHA256 | cac9d9850a1842db9b1bb5617df89c549a699310afec51bb8e1ed8e0c12cd0a6 |
| SHA512 | d5d87ded7b611b0f35ee0e9f5526c20f66a8dfbafaf85967c029091207432a980b533d57be00378d844b339c3d0f46ec37e4bb30fb35c39839a7a9e4f0df315f |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change the primary button on your mouse.lnk
| MD5 | b2ff0bb59c9414a824b489889a6e79db |
| SHA1 | e1f2cc6b554c7ae93cef8a5ba155c9408f0273a8 |
| SHA256 | 35c6addc4eab35000651ea08aaee91a3672a1d159d777bea1feb48b915e4ec55 |
| SHA512 | 607d87c6378ca5b163fb958850654d222809a509caa37ae176a6cc9978f8ba5ab4d5c170b0efcdc8fbc1ee83201fc7554a5609d95662f6f6ebe0af4ae004af84 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Override for default input method.lnk
| MD5 | 51fe8126db6eabf9ad5f2e7ac07d3c59 |
| SHA1 | 9c25f42b535bdcb78d0a46d8414743064c1bd28d |
| SHA256 | 532266a76c611a7553326f041bf327cbf22b3e1b3f60f006603a7cbe4afd80ac |
| SHA512 | 4984d3fd27d8d39c85c63c29c040af0756e92c5a933e79013cb1324e73282fd893dc2f9acdc3a1d31a57f74b16ac8e060f2288104f34faef9a49997982564ae9 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change the language that Windows features appear in.lnk
| MD5 | 2715077bef33f732d2fad42923e798c2 |
| SHA1 | b7e348b0ffadf0f475a612c9ed254197c88f3dee |
| SHA256 | 1d0adfafdd81a177a5a5d21fd5a1f95f8fe3f3010cfc69cebe121babb9be2f4c |
| SHA512 | 829550a3a5a10ac5e7c9200bdb1e21ebe67f0a47766c5dbebecb59aa8165810454c04f88cb163aa5733693100a276d0c2981b94e49d0d32c08ac66d1ba56aea6 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Delete downloaded maps.lnk
| MD5 | 6e24dd8b7cb69ceb610742bddcb7db53 |
| SHA1 | b7d498030388ec222459c7d50545889bf95f3c99 |
| SHA256 | ae34462da7e4d509a9a65661a56fffffb932119d3daadccb41e39b184aac8f55 |
| SHA512 | 78bb5d9823e16bab1b1dddc806e0a8727e4e7b95fcd4588675c1a9824e3144df3ee37a9fcee001c545314e7d5f2b92caf3d448d4f2df9a2fc82f5bdd935e2dd0 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\View configured update policies.lnk
| MD5 | 9cf93947d4e44b556d0b88147a2a9831 |
| SHA1 | 1bf46519c89ee49263aa7e04caede08baad51385 |
| SHA256 | f8d5d49d8614aa4244a83912764099343773ef9e02dc237d77cfb7d66018e544 |
| SHA512 | f20e9df5be5d5b08b9369fb142c6b92abeeadc45cdbf228731dc05299fa0f5d96b2d9e05f56ca7c712cb5644333136150b891580de88ea4d701235c00020059b |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Browse for an account picture.lnk
| MD5 | 10fc16cd6ae8625817e02d00e3b8c550 |
| SHA1 | cbdc9fc0baa71a31b2d96e7c4908537ec436910e |
| SHA256 | 2fe1f8ea6d998d3b3942bf8c17832178489026bcfadcb76d0f751ef081001d55 |
| SHA512 | 06f00fa5a71cd19720be89f1ffc111c459567cbccfefcebe090ad2c1391943997905dc166aa39c479dbf2e9bce111208500117d61d9b4194bda75ab5e7e526bb |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn on light mode systemwide.lnk
| MD5 | 5a59ae0e62448984efebd144d71d437d |
| SHA1 | 91cd1d92de061f7e72164c07d59f1a236cec351b |
| SHA256 | 3b35843502593a482afa674bd954e5fb0352865a6b9811dfaaf49be47e4c8939 |
| SHA512 | 377415e8bdaeec4d28827f229970015d3737f2d20b451c2e5bb297070e7b39154a6ddb6edc41019a67d9cf39e1c1b8da058c66b424de143325ed7c3e61b50e33 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose an app to display detailed status.lnk
| MD5 | 53747d82c1f03cb936ab30fced4f93a7 |
