Combofix log'um - ReadBull.net

19-09-2019, 11:58:32

#1
Diaz

Açık Profil bilgileri

Özel Mesaj Gönder

Diaz tarafından gönderilen tüm mesajları bul

Diaz'ı arkadaş olarak ekle

Platinum
log aşağıdaki gibidir xhunter.sys adlı dosyayı avg virus olarak goruyor ntkrnlpa.exe ile ilişkili oldugunu soyluyor 5 gn once kredi kartı alışverişimden sonra hesbaımdan baskası tarafından 260tllik harcama yapıldı iş savcılıkta ama olaydan sorna virus taraması yaptıgında şunlarla karşılastım sığmadığı icin keseek birleştirdim

buda loglar

ComboFix 14-07-21.01 - safaaaa 22.07.2014 16:54:12.3.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1254.90.1055.18.1973.1184 [GMT 3:00]
Running from: c:userssafaaaaDownloadsComboFix.exe
AV: AVG Internet Security 2014 *Enabled/Updated*
FW: AVG Internet Security 2014 *Disabled*
SP: AVG Internet Security 2014 *Enabled/Updated*
SP: Windows Defender *Disabled/Updated*
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2014-06-22 to 2014-07-22 )))))))))))))))))))))))))))))))
.
.
2014-07-22 13:59 . 2014-07-22 13:59 -------- d-----w- c:usersDefaultAppDataLocaltemp
2014-07-20 07:29 . 2014-07-20 07:29 -------- d-----w- crogram filesAnyOTPSetup
2014-07-19 13:12 . 2014-07-19 13:12 -------- d-----w- crogram filesApoint2K
2014-07-19 13:11 . 2014-07-19 13:11 122688 ----a-w- c:windowssystem32Vxdif.dll
2014-07-19 13:10 . 2014-07-19 13:10 415536 ----a-w- c:windowssystem32driversApfiltr.sys
2014-07-19 13:09 . 2014-07-19 13:09 -------- d-----w- crogram filesCommon FilesATI Technologies
2014-07-19 13:07 . 2014-07-19 13:07 84480 ----a-w- c:windowssystem32DelayAPO.dll
2014-07-19 13:07 . 2014-07-19 13:07 78848 ----a-w- c:windowssystem32driversAtihdW73.sys
2014-07-19 10:32 . 2014-07-19 10:32 15528 ----a-w- c:windowssystem32driversamdkmafd.sys
2014-07-19 09:37 . 2014-07-19 09:37 -------- d-----w- crogram filesSynaptics
2014-07-19 09:37 . 2014-07-19 09:37 28656 ----a-w- c:windowssystem32driversSmb_driver_Intel.sys
2014-07-19 09:29 . 2014-07-19 09:29 506728 ----a-w- c:windowssystem32driversiaStorA.sys
2014-07-19 09:29 . 2014-07-19 09:29 25448 ----a-w- c:windowssystem32driversiaStorF.sys
2014-07-19 09:25 . 2014-07-19 09:25 -------- d-----w- crogramdataUniblue
2014-07-19 09:25 . 2014-07-19 09:25 -------- d-----w- crogram filesUniblue
2014-07-18 10:06 . 2014-07-18 10:06 -------- d-----w- crogramdataAvg_Update_0614i
2014-07-18 09:13 . 2014-07-18 19:34 -------- d-----w- crogram filesPowerISO
2014-07-18 09:06 . 2014-07-18 09:39 -------- d-----w- crogram filesUltraISO
2014-07-18 07:02 . 2014-07-18 07:02 -------- d-----w- c:usersDefaultAppDataRoamingTuneUp Software
2014-07-18 06:54 . 2014-07-20 22:56 -------- d-----w- crogram filesWinToFlash Suggestor
2014-07-17 22:05 . 2014-07-17 22:05 283648 ----a-w- c:windowssystem32XpsGdiConverter.dll
2014-07-17 22:05 . 2014-07-17 22:05 135168 ----a-w- c:windowssystem32XpsRasterService.dll
2014-07-17 22:05 . 2014-07-17 22:05 739840 ----a-w- c:windowssystem32d2d1.dll
2014-07-17 22:05 . 2014-07-17 22:05 1074176 ----a-w- c:windowssystem32DWrite.dll
2014-07-17 22:05 . 2014-07-17 22:05 801792 ----a-w- c:windowssystem32FntCache.dll
2014-07-17 22:05 . 2014-07-17 22:05 218624 ----a-w- c:windowssystem32d3d10_1core.dll
2014-07-17 22:05 . 2014-07-17 22:05 161792 ----a-w- c:windowssystem32d3d10_1.dll
