GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-05-12 23:11:36 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS725032A9A364 rev.PC3OC72E 298,09GB Running: urd11ym8.exe; Driver: C:\Users\Sylwia\AppData\Local\Temp\uxldypod.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff880046a1d8c 12 bytes {MOV RAX, 0xfffffa80041dc2a0; JMP RAX} ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe[1756] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000760c8769 4 bytes [C2, 04, 00, 00] ---- Kernel IAT/EAT - GMER 2.1 ---- IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [fffff880010bd650] \SystemRoot\System32\Drivers\spgz.sys [unknown section] IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoDetachDevice] [fffff880010bd5dc] \SystemRoot\System32\Drivers\spgz.sys [unknown section] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff8800108835c] \SystemRoot\System32\Drivers\spgz.sys [unknown section] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff88001088224] \SystemRoot\System32\Drivers\spgz.sys [unknown section] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff88001088a24] \SystemRoot\System32\Drivers\spgz.sys [unknown section] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff88001088ba0] \SystemRoot\System32\Drivers\spgz.sys [unknown section] ---- Devices - GMER 2.1 ---- Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 fffffa8002ec92c0 Device \Driver\atapi \Device\Ide\IdePort0 fffffa8002ec92c0 Device \Driver\atapi \Device\Ide\IdePort1 fffffa8002ec92c0 Device \Driver\atapi \Device\Ide\IdePort2 fffffa8002ec92c0 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 fffffa8002ec92c0 Device \Driver\afofw9eg \Device\Scsi\afofw9eg1Port3Path0Target1Lun0 fffffa8003b8b2c0 Device \Driver\afofw9eg \Device\Scsi\afofw9eg1Port3Path0Target0Lun0 fffffa8003b8b2c0 Device \Driver\afofw9eg \Device\Scsi\afofw9eg1 fffffa8003b8b2c0 Device \FileSystem\Ntfs \Ntfs fffffa8002eff2c0 Device \FileSystem\fastfat \Fat fffffa80038e32c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{CD76A3AB-319F-479B-9910-55E6FFBFC83B} fffffa80036752c0 Device \Driver\usbehci \Device\USBPDO-5 fffffa800391f2c0 Device \Driver\usbohci \Device\USBFDO-3 fffffa80039182c0 Device \Driver\usbohci \Device\USBPDO-1 fffffa80039182c0 Device \Driver\cdrom \Device\CdRom0 fffffa80035ab2c0 Device \Driver\cdrom \Device\CdRom1 fffffa80035ab2c0 Device \Driver\cdrom \Device\CdRom2 fffffa80035ab2c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C3BA0A55-F69F-48D0-ABE5-ABABDC458E81} fffffa80036752c0 Device \Driver\usbohci \Device\USBFDO-4 fffffa80039182c0 Device \Driver\usbohci \Device\USBFDO-0 fffffa80039182c0 Device \Driver\usbehci \Device\USBPDO-2 fffffa800391f2c0 Device \Driver\usbehci \Device\USBFDO-5 fffffa800391f2c0 Device \Driver\usbohci \Device\USBPDO-3 fffffa80039182c0 Device \Driver\usbohci \Device\USBFDO-1 fffffa80039182c0 Device \Driver\volmgr \Device\HarddiskVolume1 fffffa80021a32c0 Device \Driver\volmgr \Device\FtControl fffffa80021a32c0 Device \Driver\volmgr \Device\VolMgrControl fffffa80021a32c0 Device \Driver\volmgr \Device\HarddiskVolume2 fffffa80021a32c0 Device \Driver\volmgr \Device\HarddiskVolume3 fffffa80021a32c0 Device \Driver\volmgr \Device\HarddiskVolume4 fffffa80021a32c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa80036752c0 Device \Driver\usbohci \Device\USBPDO-4 fffffa80039182c0 Device \Driver\atapi \Device\ScsiPort0 fffffa8002ec92c0 Device \Driver\usbehci \Device\USBFDO-2 fffffa800391f2c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{1957F72F-E5AF-447B-85E8-2FEE6B217AA7} fffffa80036752c0 Device \Driver\usbohci \Device\USBPDO-0 fffffa80039182c0 Device \Driver\atapi \Device\ScsiPort1 fffffa8002ec92c0 Device \Driver\atapi \Device\ScsiPort2 fffffa8002ec92c0 Device \Driver\afofw9eg \Device\ScsiPort3 fffffa8003b8b2c0 ---- Trace I/O - GMER 2.1 ---- Trace ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys >>UNKNOWN [0xfffffa8002ec92c0]<< spgz.