| SHA1 | 1975a49a154fb0ae99be74241f9b4584f7be5320 |
| SHA256 | 18b4b95fcc292763451b15f2a72da3db81cba8124d28aeffb3b3850f6e961a5f |
| SHA512 | bc9b4e89d6f75b730b7354fec60d011acbc967d1f689299a081e6e26189124b5e7249590aefa1b7f641ea772b7c6e1b9489dbb86c215a7514723611b212bcd91 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Clear activity history.lnk
| MD5 | 0d5176f48dd5813063d9bbe114a71fd8 |
| SHA1 | 0de79e88157bb17753bd1d369ba3b4ea253cd286 |
| SHA256 | d24d2e32642122f2453f78060aa3f626f323696f172ed53a14ce6558efaabb41 |
| SHA512 | 9fdc671e24fb975624a2f1e9e6d76f64c1d2eb9b9ebf91204742b1e95638d203de858ace79434f824e88f65e4060ed43cdc92f097a54c677539d7780781d0ace |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Add a printer or scanner.lnk
| MD5 | 12bf1b4e8ec0463a76ab408c985fecd8 |
| SHA1 | f572d7ab412d2805a616d61abf3565c4b34df6c5 |
| SHA256 | 45f0a27c140a58ade1aaf5870f13fefed506114e4fe74b9080baee6c1cb10fa1 |
| SHA512 | 4e57866c51c7b6da19fb4d8c721341d998895f67bf9ffd1d66aca2dc1c5328e3ccd34597b8be8c734eda9433150fd284bd135ec2a582ba3ff814ced1e9917708 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Set default location.lnk
| MD5 | d8181d26525f364b0da4f77be4cc8a4c |
| SHA1 | 1167ee60b9d865928ae8c2a0262f72b8c0536c56 |
| SHA256 | 84b5c52b16798a4e5a07fc981f65bf9844201cba52809ceb76922060552457ca |
| SHA512 | 488b19876df940273d6656090109193589345eef86dca2cc255e0887568a64c5793e24d7f2a2df13f900979b4275f5082fd666ee49e9e46b5ebb1df069fc8715 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose which apps can run in the background.lnk
| MD5 | 8d18860d830bff9cd35d0a2d3cae2357 |
| SHA1 | 63fc228046b0cc010afff865da188b51f1744c6f |
| SHA256 | 36f41a8a42b0022a2da50b18fef87c7774d12279175329998df68bc1575d0b8d |
| SHA512 | 6fbb05b8841c4414fb05b4a7f5e34e8f9a602985859a7075d87c6fef76a214e0a4c113ec169488e51447c5d7032b3caeffc1ccdbffe0bf8d7dc6df42b22e6af6 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off suggested content in the Settings app.lnk
| MD5 | fdd990c548e7d4a029dfc9ce5d20416e |
| SHA1 | 1c9a977791eb0804411dde27325094ae25427c43 |
| SHA256 | a633484cc74a4fa0287301a1543d837d6b8dc5488bfaa7dfd6739a2ec0503dd0 |
| SHA512 | 5815c806e1e0fcaa9531d46d62e5caaf0749dd8e8691dd215e55a62a1c6382b23c07830e8b53977f3bdb1faca6babc29348033972e704b8d1e7d759468905863 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Improve inking & typing recognition.lnk
| MD5 | 7954ab541d5a2bf90709c332f849ad27 |
| SHA1 | 3c81afc24c478beaf49ef861d5301d8f0bd258c2 |
| SHA256 | 707066b9be4eced17b2ffddb0f735d022fec20a8b82ebbcda360b111a4cd83a3 |
| SHA512 | bf1220d80de22a6e91afb8dd907051418e286e1e005ae6936ab24dbde8cb2cfce694459c44616b6920bf5ddcc66cf90654462d0dc6a4c53e04a34fb363d00b6f |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Turn off typing history.lnk
| MD5 | 166a28149111b7662029162678a35dda |
| SHA1 | 8d1ee3ea22c984eaacf05cb6fc8320d706f087b3 |
| SHA256 | 8e8808899deed64daebd9fa01a3837d1553620d39e4c100af0f5fdcc88fe8aa0 |
| SHA512 | e63310a3f1a3cf6a09ee1dd90788ada6e87c96daf9df55f9a1b582ce3be98135211cfe2045c79e3b713f987a76e5acd577494002f6520f3dbfda9b1f801cca55 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Require authentication to access the proxy.lnk
| MD5 | 1bcd2f0032a24b5e1f0869026480639e |