2014-07-17 22:05 . 2014-07-17 22:05 728448 ----a-w- c:windowssystem32driversdxgkrnl.sys
2014-07-17 22:05 . 2014-07-17 22:05 219008 ----a-w- c:windowssystem32driversdxgmms1.sys
2014-07-17 22:05 . 2014-07-17 22:05 1495040 ----a-w- c:windowssystem32ExplorerFrame.dll
2014-07-17 22:05 . 2014-07-17 22:05 1170944 ----a-w- c:windowssystem32d3d10warp.dll
2014-07-17 22:05 . 2014-07-17 22:05 107520 ----a-w- c:windowssystem32cdd.dll
2014-07-17 22:05 . 2014-07-17 22:05 442880 ----a-w- c:windowssystem32XpsPrint.dll
2014-07-17 10:42 . 2012-07-04 21:23 41472 ----a-w- c:windowssystem32browcli.dll
2014-07-17 10:42 . 2012-07-04 21:23 102912 ----a-w- c:windowssystem32browser.dll
2014-07-17 10:42 . 2012-05-14 04:37 768512 ----a-w- c:windowssystem32localspl.dll
2014-07-17 10:21 . 2010-01-09 06:52 132608 ----a-w- c:windowssystem32cabview.dll
2014-07-17 10:16 . 2014-07-17 10:16 -------- d-----w- c:windowstr
2014-07-17 10:15 . 2014-07-17 10:15 -------- d-----w- crogram filesMicrosoft SQL Server Compact Edition
2014-07-17 10:14 . 2014-07-17 10:14 -------- d-----w- c:windowsPCHEALTH
2014-07-17 10:12 . 2012-06-02 22:19 53784 ----a-w- c:windowssystem32wuauclt.exe
2014-07-17 10:12 . 2012-06-02 22:19 45080 ----a-w- c:windowssystem32wups2.dll
2014-07-17 10:12 . 2012-06-02 22:19 1933848 ----a-w- c:windowssystem32wuaueng.dll
2014-07-17 10:12 . 2012-06-02 22:12 2422272 ----a-w- c:windowssystem32wucltux.dll
2014-07-17 10:11 . 2012-06-02 22:19 35864 ----a-w- c:windowssystem32wups.dll
2014-07-17 10:11 . 2012-06-02 22:19 577048 ----a-w- c:windowssystem32wuapi.dll
2014-07-17 10:11 . 2012-06-02 22:12 88576 ----a-w- c:windowssystem32wudriver.dll
2014-07-17 10:11 . 2012-06-02 12:19 171904 ----a-w- c:windowssystem32wuwebv.dll
2014-07-17 10:11 . 2012-06-02 12:12 33792 ----a-w- c:windowssystem32wuapp.exe
2014-07-17 09:44 . 2014-07-17 09:50 -------- d-----w- crogramdataAVG2014
2014-07-17 09:43 . 2014-07-22 11:54 -------- d-----w- crogramdataMFAData
2014-07-17 09:43 . 2014-07-17 09:43 -------- d--h--w- crogramdataCommon Files
2014-07-17 08:57 . 2014-07-17 08:57 -------- d-----w- crogram filesMicrosoft.NET
2014-07-17 08:30 . 2014-07-17 10:15 -------- d-----w- crogram filesWindows Live
2014-07-17 08:27 . 2014-07-17 09:44 -------- d-----w- crogram filesAVG
2014-07-17 08:24 . 2014-07-17 08:24 -------- d-----w- crogram filesXenocode
2014-07-17 08:23 . 2014-07-17 08:23 -------- d-----w- crogram filesVideoLAN
2014-07-17 08:10 . 2009-11-25 19:47 49472 ----a-w- c:windowssystem32netfxperf.dll
2014-07-17 08:10 . 2009-11-25 19:47 297808 ----a-w- c:windowssystem32mscoree.dll
2014-07-17 08:10 . 2009-11-25 19:47 99176 ----a-w- c:windowssystem32PresentationHostProxy.dll
2014-07-17 08:10 . 2009-11-25 19:47 295264 ----a-w- c:windowssystem32PresentationHost.exe
2014-07-17 08:10 . 2009-11-25 19:47 1130824 ----a-w- c:windowssystem32dfshim.dll
2014-07-17 08:09 . 2014-07-17 08:09 -------- d-----w- crogram filesCommon FilesPX Storage Engine
2014-07-17 08:09 . 2014-07-17 08:10 -------- d-----w- crogram filesWinamp
2014-07-17 08:08 . 2010-08-11 04:44 2983424 ----a-w- c:windowssystem32UIRibbon.dll
2014-07-17 08:08 . 2010-08-11 04:35 1164800 ----a-w- c:windowssystem32UIRibbonRes.dll
2014-07-17 08:08 . 2010-05-23 10:11 196608 ----a-w- c:windowssystem32mfreadwrite.dll
2014-07-17 08:08 . 2010-05-23 10:11 3181568 ----a-w- c:windowssystem32mf.dll
