Overview

overview

7

Static

static

3

376b4c8d17...18.exe

windows7-x64

7

376b4c8d17...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2024, 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    376b4c8d17b91f570852303d932d434a_JaffaCakes118.exe

  • Size

    4.9MB

  • MD5

    376b4c8d17b91f570852303d932d434a

  • SHA1

    db5f79563c5d46fdb351c31bacb892bc40320452

  • SHA256

    5a2aa50697eee171cd552860f574b718c83fb58efb3786936a4f75506663bb7a

  • SHA512

    8cb0347cb60d38087fd8ba95168917ba9c2977bc7b508d4d8e00cbe895f09e0205761ac62f5ad2e2a8aa67ef56767c59ed346c10a8423c0571b88af10f623df9

  • SSDEEP

    98304:zig8EAPrNQyRUA3AKvd4vFikbCZ2gIbVkTHQ/O6+qti:zGEAhQHA3xyvFiWCZ2gIYQ/O6Rti

Score
7/10
discoveryupx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 64 IoCs
  • Blocklisted process makes network request 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 46 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 20 IoCs
  • UPX packed file 12 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 29 IoCs
  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 46 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 5 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 58 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3544
      • C:\Users\Admin\AppData\Local\Temp\376b4c8d17b91f570852303d932d434a_JaffaCakes118.exe
        "C:\Users\Admin\AppData\Local\Temp\376b4c8d17b91f570852303d932d434a_JaffaCakes118.exe"
        2⤵
        • Checks computer location settings
        • System Location Discovery: System Language Discovery
        • Suspicious use of WriteProcessMemory
        PID:2092
        • C:\Users\Admin\AppData\Local\Temp\Driverpatch.exe
          "C:\Users\Admin\AppData\Local\Temp\Driverpatch.exe"
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • System Location Discovery: System Language Discovery
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:2324
          • C:\Users\Admin\AppData\Local\Temp\Services.exe
            "C:\Users\Admin\AppData\Local\Temp\Services.exe"
            4⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of WriteProcessMemory
            PID:3868
        • C:\Users\Admin\AppData\Local\Temp\DriverDetective.exe
          "C:\Users\Admin\AppData\Local\Temp\DriverDetective.exe"
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Enumerates connected drives
          • Drops file in Program Files directory
          • System Location Discovery: System Language Discovery
          • Modifies system certificate store
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of WriteProcessMemory
          PID:1424
          • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\ISBEW64.exe
            C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{78980C04-6103-4381-ACF6-664FB9402FDC}
            4⤵
            • Executes dropped EXE
            PID:4848
    • C:\Windows\system32\msiexec.exe
      C:\Windows\system32\msiexec.exe /V
      1⤵
      • Blocklisted process makes network request
      • Enumerates connected drives
      • Drops file in Program Files directory
      • Drops file in Windows directory
      • Modifies data under HKEY_USERS
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:3788
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding 8FEB0173657980AD6A47C1776A6F35F8 C
        2⤵
        • Loads dropped DLL
        • System Location Discovery: System Language Discovery
        PID:2900
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding 597261E31570238987C7C0FE180F9A83
        2⤵
        • Loads dropped DLL
        • System Location Discovery: System Language Discovery
        PID:4452
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding A031B9742C24C853E74091C756AD628C E Global\MSI0000
        2⤵
        • Loads dropped DLL
        • Blocklisted process makes network request
        • Drops file in System32 directory
        • Drops file in Program Files directory
        • System Location Discovery: System Language Discovery
        • Modifies data under HKEY_USERS
        • Suspicious use of WriteProcessMemory
        PID:3720
        • C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
          "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe" install "C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe"
          3⤵
          • Drops file in Windows directory
          • System Location Discovery: System Language Discovery
          • Suspicious use of WriteProcessMemory
          PID:3376
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 22c -InterruptEvent 0 -NGENProcess 21c -Pipe 228 -Comment "NGen Worker Process"
            4⤵
            • Loads dropped DLL
            • Drops file in System32 directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:4280
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2d8 -InterruptEvent 0 -NGENProcess 2ac -Pipe 2d0 -Comment "NGen Worker Process"
            4⤵
            • Loads dropped DLL
            • Drops file in System32 directory
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:100
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 2b0 -Pipe 2d4 -Comment "NGen Worker Process"
            4⤵
            • System Location Discovery: System Language Discovery
            PID:2068
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2d8 -InterruptEvent 0 -NGENProcess 2f4 -Pipe 2ac -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:1276
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2bc -InterruptEvent 0 -NGENProcess 2b0 -Pipe 2f0 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:2660
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 224 -InterruptEvent 0 -NGENProcess 2dc -Pipe 2f4 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:1560
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2b0 -InterruptEvent 0 -NGENProcess 2d8 -Pipe 224 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:5068
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2b0 -InterruptEvent 0 -NGENProcess 2e8 -Pipe 2bc -Comment "NGen Worker Process"
            4⤵
            • System Location Discovery: System Language Discovery
            PID:4460
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2b0 -InterruptEvent 0 -NGENProcess 2dc -Pipe 2ec -Comment "NGen Worker Process"
            4⤵
            • System Location Discovery: System Language Discovery
            PID:3992
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e0 -InterruptEvent 0 -NGENProcess 30c -Pipe 238 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3164
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e0 -InterruptEvent 0 -NGENProcess 304 -Pipe 2e8 -Comment "NGen Worker Process"
            4⤵
            • System Location Discovery: System Language Discovery
            PID:4392
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e0 -InterruptEvent 0 -NGENProcess 30c -Pipe 308 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3128
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2fc -InterruptEvent 0 -NGENProcess 2e0 -Pipe 318 -Comment "NGen Worker Process"
            4⤵
            • Drops file in System32 directory
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:4556
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 304 -InterruptEvent 0 -NGENProcess 300 -Pipe 2fc -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:844
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e0 -InterruptEvent 0 -NGENProcess 314 -Pipe 2e4 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:1972
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2cc -InterruptEvent 0 -NGENProcess 32c -Pipe 30c -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:2252
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2cc -InterruptEvent 0 -NGENProcess 304 -Pipe 328 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3976
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2e0 -InterruptEvent 0 -NGENProcess 314 -Pipe 330 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4284
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 304 -InterruptEvent 0 -NGENProcess 33c -Pipe 320 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4324
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 304 -InterruptEvent 0 -NGENProcess 34c -Pipe 300 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3484
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 358 -InterruptEvent 0 -NGENProcess 36c -Pipe 35c -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4476
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 36c -InterruptEvent 0 -NGENProcess 354 -Pipe 368 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:1784
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 36c -InterruptEvent 0 -NGENProcess 338 -Pipe 334 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:784
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 36c -InterruptEvent 0 -NGENProcess 314 -Pipe 354 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4056
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 314 -InterruptEvent 0 -NGENProcess 33c -Pipe 36c -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4464
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2d8 -InterruptEvent 0 -NGENProcess 2e0 -Pipe 2cc -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4032
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2f8 -InterruptEvent 0 -NGENProcess 32c -Pipe 2e0 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3216
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 310 -Pipe 34c -Comment "NGen Worker Process"
            4⤵
            • Drops file in System32 directory
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:3576
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 31c -InterruptEvent 0 -NGENProcess 33c -Pipe 338 -Comment "NGen Worker Process"
            4⤵
            • Drops file in System32 directory
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:3284
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 360 -InterruptEvent 0 -NGENProcess 304 -Pipe 314 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3368
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 360 -InterruptEvent 0 -NGENProcess 364 -Pipe 33c -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3704
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 350 -InterruptEvent 0 -NGENProcess 344 -Pipe 374 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:3280
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 364 -InterruptEvent 0 -NGENProcess 2f8 -Pipe 350 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:4816
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 32c -InterruptEvent 0 -NGENProcess 2d8 -Pipe 344 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:1568
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 304 -Pipe 310 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:2628
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 2c0 -InterruptEvent 0 -NGENProcess 2d8 -Pipe 324 -Comment "NGen Worker Process"
            4⤵
            • System Location Discovery: System Language Discovery
            PID:100
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 370 -InterruptEvent 0 -NGENProcess 32c -Pipe 2c0 -Comment "NGen Worker Process"
            4⤵
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            PID:2324
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
            C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent 370 -InterruptEvent 0 -NGENProcess 2d8 -Pipe 360 -Comment "NGen Worker Process"
            4⤵
            • Drops file in System32 directory
            • Drops file in Windows directory
            • System Location Discovery: System Language Discovery
            • Modifies data under HKEY_USERS
            PID:1276
    • C:\Windows\system32\vssvc.exe
      C:\Windows\system32\vssvc.exe
      1⤵
      • Checks SCSI registry key(s)
      PID:2064
    • C:\Windows\system32\srtasks.exe
      C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
      1⤵
        PID:1012

