the new log:
OTL logfile created on: 14.11.2013 23:17:10 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gina\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 5,17 Gb Available Physical Memory | 65,43% Memory free
15,80 Gb Paging File | 12,61 Gb Available in Paging File | 79,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,36 Gb Total Space | 547,55 Gb Free Space | 80,72% Space Free | Partition Type: NTFS
Computer Name: GINA-VAIO | User Name: Gina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Gina\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
PRC - C:\Programme\Tablet\Pen\WacomHost.exe (Wacom Technology)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Programme\AuthenTec TrueSuite\BioMonitor.exe (AuthenTec Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe (Sony Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\08d05898be584065b797a6dd48d9ad56\System.Configuration.ni.dll ()
MOD - C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
MOD - C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll ()
MOD - C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll ()
MOD - C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\591b99d5681c59ed6c5e9544d7def0ea\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\45581138b36fd338c87813390775b65f\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe File not found
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WTabletServiceCon) -- C:\Programme\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (FPLService) -- C:\Programme\AuthenTec TrueSuite\TrueSuiteService.exe (AuthenTec, Inc)
SRV - (Intel® -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (ActiveDelayDeviceService) -- C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe (Sony Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys (Wacom Technology)
DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\drivers\wachidrouter.sys (Wacom Technology)
DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\sony.com/MediaGoDetector: C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.09.11 19:45:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Gina\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: TrueSuite (Enabled) = C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibgmhfiionbhpeidijmiildfjnbbkic\1.0_0\npwebsitelogon.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation®Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Gina\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: WhatFont = C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm\2.0.2_0\
CHR - Extension: Ghostery = C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\
CHR - Extension: Website Logon = C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibgmhfiionbhpeidijmiildfjnbbkic\1.0_0\
CHR - Extension: Google Wallet = C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2013.11.14 20:41:24 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A001267-9A48-4E03-903E-9D1DB5401011}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{da14460f-06e4-11e2-8e68-30f9edea482d}\Shell - "" = AutoRun
O33 - MountPoints2\{da14460f-06e4-11e2-8e68-30f9edea482d}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2013.11.14 20:36:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.11.13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\Malwarebytes
[2013.11.13 22:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.11.13 22:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.11.13 22:24:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.11.13 22:17:16 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Gina\Desktop\aswMBR.exe
[2013.11.09 11:57:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
[2013.11.07 22:01:54 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2013.11.06 22:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.11.06 22:45:52 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Local\ElevatedDiagnostics
[2013.11.06 22:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.11.06 21:53:44 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Local\Programs
[2013.11.06 21:51:03 | 000,000,000 | ---D | C] -- C:\Users\Gina\Documents\WebCam Media
[2013.11.06 21:50:59 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Local\ArcSoft
[2013.11.06 21:50:58 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\ArcSoft
[2013.11.06 19:52:05 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Local\Mozilla
[2013.11.06 19:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.10.20 15:03:31 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\TuneUp Software
[2013.10.20 13:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013.10.20 13:05:20 | 000,000,000 | ---D | C] -- C:\51ba1d4f5e841ad9f6b9
[2013.10.16 19:36:10 | 000,000,000 | ---D | C] -- C:\af4b3e525e4de1e30ae16a1616d45ca9
[2013.10.16 16:06:10 | 000,000,000 | ---D | C] -- C:\62ecc920da52e10827242e
[2013.10.16 07:25:58 | 000,000,000 | ---D | C] -- C:\c8b659c083dd8b3ef2
========== Files - Modified Within 30 Days ==========
[2013.11.14 23:14:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.14 22:55:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549048556-947582508-511738072-1001UA.job
[2013.11.14 20:56:48 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.14 20:56:48 | 000,020,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.14 20:53:44 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.11.14 20:53:44 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.11.14 20:53:44 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.11.14 20:53:44 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.11.14 20:53:44 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.11.14 20:49:29 | 000,001,950 | ---- | M] () -- C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk
[2013.11.14 20:48:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.14 20:48:00 | 2068,271,103 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.14 20:41:24 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013.11.14 20:24:48 | 000,001,340 | ---- | M] () -- C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2013.11.13 22:20:20 | 000,000,512 | ---- | M] () -- C:\Users\Gina\Desktop\MBR.dat