2014-07-17 08:08 . 2010-05-23 10:15 1619456 ----a-w- c:windowssystem32WMVDECOD.DLL
2014-07-17 08:05 . 2014-07-17 08:05 -------- d-----w- crogram filesCommon FilesWindows Live
2014-07-16 23:42 . 2014-07-16 23:43 -------- d-----w- crogramdataPackage Cache
2014-07-16 21:51 . 2014-07-16 21:52 -------- d-----w- crogramdataVodafone
2014-07-16 21:51 . 2014-07-16 21:51 -------- d-----w- crogramdataMacrovision
2014-07-16 21:51 . 2014-07-16 21:51 -------- d-----w- crogramdataFLEXnet
2014-07-16 21:51 . 2014-07-16 21:51 -------- d-----w- crogram filesVodafone
2014-07-16 21:51 . 2014-07-16 21:51 -------- d-----w- crogram filesCommon FilesInstallShield
2014-07-16 21:16 . 2014-07-17 15:54 -------- d-----w- crogram filesUnlocker
2014-07-16 19:23 . 2014-07-16 19:30 -------- d-----w- crogram filesGoogle
2014-07-16 18:57 . 2014-07-14 01:12 8217224 ----a-w- crogramdataMicrosoftWindows DefenderDefinition Updates\mpengine.dll
2014-07-16 18:57 . 2014-03-31 06:35 231584 ------w- c:windowssystem32MpSigStub.exe
2014-07-16 18:54 . 2014-07-16 18:02 -------- d-----w- c:windowsPanther
2014-07-16 18:34 . 2014-07-16 18:34 0 ----a-w- c:windowsativpsrm.bin
2014-07-16 18:32 . 2014-07-16 18:32 867240 ----a-w- c:windowssystem32npDeployJava1.dll
2014-07-16 18:32 . 2014-07-16 18:32 789416 ----a-w- c:windowssystem32deployJava1.dll
2014-07-16 18:32 . 2014-07-16 18:32 94632 ----a-w- c:windowssystem32WindowsAccessBridge.dll
2014-07-16 18:32 . 2014-07-16 18:32 -------- d-----w- crogram filesJava
2014-07-16 18:31 . 2014-07-16 18:31 -------- d-----w- crogram filesMicrosoft Silverlight
2014-07-16 18:29 . 2013-02-22 01:40 16880 ----a-w- c:windowssystem32driversiusb3hcs.sys
2014-07-16 18:29 . 2009-07-14 08:27 1461992 ----a-w- c:windowssystem32WdfCoInstaller01009.dll
2014-07-16 18:28 . 2012-02-04 10:27 1118312 ----a-w- c:windowssystem32driversrtl8192se.sys
2014-07-16 18:27 . 2009-07-17 11:46 1168880 ----a-w- c:windowssystem32driversBisonC07.sys
2014-07-16 18:27 . 2009-06-11 10:22 188416 ----a-w- c:windowssystem32BisonR07.dll
2014-07-16 18:27 . 2009-06-06 16:25 135168 ----a-w- c:windowssystemBisonV07.dll
2014-07-16 18:27 . 2009-01-04 16:48 191016 ----a-w- c:windowssystem32BisonCoi.dll
2014-07-16 18:27 . 2009-06-06 16:25 360448 ----a-w- c:windowssystemBisonC07.dll
2014-07-16 18:26 . 2014-07-19 13:08 480256 ----a-w- c:windowssystem32atieclxx.exe
2014-07-16 18:26 . 2014-07-19 13:08 209408 ----a-w- c:windowssystem32atiesrxx.exe
2014-07-16 18:26 . 2010-08-27 18:32 294912 ----a-w- c:windowssystem32ATIODE.exe
2014-07-16 18:26 . 2009-06-22 15:34 45056 ----a-w- c:windowssystem32ATIODCLI.exe
2014-07-16 18:26 . 2009-05-11 21:35 118784 ----a-w- c:windowssystem32atibtmon.exe
2014-07-16 18:26 . 2014-07-19 13:08 6176008 ----a-w- c:windowssystem32atiumdva.dll
2014-07-16 18:26 . 2014-07-19 13:08 125824 ----a-w- c:windowssystem32atiuxpag.dll
2014-07-16 18:26 . 2014-07-19 13:08 6189416 ----a-w- c:windowssystem32atiumdag.dll
2014-07-16 18:26 . 2014-07-19 13:08 97984 ----a-w- c:windowssystem32atiu9pag.dll
2014-07-16 18:25 . 2014-07-19 13:08 1027544 ----a-w- c:windowssystem32aticfx32.dll
2014-07-16 18:24 . 2014-07-19 13:08 594944 ----a-w- c:windowssystem32atiadlxx.dll
2014-07-16 18:24 . 2013-03-29 01:32 43520 ----a-w- c:windowssystem32ati2edxx.dll