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Config.Msi\e5851c6.rbs
        Filesize

        127KB

        MD5

        b1a39e86a0209c6a4ba5176ed1570f44

        SHA1

        44a0b9534f6583bb28930a671ee996a2295160e8

        SHA256

        a4fef87977af18b9f35ef8e792602148a6f2d7736c693a66adeb7bcb4e5c830e

        SHA512

        efb9a3f43b055d3dc190609dbc2bf185bf39e22ef16df3d8769daab42731fa33fe8397240972a69c9eacf49c17bcd8ce30ed0ff76f98d24eb672943be8a530e9

        Download Submit

      • C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe
        Filesize

        304KB

        MD5

        978515e5b4853e44d7e6e52441d0a955

        SHA1

        1956379cd6b23e4dcef90a4da718fd6525fe791d

        SHA256

        b44c8740c29779c0461a32633a6304704aacdbf4d757e46ab93e0ffc0dd71aa3

        SHA512

        2cc7a5efca00759c2b8ce080b56eff0d92301cac698fb05acc798de8b82e40ce32cf84f66e8e03ec8995ce2c69a1a20d4f593b7d686af2526479bf6e73b0e7bc

        Download Submit

      • C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.ini
        Filesize

        2KB

        MD5

        45b2328e2888f965dc91bccc65866539

        SHA1

        745b3cc2a4013306e48092439bc29b2c6705b107

        SHA256

        9f9405dff8f6857d547acfa2cc52a765781dd2cfff94031e041d4d5dfc5b51ee

        SHA512

        57c2beb8ae9281127f99d84b9b3a4b413677b3ecdd2fa0c8bae45f5cd965b14005164d046762b6ab0e13ab2d9d145ffa220fac8302cc5bf60e3f4f222fa09532

        Download Submit

      • C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.Communication.dll
        Filesize

        77KB

        MD5

        330e271bebd2b0cfc3a2d18ef4209d5a

        SHA1

        6edc921ec69ca3b9c11f3e649ea156b2d635fee4

        SHA256

        6e2043b91797af4a72af8ae09a73f5d7203bef17d78410b56536bc84befed8fb

        SHA512

        532bbbf9c7d3fa3dbbf0188eff325ad9343de562d46c629b2cb68a9da372be7824ec216a741cbae1b8e69d80f95b04309c1f74225a51a49b13b893312ead42c5

        Download Submit

      • C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
        Filesize

        1.0MB

        MD5

        bbc97485a40e439bbe888e324f5b1786

        SHA1

        0eeef131196f8ccd76402464369e89d57e8d9f38

        SHA256

        aad4ab6933cf411c3dfc3f1763653465474be14d7348e0161bf7460239114be3

        SHA512

        af81abb2abbfb9c1df58ec0ee90144e0138235a595d064bfffaf45e34a183b77cd8438f8cc80e7fe255786dcdadfc7bb2b4ef9db09e7ad0a1419ff4989cd465b

        Download Submit

      • C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe.config
        Filesize

        5KB

        MD5

        67348ba2808cee131fb92b1d53391494

        SHA1

        3c0b94f0be51b8b203e5a9de1cca34bcedf74e50

        SHA256

        2b6b7c5574099cf49d7bfb30690b1651057a7cf29ea033a9e4ef2bd0fba4dce7

        SHA512

        f53075b44e4962ffe49f9404b28cfceeb2dd00e0268ccba2e8ad1a1387488c67ea84071dbeba17b35cd88633e8114ff6a745d5427c5b063670b5fc02f2c69b78

        Download Submit

      • C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Common.dll
        Filesize

        61KB

        MD5

        30b5fa2cca6357a7c240971777116c8e

        SHA1

        e9ceb6a2dd6d49c0e0c386495542c305a367aece

        SHA256

        520c69b275015547dcdb477f8ad27ba530d9c4b7eee0e9aa6d8d1079d5042c77

        SHA512

        af33394a39ebc2a5466ca2714fae6d8e50b3f449ae98e003c4c952dabbfd3430fd5d167a04d5c84ae4502333e6981e36e2d7c349b0538e2cacdaa2bef7b3aada

        Download Submit

      • C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.ExceptionLogging.dll
        Filesize

        37KB

        MD5

        9a3200dfbf47b03fd43160ec8356be51

        SHA1

        03a5c399da397b7d6fb02f7ad1fb387b7fb2d618

        SHA256

        9f978438d0e4cf0c52904f95f419c92dfcd8eaa9c4f47abae284c3892f2491da

        SHA512

        0125d1262ec287c6dae2915c76ec33e9f9b8302f49ed86c6a421a212341d38b363a400f5eeaeee6a7ba24ad02dfced69e4cfafeaa26b661a7629572a46301eab