| SHA1 | 17ea1b536bc38429f4d82ccab7d228ac7b764dad |
| SHA256 | 41529bfeb1ab800692054778e488eba80174560e4b806d63a944021591a8eb9d |
| SHA512 | a3bfdf0ff611aca1a4b98ca68bf05ec44c8996b1523a75302a4f0f013f4e5ff6d8b8e9d4c8915f61b7754cdc8e956efc9b68eff1d7a87d479f312a02fd21184c |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Show me a summary of what I missed while focus assist was on.lnk
| MD5 | 0c4f9717006df0858728e262efec701b |
| SHA1 | 37bb51977036e53a0a5dc0afa0d3e9796ef7fc79 |
| SHA256 | 509a1fab59eca5c703b7fb65f7e9c3829691872da4ea8191c883b751f74fa2d4 |
| SHA512 | 10c7cd0c306350a826771982e05fc59896ed8875803369b2d9c49b4addb83fdb1b6a0685bc0acdc12a8d9850739db188e754d2dc94c40bc8ed6d022b4f9989bf |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Select users that can remotely access this PC.lnk
| MD5 | 57f0c45ecda31caa14e5d9ab08188930 |
| SHA1 | 825ccccb919a81983dd6b29a6830c4f6ac4b72a9 |
| SHA256 | a87faa1f539bc95c0eec8a8c927e8e51aaa8fe5adcb6ff5b9764105d94f3e67d |
| SHA512 | 3363254803f17db1546cf4f8c462843ee3af51ece4035fdf7ae2b27b263df0c007f9d0fc4b759ce48bee6730b660c84d5c49c5d4c58016da84f9f286ca05aa9d |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Set regional format.lnk
| MD5 | de141092b0ddcd227fc6f8b2d35e9232 |
| SHA1 | 73d8179a363fa52bfb38e97e0c5e877ede0a06bf |
| SHA256 | 63f48cca8a52e6fd09e93133914584530703a813dcf0130cbb5e2ab1fc48c1f8 |
| SHA512 | eaa3636eecc91fba14d1741e9889c5e4cf2880ca89bc6833cf7e0419d7183a89f51cded11935ee693fdef0ceaff4736fd0d358e07d67f909dec4627820a2e7bb |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Add an optional feature.lnk
| MD5 | 46d99691f9a8cf2d9aab3f6247a92f89 |
| SHA1 | 3e0620c185cbc1b744252084a8846728dcc46d12 |
| SHA256 | 8825e46a2aa72c0721b7f0cb900dace4ad54fd0a6ae228718be82998d19e6625 |
| SHA512 | 1bd1f23ebf15ad6660494b8f35198a40685c534675e361c6ac370c1733acf5a3d3a87c9ccc93280356f99dabb9f70c8568a98cfa2ab2ba1f3b0fbdc9457399a3 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Show more tiles on Start.lnk
| MD5 | fcab013f6bdd5e3f8a22eda1e334bbe4 |
| SHA1 | 53bee0a64891b74c4d5ee54bb908ca71f142738e |
| SHA256 | bb98950a8db7620b6893ff47d8abb3383e6bff5f7b864030b5be523ee0d6e749 |
| SHA512 | 894e86c4c42c72421848794a11ff22e8e3da78b00a2f93759b8b6f42a8d19fc1120e337c50443c755ae6d6fdcb543ad257edd8a421fc4a3c4bcffd43fda95a02 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose if settings are synced on this PC.lnk
| MD5 | 349fd4f91ed3a3467efa121b49ded61a |
| SHA1 | db183d357c430a0e479d979e02149c89be0f0068 |
| SHA256 | 40edabd5bbc7f9dfe21ad820ee0b279961ea1c2af1829f8a045e009c0d19d185 |
| SHA512 | ba19ce6581a8fa9b3fa472208b430d92ba46c8244346409a06da03a3eac23b9416eeb52653f07c26fcbc228d45acbea7feae077b6f4bd906b358e2bb19ea86cd |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change how Storage Sense frees up space.lnk
| MD5 | 4ac23194e163c28de544269ee26b0f81 |
| SHA1 | 114e948101eb5eac8a36d95d04c20499ef323d4d |
| SHA256 | ad6ae40342a1c2ee2a54ebb97c66572a203fd7b567e40258211640d89211a401 |
| SHA512 | 7d2dd49714a8e7c0370ff2c1e958746e2661666e1b94d112a507af80c56d89ba3f969fc4cbc3ccf185ef62fda39ab73c6b4c8d60118354a6fc59760e8d8218d2 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Available Recommended troubleshooting.lnk