2014-07-16 18:24 . 2013-03-29 02:00 62976 ----a-w- c:windowssystem32coinst_12.104.dll
2014-07-16 18:24 . 2013-03-29 02:13 798734 ----a-w- c:windowssystem32amdocl_ld32.exe
2014-07-16 18:24 . 2013-03-29 02:13 995342 ----a-w- c:windowssystem32amdocl_as32.exe
2014-07-16 18:24 . 2014-07-19 10:06 -------- d-----w- c:windowssystem32RTCOM
2014-07-16 18:24 . 2014-07-16 18:24 -------- d-----w- crogram filesRealtek
2014-07-16 18:22 . 2012-07-26 03:39 526952 ----a-w- c:windowssystem32driversWdf01000.sys
2014-07-16 18:22 . 2012-07-26 03:39 47720 ----a-w- c:windowssystem32driversWdfLdr.sys
2014-07-16 18:22 . 2012-07-26 02:46 9728 ----a-w- c:windowssystem32Wdfres.dll
2014-07-16 18:22 . 2013-05-13 11:33 65200 ----a-w- c:windowssystem32driversdc3d.sys
2014-07-16 18:22 . 2013-05-13 11:33 44208 ----a-w- c:windowssystem32driverspoint32.sys
2014-07-16 18:22 . 2013-05-13 11:33 1629040 ----a-w- c:windowssystem32WdfCoInstaller01011.dll
2014-07-16 18:22 . 2013-05-13 11:33 2210992 ----a-w- c:windowssystem32coin94.dll
2014-07-16 18:21 . 2011-11-17 17:11 125456 ----a-w- c:windowssystem32driversJME.sys
2014-07-16 18:21 . 2009-09-18 02:54 41088 ----a-w- c:windowssystem32driversHECI.sys
2014-07-16 18:20 . 2013-04-26 07:40 148720 ----a-w- c:windowssystem32driversjmcr.sys
2014-07-16 18:20 . 2010-07-27 06:08 203352 ----a-w- c:windowssystem32jmcricon.dll
2014-07-16 18:11 . 2014-07-16 18:12 -------- d-----w- crogram filesCommon FilesAdobe
2014-07-16 18:10 . 2014-07-16 18:11 -------- d-----w- crogram filesTeamSpeak 3 Client
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2014-07-17 08:30 . 2012-07-17 11:37 23256 ----a-w- crogramdataMicrosoftIdentityCRLproductionpp crlconfig600.dll
2014-06-17 13:22 . 2014-06-17 13:22 188696 ----a-w- c:windowssystem32driversavgldx86.sys
2014-06-17 13:21 . 2014-06-17 13:21 197400 ----a-w- c:windowssystem32driversavgtdix.sys
2014-06-17 13:18 . 2014-06-17 13:18 241944 ----a-w- c:windowssystem32driversavglogx.sys
2014-06-17 13:17 . 2014-06-17 13:17 147736 ----a-w- c:windowssystem32driversavgidshx.sys
2014-06-17 13:06 . 2014-06-17 13:06 199960 ----a-w- c:windowssystem32driversavgidsdriverx.sys
2014-06-17 13:06 . 2014-06-17 13:06 121624 ----a-w- c:windowssystem32driversavgdiskx.sys
2014-06-17 13:06 . 2014-06-17 13:06 98584 ----a-w- c:windowssystem32driversavgmfx86.sys
2014-06-17 13:06 . 2014-06-17 13:06 27416 ----a-w- c:windowssystem32driversavgrkx86.sys
2014-06-17 13:06 . 2014-06-17 13:06 21272 ----a-w- c:windowssystem32driversavgidsshimx.sys
2013-02-07 12:22 . 2013-02-07 12:22 50330 ----a-w- crogram filesAntiDust.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurr entVersionRun]
"Adobe ARM"="crogram filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-09-23 926896]
"MobileBroadband"="crogram filesVodafoneVodafone Mobile BroadbandBinMobileBroadband.exe" [2013-03-25 76288]
"VmbNotifier"="crogram filesVodafoneVodafone Mobile BroadbandBinVmbNotifier.exe" [2013-03-25 1861632]
"AVG_UI"="crogram filesAVGAVG2014avgui.exe" [2014-06-17 5179408]
"PWRISOVM.EXE"="crogram filesPowerISOPWRISOVM.EXE" [2012-12-09 336992]
"RTHDVCPL"="crogram filesRealtekAudioHDARtHDVCpl.exe" [2014-07-19 12013272]
"Apoint"="crogram filesApoint2KApoint.exe" [2014-07-19 530776]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetContro lSafeBootMinimalWdf01000.sys]
@="Driver"
.