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        5B

        MD5

        5bfa51f3a417b98e7443eca90fc94703

        SHA1

        8c015d80b8a23f780bdd215dc842b0f5551f63bd

        SHA256

        bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

        SHA512

        4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
        Filesize

        1KB

        MD5

        1ba25895dc793e6826cbe8d61ddd8293

        SHA1

        6387cc55cbe9f71ae41b2425192b900a1eb3a54f

        SHA256

        cc4c5c999ca59e5a62bc3ffe172a61f8cf13cc18c89fe48f628ff2a75bdc508a

        SHA512

        1ff9b34fdbeae98fa8b534ba12501eb6df983cc67ce4f8ffc4c1ff12631aa8ed36ff349c39a2186e0ac8d9809437106578a746eec3854b54fef38a3cc0adb957

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        412B

        MD5

        2b0e32dcc34d5a36726ca5bc56153ed6

        SHA1

        aa60a7fcc8fd03cb3ab4f69eb54d818f071fd38b

        SHA256

        e2b9ea502c0aea49d1637d3d06d76de0b061e085da65618a3e36c5eb0920ed76

        SHA512

        9e94cea4e1d45908fed83892fbeafe26e5dde57bfd15ebf5a8178bbed96fffc669364d43160c212fd963ec532e2bb93797f2454d03c3705eebe918bd760f27ef

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
        Filesize

        182B

        MD5

        e06a13ceb7d8d5780fffbc5de00aee6f

        SHA1

        e9d37ecb68e744d69acbca8b6518772ec20d1b5b

        SHA256

        e0c11b2da26ffb4bc3b49a0fde52fa61697e5e101fd15534460a350dd17cc616

        SHA512

        beeaa3cd2248fca3e538a605b94ceeef7f7bce2a0e408a54e3d3c1ecc150d88ea772ff9ea34e61e06cff1d7692367ba2d011e57d7ea8767017f782ce624ffdea

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\DriverDetective.exe
        Filesize

        4.8MB

        MD5

        20a1a334e7dba7602ce3ff77ecc63f3d

        SHA1

        0a21041fb429089bf3af9cb091c509c2ef1bc4f8

        SHA256

        f18422d5de25ecde52d632de468f22dccd1e581191c02fdca2cd2eb51affa728

        SHA512

        2916dd597e7a8cb2b9211b7e057a79998c7ecd118c10b800ee7c9879d70cda733043c7f4e4773fa924984932a6cf27fe007506775fbb1d1ef1c94b90122a6adb

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Driverpatch.exe
        Filesize

        55KB

        MD5

        648254ac3a7444a670566cc238bc9720

        SHA1

        0ecc9f9960fc3c0b4c6add3af53ecb000aea8962

        SHA256

        efbc2a3f54ead829eaa4754fd83d636781d488f2c98fe076a7bb625e9097f53c

        SHA512

        d0555e9aa6b9146228b86c26716a4033e3ab4df416883564a20e3098025139d0ff494f2e2d9e03931503420cc9c7526e2e5bebe430deee44343b6fd47f111eec

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\MSID264.tmp
        Filesize

        52KB

        MD5

        4a908ee9c6f2f4aad63382cccee731e4

        SHA1

        e572580949f277987fe232757ce88c2ac35e0223

        SHA256

        459f503fb8b4fc4a600261430ac77bf70118d41fa19f7b2620d43ba6e9c8fa5e

        SHA512

        75ba5856df7ed1457b6192e3b12c5dbb9cd0c6860d787357b37d5e2aabdd1dddb1fd6195064cad1b166431a71dee233b76cb6304d8e868050d79c731ef6e567f

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Services.exe
        Filesize

        48KB

        MD5

        2f137b8388eb54bf36c22363de805a4b

        SHA1

        6de92d8599995ea0b6871e4dca3a8cdb15014d1e

        SHA256

        2ae04b709a6ad7709e3b629a4f2051c0b2d45f95fb1fa19563932aca3ddbd6b6

        SHA512

        c722dccf8a1d75e28ba72f85ada8fe51953fc776438fa500f22533f77176ed6bb221160ccc7a72228338bab6e291fdde615035baa530184828f155cfe012a7aa

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\isprd438.rra
        Filesize

        276KB

        MD5

        fc86d87930e34f28f262abdebf087528

        SHA1

        dc08596cca2fee1eabe75e546dd1bb8ff8e88a35

        SHA256

        c5e421747b6f411f30d6c089d8760f98794c2cfc8a0055037bc2141eaab43618

        SHA512

        66737c6fae1de9443a43a2abc22106b7e01bf6692115b1761c888d4bf8c2d58f4e0ded8ca073c5a9d2eb8e20f9c8ef664edb1c2c9215fd87b4bd9f03d563d360

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\0x0409.ini
        Filesize

        5KB

        MD5

        52d179ad79966752ec40a678fd8b0062

        SHA1

        f12df9b03090286d1093b5421aea3acc358cc032

        SHA256

        57e020c41ad0566fb55415a40167a0c3da89584bc4e5f961d8e8c646f80c5590

        SHA512

        b5fb5002f1947a765a83c9a960c378b04adfe7acebbd8be79dca07c73d7ff96f5e988d8b6995c8ba6156a74ecdb0084e543090704080ea3095dbb80835cdf9c5

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\Driver Detective.msi
        Filesize

        2.1MB

        MD5

        73b8936eeaa1cf084eeebc239d2f1191

        SHA1

        877f4a79aacce7a8d6bf79a5db00115deb96e7fb

        SHA256

        195dd0bf0d38c5becce794403bb15f718a721d0b5d727f1189b0af6f99d2023a

        SHA512

        d780a75b48652e0fa178504293d0ca6cab51e48467aa2440e4e322c45b237077be2d166d2aba19a8bfb22e1e6ce96c2717eddc75f68cf0930a9b95049802c41e

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\ISSetup.dll
        Filesize

        1.8MB

        MD5

        272697bb30377100a590e594cf3bc65f

        SHA1

        1f3b36deb25f33e77f9cbaea68a4abd032b5f100

        SHA256

        b1e76b910e0b1f6b56caa12d91514694ef5fc18443f331197ac81fede3250ac5

        SHA512

        d8377180b05506f169a5d8281a0e589dc12bb5420ed36376a269bedd7605e8271af09aaf6f1379b05be7220b29940a05c27b466503c806446ea6db67acc3dd25

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\Setup.INI
        Filesize

        2KB

        MD5

        90133b8985e844065f1a11cdf3d4b615

        SHA1

        39ab09b9ded69598127c41e415cc236b21387ce0

        SHA256

        87aaee01669969d19163cbecf79eb8449d8d6b5302f331aeb5658a7c1567e159

        SHA512

        989a8d22eb0a5779c44b8792b4f2d921bdea8c753ff5ea270c976bdc48cc35bc542d1866d8a54cfda1a069f894d5aa2c4913ff47ae8eebc1e3d9c71fd866dc7e

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\_ISMSIDEL.INI
        Filesize