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys fffffa8002ec92c0 Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003232560] fffffa8003232560 Trace 3 CLASSPNP.SYS[fffff88000db743f] -> nt!IofCallDriver -> [0xfffffa80032312a0] fffffa80032312a0 Trace 5 hpdskflt.sys[fffff88001e0b289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80031c3060] fffffa80031c3060 Trace \Driver\atapi[0xfffffa8002fceb60] -> IRP_MJ_CREATE -> 0xfffffa8002ec92c0 fffffa8002ec92c0 ---- Modules - GMER 2.1 ---- Module \SystemRoot\System32\Drivers\afofw9eg.SYS fffff88004a76000-fffff88004abb000 (282624 bytes) ---- Processes - GMER 2.1 ---- Library C:\Users\Sylwia\AppData\Local\iLivid\imageformats\qico4.dll (*** suspicious ***) @ C:\Users\Sylwia\AppData\Local\iLivid\iLivid.exe [2200] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-11-02 14:14:06) 00000000706a0000 Library C:\Users\Sylwia\AppData\Local\iLivid\imageformats\qgif4.dll (*** suspicious ***) @ C:\Users\Sylwia\AppData\Local\iLivid\iLivid.exe [2200] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-11-02 14:14:06) 0000000070410000 Library C:\Users\Sylwia\AppData\Local\iLivid\imageformats\qjpeg4.dll (*** suspicious ***) @ C:\Users\Sylwia\AppData\Local\iLivid\iLivid.exe [2200] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2013-11-02 14:14:06) 000000006fa80000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBA 0xAE 0x30 0x7E ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9F 0x0C 0xCC 0xFA ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0F 0x15 0x72 0x12 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x0F 0x15 0x72 0x12 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBA 0xAE 0x30 0x7E ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9F 0x0C 0xCC 0xFA ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0F 0x15 0x72 0x12 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x0F 0x15 0x72 0x12 ... ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Files - GMER 2.1 ---- File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A2884E70C97D086BFCDDF676215DCFAD12AA1A69 3752 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\796CD331A9B6544B4B4FBD9B0FAE759BD0FF6BAA 8099 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\50070ADDE3DBCD80CA3B53849B327A7D420CE857 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\1F66D81F47115E91BFFBDE1FBA1605DE04C8D149 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\2184966C96CFC14C1E7D0262CDD37036D16EA332 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\F8BEA3CAC23604FC2CD0507DB5F02E92EF925183 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CA07E59E9D4E8CE8098B80854F7D867565784206 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\01C77A0CF2CD50BC89997E4E939EB338039766CF 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E4879E486674B2E356C864EA6A8BDE718E889532 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AE5DE6BA10455DF767C3053635EAE0028B9A129A 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\1BDD9C5106D67AC734D57E518BBD029EE531AE31 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\13DC28454A1614D7C13118C573F2EE7BBF16E622 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\3EC9D5C6C04CBCC65DA46DA86A60232FACF031E4 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\3DDE1E8F06CD3BE222E8D481394CE1484CFC3FC1 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\31AF268956B0BAB26E07ECAA95F4AC7569F58A63 6657 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\0186BD7B1F30F1787A5B9E53A048822DA75A5ED4 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\43DABE9DD52B0BE5AA05D3C920E93A756FF1A0A4 3868 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\C374904352875C04D30212625BB6D85DED66E579 1769 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\32891061A0785DB760C7AED08D713425B6464A89 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\17DFFC5CBCCA3BFFC1B5827646534F92566F1B70 3022 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\9F034482ABEDCEC5D9BE5CD8DF790154C1DB8630 12290 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\54B0AD19477A65373AB3C744A56DDEC16EB6A2C4 1785 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\BCF9E1E6FDED243CEEE6CBF3A00F59894824D8D7 67497 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\9E62ECE7BC7A1F607DF24834CF21E9C3AD585337 1481 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CDB1EBBC3C0A66D23DD7AA72B0288FCFADAFFB11 3454 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\ADA40BC4B2E6C5585B44372D0FE64B6EED76DA87 7251 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\1ECB7AA0F76942A41B1FF3A89DC3B3CBCB181432 17362 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\ED8C01EA3016C79BC427C8EE28F08941F86B7D1F 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\02955BBE9D2CCC76BB7774491E750C34931C1ADD 