[2013.11.13 22:17:26 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Gina\Desktop\aswMBR.exe
[2013.11.13 22:15:30 | 000,293,124 | ---- | M] () -- C:\Users\Gina\Desktop\anti-theft.png
[2013.11.13 11:55:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549048556-947582508-511738072-1001Core.job
[2013.11.13 11:16:03 | 000,001,456 | ---- | M] () -- C:\Users\Gina\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.11.09 11:57:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
[2013.11.09 11:43:12 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.11.05 21:01:34 | 005,095,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013.11.13 22:20:19 | 000,000,512 | ---- | C] () -- C:\Users\Gina\Desktop\MBR.dat
[2013.11.13 22:15:30 | 000,293,124 | ---- | C] () -- C:\Users\Gina\Desktop\anti-theft.png
[2013.11.07 22:21:30 | 000,001,950 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk
[2013.11.07 22:21:30 | 000,001,340 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2013.05.17 21:42:42 | 000,001,456 | ---- | C] () -- C:\Users\Gina\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.04.10 21:43:53 | 000,000,132 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012.09.16 15:24:29 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.04.05 03:04:29 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.04.05 03:04:28 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.04.05 03:04:27 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.04.05 03:04:27 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2009.03.30 11:22:43 | 000,061,440 | ---- | C] () -- C:\Program Files (x86)\RGSGrowBounds.aex
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.03 21:07:52 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.09.16 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.08 21:41:14 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Downloaded Installations
[2013.10.25 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Dropbox
[2013.11.11 16:56:20 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\FileZilla
[2013.06.30 22:18:51 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\iolo
[2012.10.03 18:23:35 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\IrfanView
[2013.01.30 14:03:52 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Notepad++
[2013.01.07 10:45:40 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\PACE Anti-Piracy
[2012.09.21 22:58:18 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\PDAppFlex
[2013.01.07 11:36:06 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Publish Providers
[2013.02.03 19:04:37 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\REAPER
[2013.05.05 12:22:22 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Sony
[2012.09.29 13:01:13 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.11.15 16:21:26 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Tific
[2013.10.20 15:03:32 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\TuneUp Software
[2013.01.16 15:54:52 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Wacom
[2013.09.04 21:01:10 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\wacomid-desktop-launcher
[2013.01.16 15:58:52 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2012.05.18 11:39:21 | 000,004,226 | ---- | M] () MD5=EE23420A7C0E74A9D316221F8BFB2477 -- C:\Windows\PolicyDefinitions\de-DE\Explorer.adml
[2012.05.18 11:39:21 | 000,004,226 | ---- | M] () MD5=EE23420A7C0E74A9D316221F8BFB2477 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_de-de_d6049b4095286d3f\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009.06.10 21:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009.06.10 21:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2012.02.24 01:18:12 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012.02.24 01:18:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012.02.24 01:18:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012.02.24 01:18:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012.02.24 01:18:12 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012.02.24 01:18:12 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: EXPLORER.EXE.3264.DMP >
[2013.09.11 14:16:28 | 003,069,947 | ---- | M] () MD5=B3BF413BF6D1AAE502F0BA0969F48AB7 -- C:\Users\Gina\AppData\Local\CrashDumps\explorer.exe.3264.dmp
< MD5 for: EXPLORER.EXE.MUI >
[2012.05.18 11:39:06 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=64E8A52EA68A8C36D0152F3108DA02D0 -- C:\Windows\de-DE\explorer.exe.mui
[2012.05.18 11:39:06 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=64E8A52EA68A8C36D0152F3108DA02D0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b8f6a2cb9e74c5d6\explorer.exe.mui
[2012.05.18 11:39:08 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=EB67605F636687E5F3C988B0059A8C46 -- C:\Windows\SysWOW64\de-DE\explorer.exe.mui
[2012.05.18 11:39:08 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=EB67605F636687E5F3C988B0059A8C46 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_de-de_c34b4d1dd2d587d1\explorer.exe.mui
< MD5 for: IEXPLORE.EXE >
[2013.01.09 02:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2013.05.17 03:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_20d88bb252a3770f\iexplore.exe
[2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe
[2012.06.29 06:02:52 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=1223ACBFC1093852DFF039E189599BBD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_0d45fcc9807373c2\iexplore.exe
[2013.07.26 07:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=133CEF30905806A35606652D409EEEBA -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_16893df21e3dcd43\iexplore.exe
[2013.08.10 07:31:28 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=1F3B062444AD6F667B5336E78D5A02B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_ffb36d2837eafb72\iexplore.exe