        605B

        MD5

        ab9c3aa59352bc779de58f6ec38b3252

        SHA1

        84c3d9519a7dd46ddef4d35b678351fe980fcabf

        SHA256

        7671cc281eadd6c79ccdcaad4f09a8028b18427db3829c8ff8ad9a2d431ab205

        SHA512

        cbadb40679a2adc4ab95285f6902be0fa47cfd1cdb6a3dbdbdd8b7d19e5c4713a54d6b02f617839e869318359a22a6aefe0ab1197a94e57d6218b80ab835a22d

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{21E65110-6263-4FB4-AB91-FF92CA113839}\_ISMSIDEL.INI
        Filesize

        11B

        MD5

        3fdd2635aa94921522af8186f3c3d736

        SHA1

        0fe63553e9f993c0cb2cb36b8cdcfba4f4a2650d

        SHA256

        17ad78845c9c6a8e97a5bd14be56700a51ee85867c979ed6cf538e1fed82cf7c

        SHA512

        ebdbeefbdc777937fce516a1cbd9af7c305fc242091d695ad919a27c98fac5b6b16b44130bdf97dbfd10561cce701180b1fbb303d848944c3b33b8a3c058653a

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\Eula.rtf
        Filesize

        20KB

        MD5

        b86222a7a7c892164a3c96491905cde6

        SHA1

        1f740815147b4831a62f81c32c33737ffb5d3b5f

        SHA256

        851f37b2cc863e6901d859c402d501275dd911ba29a04568a9486c9bc4aa954f

        SHA512

        171b923a0484de6ba36b7ecb31e48d9e213a8232403f2029a4137166913bbfd08b4c5782933ce077f0ede7815ba37074c9c12e1883aca7809fa20fccb9f8de6f

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\ISBEW64.exe
        Filesize

        117KB

        MD5

        1d461686b0e32f2decb587c895a05402

        SHA1

        a91882f1522d556ab463aaa6fafb82c4064a3218

        SHA256

        6647c180d9d9c5daeb7a41cacc96ca6722e08bb4a43a04364d37406261dd9804

        SHA512

        1f2df1ffd636900e012c65fe457ae5f1f1d7478baf1f0eac07ff9ace639e3483021af263f3d96bd084352f0c95b73f431565f9b73590e44b94a8cd800da82e3d

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\ISRT.dll
        Filesize

        203KB

        MD5

        eddad4bc2b7e8c423deb9f2711fe653b

        SHA1

        7423ba67726bc90f96f42002c25f4a1f5334029b

        SHA256

        793b3384751f12793d24cf769438aaa7bec47a6b0f22397e8588e83cb8fe4b61

        SHA512

        3515a044950944f58e2989b32368749ffed52786dcaf03c10d49e96cbd0c13c6f9ac5bb1d136ebb0045801a7c10278ba91e945cf72a78c1c641149e9dc9e3b0f

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\_isconfig.xml
        Filesize

        127B

        MD5

        62b72c444e576cfde9a8e48631a89d9d

        SHA1

        eb8f92d0ea4177eb8a5523eeebf0c3ddb066f67d

        SHA256

        8b6c11dcf984d6fdfa3f8f525a659e67baa1add9c61edfa04c0037a6fef5eaf2

        SHA512

        3fe19b83d19f1f9a1eab7248e909927e3432778be6efc577a3aa381e9d10cb962f33fc0a7cbcc1384687d46a9bebc04a6a0b211946aaaa51ef62a9bc08ed3632

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\_isres.dll
        Filesize

        100KB

        MD5

        d94ce5eb6681d17a95dd88e3e7569d6e

        SHA1

        bba1e13f0e92c4c24e1daca291d059c9f881f838

        SHA256

        39161dbaea43f6207bbbf04e4f216d431358433886897b47bd53533290248afc

        SHA512

        a7e9e1174ab2251f3f18289dcd58021278cc8fb18791fe0c12b3b110f2ed9c655bae8745000e09507b9ad7ac65346220ae358cf808bc884c2ab919b59eb7b81b

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\_isuser.dll
        Filesize

        16KB

        MD5

        dd876be4e9872e217c37a887ad25d64b

        SHA1

        5bcc9ca6a415257f5f91ca8c5cd34f44e1c61edc

        SHA256

        3910cb394199ee0798bc0ea6d656b5ffea2fdd173005e3b8fd69b26dd316d624

        SHA512

        39277989e556861fc3bd7bf784ff93a808b0ac5ef06e43657e9390f3c85d23a5eb6a063d0edaf9f92ffaad7fcd90bf1808e76a869f68a00af11263b7f4dc0423

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\{425386E8-F137-4DF5-8FC2-F96218B509EC}\skind438.rra
        Filesize

        24KB

        MD5

        73ac40b84626f9e00b8b10643b727aa8

        SHA1

        e5aa99c371be66b8718ff79850c8d60fa3a7f745

        SHA256

        5b69552987c4f1a18388cecbfcc7c5b20b9fd18bf78e9b002521854bc70f1825

        SHA512

        df172517d3444054a76d69ce8a4a7d67f23656982cc498180bd37f71c98b001aa764b15dc0a8c0faa7d010663a0dc2c7b7cb744275e5a7b3594cc5493f46115c

        Download Submit

      • C:\Windows\Installer\MSI5774.tmp
        Filesize

        54KB

        MD5

        4b6f4f52de80f1a7890c9bd0a7cac5e3

        SHA1

        e45efe29240c68452730fc32327eb3048a162e2d

        SHA256

        2b0f0ef5f0b1421bac638768b590cf1824a8407b47bbcedb5eba48c736b61155

        SHA512

        bd8930de68b070eb8e4d50665fd604e84f587f2dffc5bbbc5d96a70877ffcac8ddfc180449b3aa048acda698d98495c87a30adb88bb94d537135336636afbff4

        Download Submit

      • C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.log
        Filesize

        44KB

        MD5

        67f438f2751b91d09cef1cbbec20d514

        SHA1

        1edf4574f6e5f4063543cf834951624b176c1184

        SHA256

        d3a0ab0b8b17406824061aba56c3045eb3d77353ff71a353aaa173b57cdc91e2

        SHA512

        5f98d1420bac12d0fde20a57799be16f8eb6c59bc5c1a1629eb32b875f8e090fd1cddd06b8aeb3a904857f4740b240bbe120f7d85e20ab979a0138d644377891

        Download Submit

      • C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        412B

        MD5

        63ef7b7191316c8499b60ae82bf616b7

        SHA1

        683bf4d9deee3d3aa2dcfede7966abe470877840

        SHA256

        37d4570136712382b4d3c8b9f3376bb0f63de8ab89e1041193e1e1d5dff35301

        SHA512

        4466f5e25b264fca3cdf3d2637f59a856b7478a6f5c4c2f83c318a37fad65a7fd1a086f28fc6da38c1f72b4481c6af9233b9a192310c66cf29ebbe2a93838a0b