3626 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\27660277732FA215B1BC3FAC1D8AB8F48F0EF02D 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\F9AF748650600B4FF844D2B70DABB510893D8393 2285 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AD0EF32A1CFD15181BDE9CCCAD312A64BC9C61E4 1426 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AD28D59EDFE9F0966F059BB7415C5AB292B0DC19 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AD49AD4442D20AE2100B5715C7B361FC274ACB84 12944 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\75179A4FD7249397A70BD9B2ED4DAC6B1FB2DC23 9775 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\809D4609D1F0040C9C7FA9BD69AC3F4338418EA0 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\80CCFA5456B5DE6E50034ACDF49CD45407F26CCC 563 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A04745FDB1F6533BC76C97DB750D13F4A9694F29 1267 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\716BC5EDDC1737B1C1425801FDCF520E12F2EAE1 433 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AB8CE7ECF4D3970BB0FD882E284A902561A76B09 6137 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\ABA4AB6349B5B2AF0EA18B7C6C8CEDE8D666D851 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\ABCF7495C1E82FA8FADFD5A46D0AF919A71A016E 1935 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\5FC3EB2C48ADF11D016BFE3CD35CCCE187787A73 3584 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\3D70D6A5BD9D04D2794117700DB413E7E9D7852C 52075 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CB92C16C5CAEC950B152C3B7FE87749DAC9514F7 9171 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\853CC503015C1725B684A37F8D99EC41A94D2FC0 3561 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\833D1AD516C33E538330D59B9340BCD8F60307E5 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A98F187D911756B61DC8ACD784E0D2F02DD565C8 11217 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\FFE942A12B95EEEC04B0D3AF436BD0B65CD4E600 8145 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\09D6B6A15860223CAA99E4A5F2DEE6E413808E62 2428 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\594CB75F8991A3B58D89C98B2DC1EEABC0459D0A 3127 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\3C7258D99B22D3AE6F89D6293E88C60BF4399214 897 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E0CAC97F2FFA3ABF464649F6EFF63E14A2D68418 897 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\110867E5B21D25313D94CE71773F9AB503152243 18617 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\2EBF9AF65A5C682D3480801BE0C62B28EEABD2B9 12008 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\5369298532A2DAC0F6DF3FE63F323BF6C31CC09D 3408 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\AC5B0D73DC19BCA445069352C72256CF01BA4CF7 283103 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\8A12B1600D8C1BB15924141AA5CEA83949A51247 3844 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\0F51390F97970DF37D92829DEB3BB4BEA2872DA9 11423 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\9C932EE0212D52390E476D067224ED700F498C29 2235 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\937E9D8DD1D09315D91BD96460C0D196C14E5E75 35584 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\4F9F60675833862F0117A5B5FD52D52531686766 283105 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\24241145F404D5CC057E2C3DD330AC1980CE2B78 7872 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\44D5E9159E7CD3A9E2966DDEAC9BE495F1E44E6F 4822 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\D291B2721E0165E7ABD9AEC92DE5A436D943055C 7256 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\D2BE2C1CBA74FFD5369AF149CB9227FB1E0A111B 1104 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\C7573BA93956B8C28B3BB8DAFA53503169DF3C1D 2471 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\FE78160B1088DC03D5AC50F115C0B9C8F9E42B3C 3919 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\F56E3B01F386F9F7CCD5655D05E79D403E150777 45580 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\009CD196F94F7FA02BC214F9F97DE80980B16704 1475 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\667326C5119CEA8F591022F065CB30BA96C26819 1769 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\507E38E8DE04B4391C2EFA9A015C6F269D07A932 3071 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\50B928C1376E063D7DCFBD0F51D6440545BDC2C3 