[2012.08.24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_1787d4dfb4e386f6\iexplore.exe
[2013.02.22 08:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_0d238c71808d94e7\iexplore.exe
[2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_178cd651b4df05a9\iexplore.exe
[2013.06.12 05:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_0a0343986c500b78\iexplore.exe
[2012.08.24 12:23:44 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_0d332a8d8082c4fb\iexplore.exe
[2013.06.12 01:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_20da757e52a1c35e\iexplore.exe
[2013.02.22 05:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2\iexplore.exe
[2013.08.10 07:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe
[2013.08.10 05:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe
[2013.05.17 02:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_09ffa3426c5372da\iexplore.exe
[2013.04.04 23:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_176a65f9b4f926ce\iexplore.exe
[2013.02.22 05:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d\iexplore.exe
[2013.08.10 06:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_0a08177a6c4bbd6d\iexplore.exe
[2012.10.08 13:29:46 | 000,754,848 | ---- | M] (Microsoft Corporation) MD5=49442BA6DCE4B4E3C1CB0AB193FE29AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_0d382bff807e43ae\iexplore.exe
[2012.08.24 11:49:07 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=5A150AFABB25BEA50CEDC8650A7B8A9E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_0dc3c95e999a1626\iexplore.exe
[2012.06.29 03:45:31 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=5D03518409F37D1483C98869D86E23FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_0dc0c880999cca21\iexplore.exe
[2012.08.24 08:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_181873b0cdfad821\iexplore.exe
[2013.01.08 23:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2013.07.26 04:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_20dde844529e8f3e\iexplore.exe
[2013.02.02 09:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe
[2010.11.21 04:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2013.07.26 06:47:06 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8D805B4EEEE0ECF6B604BE284978F135 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_ffb0112a37ee15f1\iexplore.exe
[2013.05.17 04:02:08 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8F00471CA24ADF8D2AFAACF856EB70A4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_ffaaf8f037f2b0df\iexplore.exe
[2012.02.24 01:21:12 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
[2012.06.29 02:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_179aa71bb4d435bd\iexplore.exe
[2013.06.12 03:28:00 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=98C6F2A9A981A54222602B87C6310BDE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_1685cb2c1e410163\iexplore.exe
[2013.04.05 02:55:57 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=A1B0DEC3BB845C6369F97BC1A3542A07 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_0d15bba7809864d3\iexplore.exe
[2013.02.02 05:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe
[2013.02.02 08:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe
[2013.06.05 16:00:04 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_20e92fca5296266a\iexplore.exe
[2012.11.16 04:08:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=AC4957E154F750DF54F36ADC8E3E040D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_0db6f8de99a3ff69\iexplore.exe
[2013.02.22 08:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_0da2595099b350a2\iexplore.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2013.04.04 22:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_17e932d8ce1ee289\iexplore.exe
[2013.04.05 01:40:37 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=C4A4F4AD91677DA1659A9ADE63746B8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_0d94888699be208e\iexplore.exe
[2010.11.21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2013.06.12 08:51:43 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=CA88A25280B1D85ED0BC26B042ABBCCF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_ffae994637ef497d\iexplore.exe
[2013.06.05 16:00:01 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=CEA304830B4770BDA3572B87D0841848 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_169485781e35646f\iexplore.exe
[2012.10.08 09:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_1808a252ce07755f\iexplore.exe
[2013.09.23 00:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013.09.23 00:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe
[2013.09.23 01:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe
[2013.02.02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe
[2013.07.26 06:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_0a04bb7c6c4ed7ec\iexplore.exe
[2013.09.23 02:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe
[2012.06.29 00:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_181572d2cdfd8c1c\iexplore.exe
[2013.05.17 04:30:45 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=EDC77CF787FA015205936C9A3228486E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_1683e1601e42b514\iexplore.exe
[2013.01.09 01:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe
[2013.01.08 22:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe
[2012.02.24 01:21:11 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe
[2012.10.08 12:09:10 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=F61714ABCF9BF0CEF0A6249AD4FD490B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_0db3f80099a6b364\iexplore.exe
[2012.11.14 03:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_180ba330ce04c164\iexplore.exe
[2013.09.23 02:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013.09.23 02:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe
[2012.11.14 08:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2012.05.18 11:41:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=0272AAC78F0D1CC205B893CCF5835DC5 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_de-de_6865046bfd99819c\iexplore.exe.mui
[2012.02.24 01:21:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2012.02.24 01:21:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2013.06.05 16:04:58 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Program Files (x86)\Internet Explorer\de-DE\iexplore.exe.mui
[2013.06.05 16:04:58 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Program Files\Internet Explorer\de-DE\iexplore.exe.mui
[2013.06.05 16:04:58 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_de-de_674bb56c67089ab9\iexplore.exe.mui
[2013.06.05 16:04:58 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_de-de_71a05fbe9b695cb4\iexplore.exe.mui
[2012.05.18 11:41:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6D22C11D8D81000CAEA25B213F1CDD63 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_de-de_5e105a19c938bfa1\iexplore.exe.mui
[2012.05.18 11:39:21 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=74EB5304DFC6E33B6C87D0688860B6BC -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_de-de_6252687e84367fb4\iexplore.exe.mui
[2013.06.05 16:00:05 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013.06.05 16:00:01 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013.06.05 16:00:01 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2013.06.05 16:00:05 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2009.07.14 03:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2012.05.18 11:39:21 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=D74E70EF11B77E438111FE0C79AAFD97 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_de-de_6ca712d0b89741af\iexplore.exe.mui
[2009.07.14 03:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
< MD5 for: SERVICES >
[2009.06.10 22:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.AIP >
[2012.11.21 01:09:36 | 000,476,824 | ---- | M] (Adobe Systems Incorporated) MD5=456C45B1A2ECE8814987C4A4EA786413 -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Plug-ins\Extensions\Services.aip
[2012.11.21 00:37:22 | 000,382,616 | ---- | M] (Adobe Systems Incorporated) MD5=87ACA12B41F894A8CAFD264A1FC9D1F0 -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Plug-ins\Extensions\Services.aip
< MD5 for: SERVICES.ASFX >
[2012.07.27 21:52:04 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012.07.27 21:52:04 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012.07.27 21:51:54 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012.07.27 21:51:50 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012.07.27 21:51:52 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012.07.27 21:51:52 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012.07.27 21:51:56 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012.07.27 21:51:58 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012.07.27 21:51:42 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012.07.27 21:51:56 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012.07.27 21:51:40 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012.07.27 21:52:02 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2013.09.03 14:54:18 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2012.07.27 21:51:38 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012.07.27 21:51:50 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2013.09.03 14:54:20 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012.07.27 21:51:40 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012.07.27 21:52:06 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012.07.27 21:51:56 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012.07.27 21:52:06 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012.07.27 21:52:08 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012.07.27 21:51:46 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012.07.27 21:52:00 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012.07.27 21:51:44 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012.07.27 21:52:00 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010.11.15 20:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012.07.27 21:51:48 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012.07.27 21:51:46 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012.07.27 21:51:44 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
< MD5 for: SERVICES.ASFX1 >
[2010.11.15 20:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1
< MD5 for: SERVICES.ASFX10 >
[2010.11.15 20:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10
< MD5 for: SERVICES.ASFX11 >
[2010.11.15 20:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11
< MD5 for: SERVICES.ASFX12 >
[2010.11.15 20:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12
< MD5 for: SERVICES.ASFX13 >
[2010.11.15 20:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13
< MD5 for: SERVICES.ASFX14 >
[2010.11.15 20:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14
< MD5 for: SERVICES.ASFX15 >
[2010.11.15 20:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15
< MD5 for: SERVICES.ASFX16 >
[2010.11.15 20:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16
< MD5 for: SERVICES.ASFX17 >
[2010.11.15 20:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17
< MD5 for: SERVICES.ASFX18 >
[2010.11.15 20:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18
< MD5 for: SERVICES.ASFX19 >
[2010.11.15 20:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19
< MD5 for: SERVICES.ASFX2 >
[2010.11.15 20:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2
< MD5 for: SERVICES.ASFX20 >
[2010.11.15 20:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20
< MD5 for: SERVICES.ASFX21 >
[2010.11.15 20:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21
< MD5 for: SERVICES.ASFX22 >
[2010.11.15 20:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22
< MD5 for: SERVICES.ASFX23 >