        Download Submit

      • C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        412B

        MD5

        e1d5c1307cf8c289b41bc9a05bc1b5c9

        SHA1

        6ff3dad2613cc80e76aa64f4f92b83489ed0d047

        SHA256

        518c1708869316efa54b4d6394a72fff31f8c2cad1afe0e9c96932b77706a698

        SHA512

        1dc8c7dd5d53b9d133c07f0ff09647638b8b83e31c6ab08da151256337dd660029901a73b853d6178788f93188d0c3e182841d79f00b9ffd7c424f6d2ffb9446

        Download Submit

      • C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        412B

        MD5

        bbf8d7ad0052c63a6b717d5c92f48dc2

        SHA1

        e63a2a8cbfe5a1026132c2bbbe6789450be905a5

        SHA256

        2ebab212e4107bfb922ec0715ab84f04c02f6215d38e3e37a9933033746c9861

        SHA512

        dcec22d6fa65eb72d70873ad523592e6b2fa9f1fcf3e08ecee5b1536e20c1532a2613cbfda6ffd7b7ffab8e00ce94db5bac9bb2f703d8d380139bd621340f19f

        Download Submit

      • C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_9B1AA3369F4D3E257D46E66245F1CC24
        Filesize

        412B

        MD5

        19796a9330345f4964cfe248e911d0d1

        SHA1

        7d93573f2f5cd91a1b3bce8435a21a245bff58ae

        SHA256

        ff666a9b4d8cff1a35b77ab7a0646c8ab9d61ded8a3ad6699649fbba33983782

        SHA512

        f62a875b8ab5647bbc53e65e6fe347075963e4429ab6b74492fca9dd07bf694976a6df316d019ac73c1240340e96878729157751b072a2994e6671d1529adbd5

        Download Submit

      • C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
        Filesize

        182B

        MD5

        637a7a388ca15154409c0291a9fad8ef

        SHA1

        bc0ab93f3eeb92f0d9f307a19c2d25d57dc45b8f

        SHA256

        4ae71b69661c4c59722d62abd56deef6dca7525ca432a65b24c881ca747a0ef8

        SHA512

        856bfc7dd74f00eae494a332ee02dd203f5b4f601427af32a64bae22d35eeff7754c3ffb1153802543fff01a3561139824ef42cba14d66b0b92ee2224fd4c9a2

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2c68539db75e583ae627fdd72a15be71\Accessibility.ni.dll
        Filesize

        25KB

        MD5

        c8c7a383ceb4c4d1df55308ba44f75fd

        SHA1

        7a90edf7bd4488ec42efaabb51f5c9c3560db8e2

        SHA256

        55588bf1f5b0979b2efb09a755d5c6827946040e0ff8a118d8003377c26d03d8

        SHA512

        669b5adf2bdaa29449bd771cb5ee2aa5b48ea8bf67ab7a1b76ff8c31942bb4e39a86b7b8d173624538bd5ef8998976b6ace905894cf68f14c3da841520ee4fa9

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\3bfcce55de97152738a66877859c1363\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
        Filesize

        56KB

        MD5

        8c426cd1111ca715968baa6f3c20d5b4

        SHA1

        542cd6ae984311c52a3aec22d88aa101ef8c3089

        SHA256

        d8c1ba3d8cb4c67eabe795fd5bf9c801be906e55da397725eb3b5be92aa24c80

        SHA512

        74b876d2b61ed02a79cd7eb87c830694875b03f885fd51d4dba9e657cf7dbc578feae1068c9b30542d5ccdb02f4c544a1900868151eba1338c658b7fa025d961

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\8924dca2abfa7b74361227e1d11db97b\DriversHQ.DriverDetective.Client.ni.exe
        Filesize

        2.0MB

        MD5

        63869c7c406bf7e874fd62660ff3a66c

        SHA1

        78481c8b6a0c47d041286e244b498e126f5861fe

        SHA256

        6249fd9d78fc99c5e4c958bcdd8e77886f7f66819bb4b42da3c4febadfaa367b

        SHA512

        e9652d222788a1c7a843c5526fba4f417f37d09858a68f0a099ab9f33d76006c1eb1affadb9f9661088a7dd14313c5de23fd7482a7fed63eb8b15755027a619e

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\bbe8f048d023b57c8704ea140f310270\DriversHQ.DriverDetective.Common.ni.dll
        Filesize

        97KB

        MD5

        4266ae638765c6427812ddd9c0575743

        SHA1

        938b6a293b197b9608ed83c8535931c2e9ebd1c7

        SHA256

        3e18410dc848be752d8fbc030fa8576a976bd6c789954aaec37409c9fe75f487

        SHA512

        6b684bb017c19e5477dcea5a00002900ca036fbdd0580943ba047f22f87bc6dd655b59ebb4591317b7614f5e0961968c22f5392cad6ad44b980d5410195f4382

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\cbebc6699565f81ab6a71034b0f74f9d\DriversHQ.DriverDetective.Client.DirectX.ni.dll
        Filesize

        47KB

        MD5

        9fc0bb859d3d486d247d1da5553d76b2

        SHA1

        a236a86f65fd4cbed8eb1f01e773ad20cdb5a8ae

        SHA256

        c22a711a61e7a114e1a8549145ebbc01d0d5306ef04484d9329a9af1999dba8e

        SHA512

        46da7cf29b326f310589d5134de86c759cd77919035a7743a649a31eb65b032600406f9252cb88ed24a107803984530904dcd27d3dfa60545bc13ada21515f15

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\e667d3f667f0047a38c3557b045953ae\DriversHQ.DriverDetective.Client.Communication.ni.dll
        Filesize

        175KB

        MD5

        3f5a4b97ea99cba7f41cf7a2ae241723

        SHA1

        22369f26900856eff4cc570b5a189acaa627c550

        SHA256

        b5a1ae9659a65d37ebb1803b08ce32b654ddf2a7c0ea1a41712dc49a8a70938c

        SHA512

        b6995480f7c1eecc678b7f8cf2d087ca675d1383dc16c5b9c670205f62da4b5659d2b68769d83a3bbc09cae89d494026a74ed6843307ee4894dbe426aef18ec4

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\1ef7a2d2113426ff5a9d19d7ae957b46\Microsoft.ApplicationBlocks.Updater.ni.dll
        Filesize

        223KB

        MD5

        8f118267096a8bb4f3cd689d0b5c238f

        SHA1

        e0fee601107b2a1b84f35c416afa6104a9292d1e

        SHA256

        0e8e3785ab6c619bb411d4647bf4b275a2743fa14c9dcfa63763fc7904cdb25f

        SHA512

        74f42730a643539d9228a5cb88b5d9eb802c588bd870390053d4661adb70f9a471dd3060e85bc973ccaff5cf1a55e70912f3c3e889a01f90b03f15fdad33dcf6

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\1235d1a10b2c1bccdf118819cb279c5f\Microsoft.JScript.ni.dll
        Filesize