4136 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CCAB5AD8BE8F9C0656BF02DFA9AB00786C87F343 1569 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CCB0BCEFF5ECDC7E9072A3096BB3F05F65BAC54D 9062 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\0E5FC5244E73F216490BD94C3B35D139B7C206F7 1459 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\6A284C163805A8CF00B2E9DE6619AA2940F41EE6 4380 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\D625C438F8CD21992EBF6369E266A30EE4619800 11423 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\064B5FF1923AFC0F8EAAB9FDE57AC82BA08A9462 2826 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\06E61BB0F822275263DA3DE753A91BE612A67459 2956 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\B6F1ECCD675579F63364891B3C6FC5E3A62CC14A 2718 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\F939454C08D1762259B489E8923BA10D8BDF70F4 1527 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\DA0A6A0415CCA2AF5A3A8C6F93797CE6E94A5F07 197515 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\4A5FC4C9750588092D20CA97CF47C0E240E0021B 3233 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A44267C1B55456B1013C7FC9627154DB3FD2A4BA 87675 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\5802F26DD5A66746D9D5F4BA698B773F29282320 29377 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\BE299BEE52D9A1298FECFEBD5EFCFCCA5E23DDF4 34965 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\03D357E48E7CADAF406E69B3879656837F809B54 73445 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\16D60918A20F6A08BAD622DF6236AA13725ABD1A 2025 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\740D789622AFCF69EA67DC404DC5116BE10C7862 2549 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\52195ABA87D09C0E96C8DC56A51BCEF73442DCA8 5510 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\846FF185B120ADA918286322F6B64D66939023DE 4392 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\9F6AB15B2C020D8B1F78A0C70B57FABFF73E1F14 41515 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\C66ABA9C509A029F26BED2CFC9B32C0EF1257F88 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A11B190550A8318AC8D5CCB802A6FCD1E61FEADC 5569 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A145ECB1A5B3B41004CB51EBD4AC2414A372F27A 9069 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\0D55DF87EDCA7BEF823ECC7BB3506EC4E06DF150 400 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\BE9AAB32B95F9B2D102258B3BDE423324432EACA 3093 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\BE9D5240F97A2F494253B5C56ABFF6C74A6F69CA 1329 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\B876A713EC0D3B689636D667AAF9C37F5060E2AC 13681 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\B8AA2EDAAB685CC5F0B9C2BD88EE04419C6CA324 6653 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A9D108642FA10C3E7F80754390C4E2E98DCDA1DD 33432 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\577041C61235D969DD72791370234DEB3FBFD8A3 29096 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\578575F330010078A5EDF1EAE8BFD9BD3E69E307 2717 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\4ADB9E637B1982A17917CD6CCA74FFD232E44C4C 4717 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E812479E46C0DA054411C93850D3FFC18593BC53 821 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\44AD7B732322A1E30ED86F3F2B91DA2F36E84765 12245 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A233A6D55D5850B8E327FE3284FDC28319F70CB8 45632 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A71E61856BB91F3301C99C9243A049D884E6E41C 22993 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\CBD97D41E92C6708AAA421ED5A552755998744E1 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\5AE0C2621AE336F44066C4840CB68C65D158CF8C 3938 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\0218DB27B5CE3B58ABAA2557380017EC0FD140E9 8787 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\024425CE0FCEAC396B8BC2C1560AE425CA6D2659 2947 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E2E4C7015501BC299B60513DF06560F94AD1176F 38672 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E5269487F481BB2BE6AF58311054BBC2F14A1E72 10746 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\E52D6121E025486622386479171380CCF896C488 70204 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\82D98CD91677540E5FC0B8766A2FE341FC73860F 