[2010.11.15 20:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23
< MD5 for: SERVICES.ASFX24 >
[2010.11.15 20:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24
< MD5 for: SERVICES.ASFX25 >
[2010.11.15 20:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25
< MD5 for: SERVICES.ASFX3 >
[2010.11.15 20:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3
< MD5 for: SERVICES.ASFX4 >
[2010.11.15 20:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4
< MD5 for: SERVICES.ASFX5 >
[2010.11.15 20:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5
< MD5 for: SERVICES.ASFX6 >
[2010.11.15 20:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6
< MD5 for: SERVICES.ASFX7 >
[2010.11.15 20:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7
< MD5 for: SERVICES.ASFX8 >
[2010.11.15 20:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8
< MD5 for: SERVICES.ASFX9 >
[2010.11.15 20:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9
< MD5 for: SERVICES.CFG >
[2013.09.03 14:54:16 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2013.09.03 14:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010.10.25 14:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
[2010.11.15 20:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg
< MD5 for: SERVICES.CFSERVICE.JAR >
[2012.03.16 02:33:04 | 000,142,226 | ---- | M] () MD5=18D9FCB12CE658BA4D24D8DC2D641BA6 -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.CFService_4.6.1.335153\services.CFService.jar
< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2012.05.18 11:39:04 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=F0E13F46C1944FCE489C9A18372C3ED8 -- C:\Windows\SysNative\de-DE\services.exe.mui
[2012.05.18 11:39:04 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=F0E13F46C1944FCE489C9A18372C3ED8 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_de-de_1d0162c550c828a3\services.exe.mui
< MD5 for: SERVICES.HTM >
[2007.02.11 16:52:50 | 000,013,720 | ---- | M] () MD5=5B1A2F8639E67EAAB32B5E446EDDA178 -- C:\Users\Gina\Desktop\Kolleg\2aKMTM\WLM_GAIS\Unterlagen\selfhtml812\intro\hilfsmittel\services.htm
< MD5 for: SERVICES.LNK >
[2009.07.14 05:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009.07.14 05:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009.06.10 21:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009.06.10 21:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >
[2009.06.10 21:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009.06.10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009.06.10 21:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009.06.10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2012.05.18 11:39:03 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\SysNative\de-DE\services.msc
[2012.05.18 11:39:04 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\SysWOW64\de-DE\services.msc
[2012.05.18 11:39:03 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_de-de_574332b12731c296\services.msc
[2012.05.18 11:39:04 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_de-de_fb24972d6ed45160\services.msc
< MD5 for: SERVICES.PHPSERVICE.JAR >
[2012.03.16 02:33:06 | 000,149,053 | ---- | M] () MD5=EDDA59974541208844A9FE430268D469 -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.PHPService_4.6.1.335153\services.PHPService.jar
< MD5 for: SERVICES.PTXML >
[2009.07.13 21:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009.07.13 21:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SERVICES.STATICCONTENTSERVICE.JAR >
[2012.03.16 02:33:06 | 000,072,917 | ---- | M] () MD5=15E17BFD2088059A73A22119D0D1613A -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.StaticContentService_4.6.1.335153\services.StaticContentService.jar
< MD5 for: SERVICES.WEBSERVICE.DERIVED.JAR >
[2012.03.16 02:33:06 | 000,183,653 | ---- | M] () MD5=1BEE56EAF2A85F3662291392C8804E1E -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.WEBService.derived_4.6.1.335153\services.WEBService.derived.jar
< MD5 for: WINLOGON.ADML >
[2012.05.18 11:39:20 | 000,009,904 | ---- | M] () MD5=25AA9560CB997F785CDD845AD425D37D -- C:\Windows\PolicyDefinitions\de-DE\WinLogon.adml
[2012.05.18 11:39:20 | 000,009,904 | ---- | M] () MD5=25AA9560CB997F785CDD845AD425D37D -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_48082d3607b4f4ab\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009.06.10 22:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009.06.10 22:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2012.05.18 11:39:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=8354A33D8B5919047DAEB39F235E666E -- C:\Windows\SysNative\de-DE\winlogon.exe.mui
[2012.05.18 11:39:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=8354A33D8B5919047DAEB39F235E666E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_de-de_802dc1012bd7f0b6\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2012.05.18 11:39:04 | 000,001,080 | ---- | M] () MD5=4AC5B532F44BAE30CBE41B7750954729 -- C:\Windows\SysNative\wbem\de-DE\winlogon.mfl
[2012.05.18 11:39:04 | 000,001,080 | ---- | M] () MD5=4AC5B532F44BAE30CBE41B7750954729 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_de-de_dbbeff044a21c6b1\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009.07.13 21:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009.07.13 21:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013.11.14 20:48:00 | 2068,271,103 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.14 20:48:03 | 4189,351,935 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2009.07.14 06:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 06:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 06:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 06:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009.06.10 21:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2011.05.13 14:42:24 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2012.09.28 17:38:45 | 000,001,654 | -HS- | M] () -- C:\Users\Gina\AppData\Roaming\Microsoft\LastFlashConfig.wfc