        2.2MB

        MD5

        b37c20d91e5baff2d30b0d636a2c209c

        SHA1

        84483060e49c319714273dafbde20fb0d576867b

        SHA256

        e2b7cde044da1dfdb4aeb3f225dbca6c53ae0524fb4b6cd49fea31521f2db5e9

        SHA512

        2c3b6df4e0d354b73434b03065d8cc1706b224b027c03bc5e17614ffec0c6a79e3c02735d3099349130d2c0f3df7aaffbd5de0ac388dc8a5e7a49875f15d35d8

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\718c348bda5740d0f31ace01d3ed8fcc\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
        Filesize

        145KB

        MD5

        7a98e079fc8c7ff4c2d888f5b390bfe7

        SHA1

        193a04c11a23415afa5cc9ed0deb1ca7752ef6ef

        SHA256

        af55152e6327c4f5d6ae1d38dc3641d107e269fe9ab39a69b927cef8cadddbea

        SHA512

        eff712e47c8eee7dbe8e52e05f4476c0c4df780689ce61966224a60ae9a807b904b243c208486032cabdb6a1fc7ff9cbd195706da008d84cb8114b184188cfb9

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\7f1f8e6037d9bef7eec176bc32e5dd8c\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
        Filesize

        301KB

        MD5

        bb2dd9d6b6d3897c103227445f955e7a

        SHA1

        1140a4ebacc0928a6cd70b168d6a2ed5670b514b

        SHA256

        95e99ef8ba60028d5a26fef4cd3bc0022f35a935635b212301680ed8a73a89ef

        SHA512

        82521d395a813591a0e540cf46dd1f75508c68134052468988120107639def0f4e0c0cd5210b42eb453f30103cd1ac919d0f41aef74c80e83f95b67af0506683

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\a2a5a0dfe6c6afb6e6bcf1bb16c5b970\Microsoft.Practices.ObjectBuilder.ni.dll
        Filesize

        296KB

        MD5

        2e25e4c5aecc74b082376c4b5ecb4938

        SHA1

        b3b0f44ba7ba728b4dc9fd262b871a0538c63b04

        SHA256

        91bbd08c692038524c2f7b22884abc9a4892fb0b6da0e0e2073a25d7c4d5e554

        SHA512

        ee711fa2689cee206aad004e1493631ef8dd6618593d5019fbff38a2af5b8cd39460928dbf15808185468ed7cb72cbf08ccaeb86d2189752556ba18c87535e71

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\574e82db6b0f08cfa6c354a8c530eee2\Microsoft.VisualC.ni.dll
        Filesize

        15KB

        MD5

        01d23f6812fe23c0ce53c3fd1e1d1f34

        SHA1

        943b6ad66eae548473d9e093a35290e421de7a7d

        SHA256

        32a2b9d92ec3446635a6f9cb21acfb662ba5a1f1b5e725d6ec763438426a9962

        SHA512

        7df32aa18e90d856e982c555d040e7ceabada7e127a927ac7962d6276079d3e1ab9a1e9a824c67b7a0805ed3c4015de41b9f6b133af956def360dd8485cb9e7e

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\10e71e68c34b88d218ba4d0f66afcd97\Microsoft.Vsa.ni.dll
        Filesize

        54KB

        MD5

        ef7cf928defeb6d39276044d3d826d79

        SHA1

        8c7b0947f5c6ab529806e9f7cc7e3ebcfd433739

        SHA256

        34d9d84e4beadaa8621973d2d3a0a0e86f65f0119c6495edc37ebb764cbdef24

        SHA512

        3b5727d8d8b8d07de3d341f969e37c78287341c1af7df88d13988fc4a7a7ac142ad28e8f63980506b657f9208eb6b783e2179e08f5f5e33dd05c39108c9eb4bb

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\611ffd8fff7c0284ff774f1020615bfa\System.Configuration.Install.ni.dll
        Filesize

        138KB

        MD5

        e038d64d34bc584a554a6281edc8c228

        SHA1

        ad4c9d87357531c1978ec5855023bd80a37a7895

        SHA256

        3fe4993755e07639419a3905f331abb6dc156968c6f2e49bcd14156d6bf729e5

        SHA512

        f09c55227ab5863d0688a53fef584266f690c60d1d16fec5e60f9561dd14862059a59778975a143fbc8725f61b173efdcad90f6b3e6636c20c72fc6a543e1385

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\50c39c809e312905339e9d74496ecd00\System.Configuration.ni.dll
        Filesize

        955KB

        MD5

        4990dd6603ba3479ecc73fa52da8b155

        SHA1

        8bdc7e58144a9714537f7415ff14bd47b0b15f21

        SHA256

        88d7bf86a81d78d6cc26e3e740cb2552b0daab107a6fe57ff29b3a8b4c765d01

        SHA512

        7c5ab15c8c5dc5c210ec49a56b422a53fd648d805f4e6211ff0f66a81a78dc32f33d4f026f9d7b8b116eb3c0a6d5aafeed4749054b8238d14fb6258b27172dc7

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0e0f9e36df1c27f4678f09942864c9af\System.Data.OracleClient.ni.dll
        Filesize

        1.1MB

        MD5

        0ec47acd4f820931ab96d7ebc524e9ef

        SHA1

        7305e6b9de6dbcda8b0d9ec9aceb33f35181c03e

        SHA256

        5d24f91ebb1824af1d1b61ec43d3d50f025678570b5bf3f873f41e0640e36dae

        SHA512

        28f59fb366caf78afbe149c2a612b9aa618b2667b3f93da814f3b848dd17ca9490fd5154a1ca64a12d62033bbcd5be6b777a3b6861b9c7eb52fe1ab5796a8547

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\2bf6d78fa46125ef60dd084028ef4d8c\System.Data.SqlXml.ni.dll
        Filesize

        2.4MB

        MD5

        fd8567cee64f4ce0a2e379c07adfe6e3

        SHA1

        7f46520023013b7563004bd2dac830816029b9e3

        SHA256

        e2db1ccf6218e8aef23603a2672348161351ece68b78f5e1b74301bf2a9f354f

        SHA512

        35ec5d23548c8e6d367eba031c62b933b56cc269f917e726e74d2ff1c077a88e08bf76ba2a2122d7146fcb950ccf6765c99b4112e5ff11edbac5a6b855ea729b

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eaae44035dbd83a24255786d2aa9eef1\System.Data.ni.dll
        Filesize

        6.3MB

        MD5

        0e5ef58a5c1ef441d6203b9646569ae7

        SHA1

        65874e3a59eeec9bb8147e4f459a303de91c4100

        SHA256

        548f3755733ca180ea1a4e7782dcbc17006922b80586e9208b413be95d2154da

        SHA512

        a1537470ad190ffe22bbd08d330bf3123a9ab20fce35270588c0bd23dec475c8a64acea1c4872c47d6f3dfdaca42886890e05d8f822373fca0236fc5762089da