R1 Avgdiskx;AVG Disk Driver;c:windowssystem32DRIVERSavgdiskx.sys [2014-06-17 121624]
R1 Avgfwfd;AVG network filter service;c:windowssystem32DRIVERSavgfwd6x.sys [2013-09-26 47928]
R1 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIV ERSavgidsdriverx.sys [2014-06-17 199960]
R1 AVGIDSShim;AVGIDSShim;c:windowssystem32DRIVERS avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver;c:windowssystem32DRIVERSavgtdix.sys [2014-06-17 197400]
R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2014-07-19 209408]
R2 avgfws;AVG Guvenlik Duvarı;crogram filesAVGAVG2014avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent;crogram filesAVGAVG2014avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog;crogram filesAVGAVG2014avgwdsvc.exe [2014-06-17 289328]
R2 VmbService;Vodafone Mobile Broadband Servisi;crogram filesVodafoneVodafone Mobile BroadbandBinVmbService.exe [2013-03-25 8704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [2014-07-19 78848]
R3 JMCR;JMCR;c:windowssystem32DRIVERSjmcr.sys [2013-04-26 148720]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:windowssystem32DRIVERSJME.sys [2011-11-17 125456]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:windowssystem32DRIVERSrtl8192se.sys [2012-02-04 1118312]
R3 vtany;vtany;c:windowsvtany.sys [x]
R3 xhunter1;xhunter1;c:windowsxhunter1.sys [x]
S0 amdkmafd;AMD Audio Bus Lower Filter;c:windowssystem32DRIVERSamdkmafd.sys [2014-07-19 15528]
S0 AVGIDSHX;AVGIDSHX;c:windowssystem32DRIVERSavgi dshx.sys [2014-06-17 147736]
S0 Avglogx;AVG Logging Driver;c:windowssystem32DRIVERSavglogx.sys [2014-06-17 241944]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx86.sys [2014-06-17 27416]
S0 iaStorA;iaStorA;c:windowssystem32DRIVERSiaStor A.sys [2014-07-19 506728]
S0 iaStorF;iaStorF;c:windowssystem32DRIVERSiaStor F.sys [2014-07-19 25448]
S0 iusb3hcs;Intel(R) USB 3.0 Ana Bilgisayar Denetleyici Değiştirici Surucusu;c:windowssystem32DRIVERSiusb3hcs.sys [2013-02-22 16880]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:windowssystem32DRIVERSdc3d.sys [2013-05-13 65200]
S3 SmbDrvI;SmbDrvI;c:windowssystem32DRIVERSSmb_dr iver_Intel.sys [2014-07-19 28656]
.
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components]
2014-07-16 19:30 1104200 ----a-w- crogram filesGoogleChromeApplication36.0.1985.125Inst allerchrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-22 c:windowsTasksdsmonitor.job
- crogram filesUniblueDriverScannerdsmonitor.exe [2014-07-19 08:22]
.
2014-07-22 c:windowsTasksGoogleUpdateTaskMachineCore.job
- crogram filesGoogleUpdateGoogleUpdate.exe [2014-07-16 19:23]
.
2014-07-22 c:windowsTasksGoogleUpdateTaskMachineUA.job
- crogram filesGoogleUpdateGoogleUpdate.exe [2014-07-16 19:23]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces: NameServer = 4.2.2.1,4.2.2.2
TCP: Interfaces\B6572716E6: NameServer = 4.2.2.1,4.2.2.2
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPC WSecurity]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-22 17:00:58
ComboFix-quarantined-files.txt 2014-07-22 14:00
ComboFix2.txt 2014-07-20 22:58
ComboFix3.txt 2014-02-04 21:02
ComboFix4.txt 2014-02-01 15:18
ComboFix5.txt 2014-07-22 13:26
.
Pre-Run: 15.543.504.896 bayt boş
Post-Run: 15.288.872.960 bayt boş
.
- - End Of File - - 381F4AD2141E056312361883606D86BF
A36C5E4F47E84449FF07ED3517B43A31
__________________