< %PROGRAMFILES%\*.* >
[2009.07.14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2009.03.30 11:22:43 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\RGSGrowBounds.aex
[2013.05.22 09:31:26 | 000,080,185 | ---- | M] () -- C:\Program Files (x86)\trapcodeparticularv2.log
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: F449-682A
Verzeichnis von C:\
14.07.2009 06:08 <VERBINDUNG> Documents and Settings [C:\Users]
14.09.2012 14:02 <VERBINDUNG> Dokumente und Einstellungen [C:\Users]
14.09.2012 14:02 <VERBINDUNG> Programme [C:\Program Files]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Program Files
14.09.2012 14:02 <VERBINDUNG> Gemeinsame Dateien [C:\Program Files\Common Files]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Program Files\Windows NT
14.09.2012 14:02 <VERBINDUNG> Zubeh”r [C:\Program Files\Windows NT\Accessories]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Program Files (x86)\Evernote
18.05.2012 12:15 <SYMLINKD> Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote\]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\ProgramData]
14.07.2009 06:08 <VERBINDUNG> Application Data [C:\ProgramData]
14.07.2009 06:08 <VERBINDUNG> Desktop [C:\Users\Public\Desktop]
14.07.2009 06:08 <VERBINDUNG> Documents [C:\Users\Public\Documents]
14.09.2012 14:02 <VERBINDUNG> Dokumente [C:\Users\Public\Documents]
14.09.2012 14:02 <VERBINDUNG> Favoriten [C:\Users\Public\Favorites]
14.07.2009 06:08 <VERBINDUNG> Favorites [C:\Users\Public\Favorites]
14.07.2009 06:08 <VERBINDUNG> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14.09.2012 14:02 <VERBINDUNG> Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009 06:08 <VERBINDUNG> Templates [C:\ProgramData\Microsoft\Windows\Templates]
14.09.2012 14:02 <VERBINDUNG> Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData\Microsoft\Windows\Start Menu
14.09.2012 14:02 <VERBINDUNG> Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users
14.07.2009 06:08 <SYMLINKD> All Users [C:\ProgramData]
14.07.2009 06:08 <VERBINDUNG> Default User [C:\Users\Default]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\ProgramData]
14.07.2009 06:08 <VERBINDUNG> Application Data [C:\ProgramData]
14.07.2009 06:08 <VERBINDUNG> Desktop [C:\Users\Public\Desktop]
14.07.2009 06:08 <VERBINDUNG> Documents [C:\Users\Public\Documents]
14.09.2012 14:02 <VERBINDUNG> Dokumente [C:\Users\Public\Documents]
14.09.2012 14:02 <VERBINDUNG> Favoriten [C:\Users\Public\Favorites]
14.07.2009 06:08 <VERBINDUNG> Favorites [C:\Users\Public\Favorites]
14.07.2009 06:08 <VERBINDUNG> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14.09.2012 14:02 <VERBINDUNG> Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009 06:08 <VERBINDUNG> Templates [C:\ProgramData\Microsoft\Windows\Templates]
14.09.2012 14:02 <VERBINDUNG> Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users\Microsoft\Windows\Start Menu
14.09.2012 14:02 <VERBINDUNG> Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\Users\Default\AppData\Roaming]
14.07.2009 06:08 <VERBINDUNG> Application Data [C:\Users\Default\AppData\Roaming]
14.07.2009 06:08 <VERBINDUNG> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14.09.2012 14:02 <VERBINDUNG> Druckumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14.09.2012 14:02 <VERBINDUNG> Eigene Dateien [C:\Users\Default\Documents]
14.07.2009 06:08 <VERBINDUNG> Local Settings [C:\Users\Default\AppData\Local]
14.09.2012 14:02 <VERBINDUNG> Lokale Einstellungen [C:\Users\Default\AppData\Local]
14.07.2009 06:08 <VERBINDUNG> My Documents [C:\Users\Default\Documents]
14.07.2009 06:08 <VERBINDUNG> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14.09.2012 14:02 <VERBINDUNG> Netzwerkumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14.07.2009 06:08 <VERBINDUNG> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14.07.2009 06:08 <VERBINDUNG> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14.07.2009 06:08 <VERBINDUNG> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14.07.2009 06:08 <VERBINDUNG> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14.09.2012 14:02 <VERBINDUNG> Startmen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14.07.2009 06:08 <VERBINDUNG> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14.09.2012 14:02 <VERBINDUNG> Vorlagen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\AppData\Local
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\Users\Default\AppData\Local]
14.07.2009 06:08 <VERBINDUNG> Application Data [C:\Users\Default\AppData\Local]
14.07.2009 06:08 <VERBINDUNG> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14.07.2009 06:08 <VERBINDUNG> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
14.09.2012 14:02 <VERBINDUNG> Verlauf [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
14.09.2012 14:02 <VERBINDUNG> Programme [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\Documents
14.09.2012 14:02 <VERBINDUNG> Eigene Bilder [C:\Users\Default\Pictures]
14.09.2012 14:02 <VERBINDUNG> Eigene Musik [C:\Users\Default\Music]
14.09.2012 14:02 <VERBINDUNG> Eigene Videos [C:\Users\Default\Videos]
14.07.2009 06:08 <VERBINDUNG> My Music [C:\Users\Default\Music]
14.07.2009 06:08 <VERBINDUNG> My Pictures [C:\Users\Default\Pictures]
14.07.2009 06:08 <VERBINDUNG> My Videos [C:\Users\Default\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Gina
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\Users\Gina\AppData\Roaming]
14.09.2012 14:02 <VERBINDUNG> Cookies [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Cookies]
14.09.2012 14:02 <VERBINDUNG> Druckumgebung [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14.09.2012 14:02 <VERBINDUNG> Eigene Dateien [C:\Users\Gina\Documents]
14.09.2012 14:02 <VERBINDUNG> Lokale Einstellungen [C:\Users\Gina\AppData\Local]
14.09.2012 14:02 <VERBINDUNG> Netzwerkumgebung [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14.09.2012 14:02 <VERBINDUNG> Recent [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Recent]