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\6a2516126ffd58d75fd9b63d965be6e3\System.Deployment.ni.dll
        Filesize

        1.6MB

        MD5

        858999ee084d930465c568a31bad0fc1

        SHA1

        9715cceab0b7341646d15000394924481a157c2d

        SHA256

        9cd9d565f993759fd579bd153782d66332a6df9d4f38668fc0612d5fd6c3efbf

        SHA512

        8348d3c78ec084f18a906d5a17a1bb169b4bd28fc31de413f0340cd12bc94427a23d410a81ae952bce5a5abe837f0210dae778d95ec8ec23098d204badc563d4

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\b345b1f734ea3aea3540caf55869215a\System.Design.ni.dll
        Filesize

        10.2MB

        MD5

        29fe4a231b7fadd9b66a1b59e7876033

        SHA1

        aa596d8d462dab324a10a812831d1bb7ede8adfc

        SHA256

        7a1135452728669b1cb452c58a969a9c30f5e5cadc048d4b03a21f99adf6528d

        SHA512

        c1e0195c546afb894d12f34b072c67e79bbe1f4dda500a7d821fb3d2010824f51d836794cd9484d4e2f1673486e5ab122cf88125cb2ac58a23f88207ed086514

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\16ebe8df2036040bf7b16fbb0b441d63\System.DirectoryServices.ni.dll
        Filesize

        1.1MB

        MD5

        83549945235b83efb6078a1bb43a5ddc

        SHA1

        eb3b8496948c891b07376222a058f7ed2f863799

        SHA256

        f8cca9ed968d1f6244dda022faa84032e6ebec36168d4fb396ad8d01597f356a

        SHA512

        e55e4baf49291b160f0dce9ef68ee1328496d3263a0469c4c65b7626d6f1a67fa2798f4b47d1991201743033c95421c83fc3ff836aca7b1e65c18bd073eb0f79

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\2d96546698256d818114d8a17215f513\System.DirectoryServices.Protocols.ni.dll
        Filesize

        444KB

        MD5

        ec4f188e5ea5045a76ec135a2b1871cf

        SHA1

        e82130863879e52e9833aeb34e8a8d613d0926aa

        SHA256

        7dddd2359338f8c5e8879d64c4a8583c930fa98b079fc6edad0e96e3d027cbcd

        SHA512

        69cada3a6274863b524ee160848c99f2b0979b6e9ba5a205266604382cf5e3ae26277d216c1cb15302782fe15c84f3238ba98b0f0a1d15c054848c78da18df38

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\30bacfb052519296a25d585d62d65f0e\System.Drawing.Design.ni.dll
        Filesize

        203KB

        MD5

        ad8de415732fcf19dcb2df89ddfe3159

        SHA1

        7ab07013e4d4a6f0a23e9571b1b175d9e65d7652

        SHA256

        7aba2361cde5cf74436533f0da387b83c7e47ed254c2a92fdc9085445e20739e

        SHA512

        81c8bc4af3bc9d0ce42f903f58456f411f6f5ac31cb569391c31cf5274181a618b2b01f086fc8e39bb24a763accf3c1e3660d4129ad40f53c968f83e5a9ecab5

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\14ad09938f3197fce462d47b2194bd45\System.Drawing.ni.dll
        Filesize

        1.5MB

        MD5

        1777b41cb2741762a6fceefd99bba158

        SHA1

        3dd8eee460a20e52689a116103cfa3a43b159d19

        SHA256

        a549546bdf9b32979033c151fe1ca370f2661570f4637d21138ac4ace369a73a

        SHA512

        554322ba20e331bd96268842294f71acdbec70765d8c82c51d06c9261a4c284578b26af7efbeec4b072f1ea5b50514a6bcc290343fc12c87b1afa7597ec543f6

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\bd2663637d8b93a187e67959328f54fe\System.EnterpriseServices.ni.dll
        Filesize

        613KB

        MD5

        0314d12a843f739fe5cd750fdff0289c

        SHA1

        61d925baf5f080132b62cafd3d1ff8a76ce6a477

        SHA256

        90f1074270765c0908c6527ca8a86d4199b241e87f2dc5c84ada42c5d966776e

        SHA512

        997a22727aae924fb467a057a484975d5b3b460f2070b5acfcbc86f8cb8a0d19ee682332d3aa3b2281c63eb7a91b98399ab5a64fc8476fba79d6c10adc5f458c

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\72c9cb72b835b7c30c4f78fe745aaf81\System.Management.ni.dll
        Filesize

        1.0MB

        MD5

        4a00b10826c6299d6018d765185f8cda

        SHA1

        3e7403d0e7a4ea3eac6c44caf8ca175c61b1b223

        SHA256

        417dec98ef88be4290ff79dc716552ff3546a1eef29b5c8efd21bdae514d98a1

        SHA512

        42c1d6ce3a6a5fd584360a3c73b35dfa413ab64897a4f781f4eea0c961161e1ee1155d417ee67dc5b67aa22bf0645990937fd3087a2837692ca963e04c6afee4

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7f272c19ef36ca26a6716b3ce65ba06\System.Runtime.Remoting.ni.dll
        Filesize

        756KB

        MD5

        1ca868c0ac37fc6cff2e1ed835a38cd6

        SHA1

        34f7a8b37af4e35d7ee07eaaca4aa06422e739ff

        SHA256

        d3e76742f3c6266a039769e51a4b5f419f5d016a1d68b70e8bb136bd2dd590e4

        SHA512

        fcd95cbe91b768620c74c53b1cb5365ff40fde039a525835572322c48e3750e79a8920f797a32e709b4bea4cf6a77a65d5210cbc2e8e1b4363c3c0d22abb4f5d

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfa1161e5e8a708ebafb06503d3ea591\System.Runtime.Serialization.Formatters.Soap.ni.dll
        Filesize

        303KB

        MD5

        81116a8852efd011051d9891498970ad

        SHA1

        784bdae7ec804a5757405287bd5e1b4a2817a730

        SHA256

        8f8dd22755618fc224856a4a116f9434bac9aa3b1ad023fba70233f74d4a760e

        SHA512

        f5e2b282c7ef29f91ea43e5f0c935315ca78663f0068e656c422ea622f4ff05150f6ff97764f39ce40246fb8e0f01f430ca3e23c7d15f87883180c18bd718e6c

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\6358a966b003f859eb24e6c49d3bb7fa\System.Security.ni.dll
        Filesize

        705KB

        MD5

        9f33792c2dd85df9f6f356ac2761d5a9

        SHA1

        52236ee0a57ac0b135fa68e70adb8f1582b979a1

        SHA256

        497a442b45d20a888bd7f57b2bd3b39867752b1304109a414ccca565f1bdd9eb

        SHA512

        0d8d7ca85b6f68bb890391c0490bedf80efd2360fdc9e861038dedf5cff43519ec77ec6b7c5a9976f427d9690e2e94d96572b29f9fdffb4abe46d62c94a4458f