16903 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\38635C9E4EB5CC0176697FE978E3B812E0EF9D77 3776 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\477B96AA9D038C8C5815C307F4CDB452BDA2F3BB 7922 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\4784EDE6371C62F2E179DD4E31BFC7AA169099EB 26472 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\F1341DDA21F42DD0876357DF2C0F2749C291A49E 5555 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A5F06461A8C9607ECF5193339F29568982F6157D 3877 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\931752874DDAE034D42F2DB38579473DAEF6AC74 3247 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\DACD58A336693D33A40AFA2621A6B92514946DD8 0 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\EC5F4782F496138939F2379A1C1DAAA4DB9CDB7C 3384 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\C6A297477F2F3BE5C44F97449066024A7932C5FB 1798 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\C6B0B8C8218715E622F1E674FC48F6A5BF8338CC 3167 bytes File C:\Users\Sylwia\AppData\Local\Mozilla\Firefox\Profiles\gzogejgp.default-1428433221887\cache2\entries\A889A7FE8534B0E2EBDA0B854865C68F12B64B4B 7535 bytes File C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1\GlobalInstallOrder.xml 1973556 bytes File C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1\WcmTypes.xsd 1047 bytes File C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1\x86_installed 9 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.18738_none_131ea4ea25187c9d 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.18738_none_131ea4ea25187c9d\wpdshext.mof 3319 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.18738_none_131ea4ea25187c9d\WPDShextAutoplay.exe 30208 bytes executable File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.18738_none_131ea4ea25187c9d\WPDShServiceObj.dll 105984 bytes executable File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.18738_none_131ea4ea25187c9d\WPDShServiceObj.mof 3063 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.22943_none_1398723d3e42b6cc 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.22943_none_1398723d3e42b6cc\wpdshext.mof 3319 bytes File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.22943_none_1398723d3e42b6cc\WPDShextAutoplay.exe 30208 bytes executable File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.22943_none_1398723d3e42b6cc\WPDShServiceObj.dll 105984 bytes executable File C:\Windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.1.7601.22943_none_1398723d3e42b6cc\WPDShServiceObj.mof 3063 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-f12-provider_31bf3856ad364e35_11.2.9600.17801_none_bd6798d87eaf30d6 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-f12-provider_31bf3856ad364e35_11.2.9600.17801_none_bd6798d87eaf30d6\Microsoft-Windows-IE-F12-Provider.ptxml 11892 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.18812_none_21dc2534b8316d7a 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.18812_none_21dc2534b8316d7a\tspkg.mof 964 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.18839_none_21cd8762b83b56bd 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.18839_none_21cd8762b83b56bd\tspkg.mof 964 bytes File C:\Windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_4d9e16f8b98d820d 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_4d9e16f8b98d820d\icrav03.rat 8798 bytes File C:\Windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_4d9e16f8b98d820d\ticrf.rat 1988 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17801_none_46cce0c7c34ec1c5 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17801_none_46cce0c7c34ec1c5\ieframe.ptxml 24486 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_11.2.9600.17801_none_a7fb294c73a901ea 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_11.2.9600.17801_none_a7fb294c73a901ea\ieuinit.inf 16303 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945\bing.ico 5430 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945\Windows Feed Discovered.wav 19884 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945\Windows Information Bar.wav 23308 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945\Windows Navigation Start.wav 11340 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17801_none_118c74312f2e3945\Windows Pop-up Blocked.wav 85548 