14.09.2012 14:02 <VERBINDUNG> SendTo [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\SendTo]
14.09.2012 14:02 <VERBINDUNG> Startmen [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu]
14.09.2012 14:02 <VERBINDUNG> Vorlagen [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Gina\AppData\Local
14.09.2012 14:02 <VERBINDUNG> Anwendungsdaten [C:\Users\Gina\AppData\Local]
14.09.2012 14:02 <VERBINDUNG> Temporary Internet Files [C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files]
14.09.2012 14:02 <VERBINDUNG> Verlauf [C:\Users\Gina\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu
14.09.2012 14:02 <VERBINDUNG> Programme [C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Gina\Documents
14.09.2012 14:02 <VERBINDUNG> Eigene Bilder [C:\Users\Gina\Pictures]
14.09.2012 14:02 <VERBINDUNG> Eigene Musik [C:\Users\Gina\Music]
14.09.2012 14:02 <VERBINDUNG> Eigene Videos [C:\Users\Gina\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Public\Documents
14.09.2012 14:02 <VERBINDUNG> Eigene Bilder [C:\Users\Public\Pictures]
14.09.2012 14:02 <VERBINDUNG> Eigene Musik [C:\Users\Public\Music]
14.09.2012 14:02 <VERBINDUNG> Eigene Videos [C:\Users\Public\Videos]
14.07.2009 06:08 <VERBINDUNG> My Music [C:\Users\Public\Music]
14.07.2009 06:08 <VERBINDUNG> My Pictures [C:\Users\Public\Pictures]
14.07.2009 06:08 <VERBINDUNG> My Videos [C:\Users\Public\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\UpdatusUser
18.05.2012 10:59 <VERBINDUNG> Anwendungsdaten [C:\Users\UpdatusUser\AppData\Roaming]
18.05.2012 10:59 <VERBINDUNG> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
18.05.2012 10:59 <VERBINDUNG> Druckumgebung [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
18.05.2012 10:59 <VERBINDUNG> Eigene Dateien [C:\Users\UpdatusUser\Documents]
18.05.2012 10:59 <VERBINDUNG> Lokale Einstellungen [C:\Users\UpdatusUser\AppData\Local]
18.05.2012 10:59 <VERBINDUNG> Netzwerkumgebung [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
18.05.2012 10:59 <VERBINDUNG> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
18.05.2012 10:59 <VERBINDUNG> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
18.05.2012 10:59 <VERBINDUNG> Startmen [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
18.05.2012 10:59 <VERBINDUNG> Vorlagen [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\UpdatusUser\AppData\Local
18.05.2012 10:59 <VERBINDUNG> Anwendungsdaten [C:\Users\UpdatusUser\AppData\Local]
18.05.2012 10:59 <VERBINDUNG> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
18.05.2012 10:59 <VERBINDUNG> Verlauf [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu
18.05.2012 10:59 <VERBINDUNG> Programme [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\UpdatusUser\Documents
18.05.2012 10:59 <VERBINDUNG> Eigene Bilder [C:\Users\UpdatusUser\Pictures]
18.05.2012 10:59 <VERBINDUNG> Eigene Musik [C:\Users\UpdatusUser\Music]
18.05.2012 10:59 <VERBINDUNG> Eigene Videos [C:\Users\UpdatusUser\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Windows\System32\config\systemprofile
06.11.2013 21:53 <VERBINDUNG> Anwendungsdaten [C:\Windows\system32\config\systemprofile\AppData\Roaming]
06.11.2013 21:53 <VERBINDUNG> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
06.11.2013 21:53 <VERBINDUNG> Lokale Einstellungen [C:\Windows\system32\config\systemprofile\AppData\Local]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Windows\System32\config\systemprofile\AppData\Local
06.11.2013 21:53 <VERBINDUNG> Anwendungsdaten [C:\Windows\system32\config\systemprofile\AppData\Local]
06.11.2013 21:53 <VERBINDUNG> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
06.11.2013 21:53 <VERBINDUNG> Verlauf [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Windows\SysWOW64\config\systemprofile
06.11.2013 21:53 <VERBINDUNG> Anwendungsdaten [C:\Windows\system32\config\systemprofile\AppData\Roaming]
06.11.2013 21:53 <VERBINDUNG> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
06.11.2013 21:53 <VERBINDUNG> Lokale Einstellungen [C:\Windows\system32\config\systemprofile\AppData\Local]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Windows\SysWOW64\config\systemprofile\AppData\Local
06.11.2013 21:53 <VERBINDUNG> Anwendungsdaten [C:\Windows\system32\config\systemprofile\AppData\Local]
06.11.2013 21:53 <VERBINDUNG> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
06.11.2013 21:53 <VERBINDUNG> Verlauf [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Anzahl der angezeigten Dateien:
0 Datei(en), 0 Bytes
113 Verzeichnis(se), 587.930.431.488 Bytes frei
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012.09.14 15:49:07 | 000,000,221 | -HS- | M] () -- C:\Users\Gina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2013.11.13 22:17:26 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Gina\Desktop\aswMBR.exe
[2013.11.09 11:57:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 3072 bytes -> C:\WINSSLog:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\Vegas Movie Studio HD Platinum 10.0:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\Sound Forge Audio Studio 10.0:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\Songs:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\Adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\ACID Music Studio 8.0:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Public\Documents\15 ACID Projects for VAIO:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Videos:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Searches:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Saved Games:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Roaming:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Podcasts:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Pictures:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Music:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Links:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Favorites:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Dropbox:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Downloads:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\WebCam