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abc482a81715bf779d3138355f99283f\System.ServiceProcess.ni.dll
        Filesize

        219KB

        MD5

        594ecb1346fa642970e336852647a24b

        SHA1

        296fb9e6aa2b62e58562397d0b815fe3b5593c2e

        SHA256

        043568069f8dd1438c3d5f9e93f02329c25793e614dd39acf0ad1322e8175f9f

        SHA512

        554fa415ea52a6250d1f0a40c6e905ce1c096114f6480d94fdb95716f3a1f9434a69e93383ebfd8dc8fe27cb54e668395c3d763847220fbaf9e663050736a7d0

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\391b0d05b44d909e89c784995e964aa1\System.Transactions.ni.dll
        Filesize

        612KB

        MD5

        cd0552ae9ef192595a77292a45b87e21

        SHA1

        29dc417a2547f08b2aa1b537e63429a12d88d662

        SHA256

        b728af1b74b97e7ca828c7eaf297a100b384ad1d90df35304cd56a6e28580849

        SHA512

        ed222c33ce9fb01be88430f63ca1fd6fd46d10d6df2573128497e8e9e493a6b328944edd66793da1f9151aea0b1a4e0d1c89e85260d3a6763584b2e872d18142

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\01d6f732622814b1e863a201924278f0\System.Web.RegularExpressions.ni.dll
        Filesize

        248KB

        MD5

        1bafe0bd53dbe522e0a8a99937b00b54

        SHA1

        872a705244b421c966500bf964d0302069d065f2

        SHA256

        90c450b59896e2a0996cb3405e87ba053465ff26fe7a4099fc521398f282e796

        SHA512

        147ed06e64e9d68501231ff6cc1ca8c1ce621f39be1c198e85ac172ab8d933cb2f0a6005eb24b1713b2a7cf24dac5744e68720a3728a810b80c79279fee0e423

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\4c1da9372aeef07827689ca3afe5d28e\System.Web.Services.ni.dll
        Filesize

        1.8MB

        MD5

        5584d2a9ef894cadfc271215e4fc84ff

        SHA1

        24cbddcd375c61708c43deeec5b0446257b535e6

        SHA256

        985d5c5e0781573a6bcc50bef8eaa624303cee239b0ed8b6921f570d4e21b336

        SHA512

        62f70cd7a6b5e1b3d5186349ff1b9033631df6e2647b4a036888c6486db7dd97ab52a54ce1d8d6803c0e95a36c595d0a93b5581ca35232a9832f079b1d5e56f7

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e2dbd9e164bfad626e4b00b772242ecc\System.Web.ni.dll
        Filesize

        11.4MB

        MD5

        2eaa2acb0b3adca1d5431bcf352ef222

        SHA1

        513e01dbce727afa548f37aa7e4c1e3d30227cda

        SHA256

        9df42ff477f9b36e0c2f116182239953c6476b9cc019a9ab4912294926108538

        SHA512

        586d20cf97750ce83ce2417810fb036319fdd5e05a0f4318d2b704f8c46f40c63c92a3593198ffdd528b5a9cf70a1114bb81430f92263ba886e5ed1a21a7af65

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d0c47ad5e4d501b35e43a088535e589f\System.Windows.Forms.ni.dll
        Filesize

        11.9MB

        MD5

        7504e4158cdca056f7b7ec0c2d99337e

        SHA1

        9a0feb906318f65d0be06d682ce191525124ad30

        SHA256

        6f83ea368ba764c5f2832ba4975c0cb2ffc000708c1ecf603f3130016e39d142

        SHA512

        ba4e9e2a1f0c9532787519620f1d714c5b27cb5eddb5513a137c284062ce15e7122ab37d07363a75567b9d2a849d0f64ffeaa997fa5ca9e3f9eb414ca8943128

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4e31e183cb14c0cb0ef25463997f7af9\System.Xml.ni.dll
        Filesize

        5.2MB

        MD5

        aadbe0249d57d7e9a3be8f38b2eefac5

        SHA1

        5c58bb8a226b7348dd2e066041a80472751cee00

        SHA256

        1d669ecca4017e8be44b1dafb52155a77d5632acdda10ad94688abe5f06f6480

        SHA512

        835c206b482c1610d70bcf1d60810c8eef696491eb9cc9d11ee411c6f98d53a9ae120edfe52ef0998541adee7bf1c286db0ff103cac7d68804dfff4a400b193f

        Download Submit

      • C:\Windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\c539c932221bd8b325217120707a9d7c\XPBurnComponent.ni.dll
        Filesize

        116KB

        MD5

        f063138f6acd448e28bdf71b6bc247df

        SHA1

        40796c0c759793f86f69aa74cf317b172bf75495

        SHA256

        f9595d87360d8909de0730d34656513c9c1259515dc4273f2ae5d6c1cd968bf7

        SHA512

        459a1afebb677a19898cf143adc3428a5e1539ca6ca6a699841a7e8dbf42ccde88e526f90ec777d05bcc4e5a352b045c0f2fd20b35874e741d79e339c6866e7a

        Download Submit

      • memory/1424-5224-0x0000000010000000-0x0000000010196000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/1424-5225-0x0000000006C30000-0x0000000006CBE000-memory.dmp

        Filesize

        568KB

        Download

      • memory/1424-146-0x0000000010000000-0x0000000010196000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/1424-263-0x0000000006CC0000-0x0000000006D26000-memory.dmp

        Filesize

        408KB

        Download

      • memory/1424-249-0x0000000006C30000-0x0000000006CBE000-memory.dmp

        Filesize

        568KB

        Download

      • memory/1424-5228-0x0000000010000000-0x0000000010196000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/1424-225-0x0000000006C30000-0x0000000006CBE000-memory.dmp

        Filesize

        568KB

        Download

      • memory/1424-5302-0x0000000010000000-0x0000000010196000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/1424-5229-0x0000000006C30000-0x0000000006CBE000-memory.dmp

        Filesize

        568KB

        Download

      • memory/2092-23-0x0000000000400000-0x000000000040E000-memory.dmp

        Filesize

        56KB

        Download

      • memory/3544-96-0x000000007FFC0000-0x000000007FFC6000-memory.dmp

        Filesize

        24KB

        Download

      • memory/3544-94-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3868-100-0x0000000010000000-0x0000000010011000-memory.dmp

        Filesize

        68KB

        Download

      • memory/3868-102-0x0000000000400000-0x0000000000408000-memory.dmp

        Filesize

        32KB

        Download

      • memory/3868-91-0x0000000010000000-0x0000000010011000-memory.dmp

        Filesize

        68KB

        Download

      • memory/3868-93-0x0000000010000000-0x0000000010011000-memory.dmp

        Filesize

        68KB

        Download

      • memory/3868-89-0x0000000000400000-0x0000000000408000-memory.dmp

        Filesize

        32KB

        Download