| MD5 | c0e5637d335b5266762d88456696330c |
| SHA1 | a84a55274902aa08a2dea92fb7c7ead742459dd4 |
| SHA256 | 162ff2d7a3e97fc2aa22a3b57ba846484e11beb377efef186e5f5434b73b2ee0 |
| SHA512 | 0b028e8d629ddc9ed07e0077a07afb83650f1f07bc70632c6578ccd6311f893a8981413c7d51408f87460c80a9b7df12c4e187d47a8dcbc3b605f1178dd2bc7f |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Change the sign-in requirements.lnk
| MD5 | c0b13045167ec82a13121f26192adc0b |
| SHA1 | 099af31565cebe8f302d2c20b65dfbbb75f7b075 |
| SHA256 | d3d18767b644f459d5c47ea3afdaa49ff1f3c5552107314ece09f15c1fedeb69 |
| SHA512 | bac1bed21250c5f37ce26350f69dc9b03069d95c88ece7ff99e8ba82f18702b35c216766b8797fc5f721b387a32850a6ed4de5b3b31f9798e1e703c2a909988c |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Choose an account for assigned access.lnk
| MD5 | 930cf8ac9eef9fc946d1a3ed5ec8afca |
| SHA1 | 21c45c955c9c50d15024fbde392aef468cc68a3c |
| SHA256 | d817e91ff51b9145c068fc4e7dd956b4bcc274df00493f452746f6ace5217fd7 |
| SHA512 | 7dd0a4466f0f92643579d9006d99586ef852ded4c25f4d03676b11316d7b60606386979fe13ed183b37e278d4e6991716cf8c2b035d86af835f3c46c6614341b |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Ask me when PCs try to connect to my mobile device using USB.lnk
| MD5 | b94a556d5065aeb5c7057f7d78a2dd3e |
| SHA1 | d221a7e5d9c4012913e7d1562aea74433e54b09c |
| SHA256 | 93a8717f8ef823ed85479b8d6d5a40ea20648cce102c6c0b19d92be29b34f25c |
| SHA512 | 6d5070c6411f8c8b1fa245144609b635bca1e31562a7678acee709d7ef53895b922e4f9dca7545f47ab6f806cfc984345d779ede04a2cd40882c5bd3758683f7 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Play streaming video at a lower resolution.lnk
| MD5 | a162ac77c4825eac5f7ca1f91a4be16f |
| SHA1 | f00efacaf494e5cde0df1db0539590c4d379aa73 |
| SHA256 | cb9ef162b1cad3b35aac2c8d354181b0339589b7fd6c1410760cf2d15679d75f |
| SHA512 | 39869d2914916379381673f812991ebba183b5067a6fc0ba2f5e280b699cafba9e8b819adc2f0e966020f9c259c4ab3cf85c2ac44bed24aa08771125e46256fd |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Add a VPN connection.lnk
| MD5 | bee64eccd3288a549f77a6ffb8bca78a |
| SHA1 | b11fe2fbfb4e0714b7e10013b6d5c199bdd8b797 |
| SHA256 | a653dbad94805c252bf45be97dbb3505f61de1881e79e5e8ed549860ba793d6a |
| SHA512 | 271b2a4715f413a250b6d02fdbb52213190004289d523eaa84e4ed353ca44a0b1ae1a14c40d49f7431ba42dfefdae9b0477df87513afe33ab224724037c9b6e3 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Allow your organization to manage your PC.lnk
| MD5 | 495deb11a42c2e90842c2b5f027c4c93 |
| SHA1 | 7ff1f2e036fcaa403736dbb18e36cf7edf5545f8 |
| SHA256 | 5ec4b3c5fe6fa57cd3f4817bf852cf42a0feed3d18909c4e5c378676510d87b1 |
| SHA512 | 39d97baab22f4256fa0a71a5092c9a53b52501d09b3888f23806ea4b162e6ead7f3be7a665e60c61ba55c19208b5ece4fe8a044d3322adc343b09a3734f71435 |
C:\Users\Admin\AppData\Local\Stardock\Start10Ctrlpnl\Set up an account for taking tests.lnk
| MD5 | 16cb3d8f84d58ac8cac52715b9ec70dd |
| SHA1 | cddb11b8a87ae3251f4ac9dc9375d81a914f111c |
| SHA256 | 9bbf57193ccd65479e848c4ba96240bdfde3eef1c062b96e389b2f076b1dd9ea |
| SHA512 | 3f624c5a52ccd1018b8568aff9a3734efcc910dc0acf90758b40aef9bdfba9fbb83a3e29e7d441ae80f4bf9d1900dd564f432aa38f857b9e3cc8b4283df64137 |