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17801_none_ffc231166bb9f593 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17801_none_ffc231166bb9f593\wow64_Microsoft-Windows-IE-HTMLRendering.ptxml 3228 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-setup-support_31bf3856ad364e35_11.2.9600.17801_none_b24fd39ea809c3e5 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-setup-support_31bf3856ad364e35_11.2.9600.17801_none_b24fd39ea809c3e5\ieuinit.inf 16303 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_11.2.9600.17801_none_4210fe744fa61d1a 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_11.2.9600.17801_none_4210fe744fa61d1a\msfeeds.mof 1518 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_11.2.9600.17801_none_4c65a8c68406df15 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_11.2.9600.17801_none_4c65a8c68406df15\msfeeds.mof 1518 bytes File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\cng.sys 459344 bytes executable File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsasrv.mof 13780 bytes File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510\cng.sys 459344 bytes executable File C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510\lsasrv.mof 13780 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23017_none_226a9b93d14abf39 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23017_none_226a9b93d14abf39\tspkg.mof 964 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23040_none_224329c9d16961ab 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23040_none_224329c9d16961ab\tspkg.mof 964 bytes File C:\Windows\winsxs\amd64_microsoft-windows-inetres-adm.resources_31bf3856ad364e35_11.2.9600.17801_en-us_51c856a492abc11c 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-inetres-adm.resources_31bf3856ad364e35_11.2.9600.17801_en-us_51c856a492abc11c\InetRes.adml 444481 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_11.2.9600.17801_none_ddbc8a7f80ee44b5 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_11.2.9600.17801_none_ddbc8a7f80ee44b5\ieapfltr.dat 616104 bytes executable File C:\Windows\winsxs\amd64_microsoft-windows-inetres-adm_31bf3856ad364e35_11.2.9600.17801_none_d0b9ce80ad0333bb 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-inetres-adm_31bf3856ad364e35_11.2.9600.17801_none_d0b9ce80ad0333bb\inetres.admx 1667217 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_0f519f38c0e6b499 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_0f519f38c0e6b499\lsasrv.mof 13780 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_0f2a2d6ec105570b 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_0f2a2d6ec105570b\lsasrv.mof 13780 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_0ec328d9a7cd62da 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_0ec328d9a7cd62da\lsasrv.mof 13780 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18839_none_0eb48b07a7d74c1d 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18839_none_0eb48b07a7d74c1d\lsasrv.mof 13780 bytes File C:\Windows\winsxs\x86_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23017_none_c64c001018ed4e03 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23017_none_c64c001018ed4e03\tspkg.mof 964 bytes File C:\Windows\winsxs\x86_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23040_none_c6248e46190bf075 0 bytes File C:\Windows\winsxs\x86_microsoft-windows-security-credssp_31bf3856ad364e35_6.1.7601.23040_none_c6248e46190bf075\tspkg.mof 964 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-timeline_is_31bf3856ad364e35_11.2.9600.17801_none_5c007931debcc4c7 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-timeline_is_31bf3856ad364e35_11.2.9600.17801_none_5c007931debcc4c7\Timeline.cpu.xml 3197 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_a9bcb27c71eaf343 0 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_a9bcb27c71eaf343\icrav03.rat 8798 bytes File C:\Windows\winsxs\amd64_microsoft-windows-ie-ratings_31bf3856ad364e35_11.2.9600.17801_none_a9bcb27c71eaf343\ticrf.rat 1988 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17801_none_51218b19f7af83c0 0 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17801_none_51218b19f7af83c0\ie9props.propdesc 2843 bytes File C:\Windows\winsxs\wow64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17801_none_51218b19f7af83c0\wow64_ieframe.ptxml 24486 bytes ---- EOF - GMER 2.1 ----