Media:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Vegas Movie Studio HD Platinum 11.0 Projekte:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\REAPER Media:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Outlook-Dateien:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\OneNote-Notizbücher:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Neuer Ordner:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Media Go:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents\Add-in Express:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Documents:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Desktop\Stuff:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Desktop\MALTA:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Desktop\Kolleg:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Desktop:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\CS6 Master Collection:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Contacts:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\WTablet:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\wacomid-desktop-launcher:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Wacom:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\vlc:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\TuneUp Software:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Tific:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Sony:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Sony Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Skype:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\REAPER:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Publish Providers:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\PACE Anti-Piracy:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\NVIDIA:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Word:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Windows Photo Viewer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Vault:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\UProof:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Templates:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\SystemCertificates:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Speech:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\QuickStyles:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Publisher:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Publisher Building Blocks:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Protect:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Proof:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\PowerPoint:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\PostUpgrade:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Outlook:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\OneNote:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Office:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Network:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\MMC:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Microsoft Security Client:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Internet Explorer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\IMJP9_0:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\IMJP8_1:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\IMJP12:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\IME12:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\HTML Help:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Excel:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Document Building Blocks:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Crypto:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Credentials:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\CLView:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\CLR Security Config:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\Clip Organizer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft\AddIns:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\IrfanView:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\iolo:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Intel:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Intel Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Identities:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\FileZilla:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Downloaded Installations:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\ArcSoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Apple Computer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Adobe\Bridge CS6\Export Panel\Services:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\LocalLow\Microsoft\Internet Explorer\Services:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\WinZip Courier:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Temp:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Symantec:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Sony:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Sony Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Programs:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Peter_Upfold:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\PACE Anti-Piracy:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Mozilla:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Microsoft\Windows\Explorer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Microsoft\Windows Live\Services:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Microsoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Intel_Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\HP:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Google:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Evernote:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Deployment:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\CrashDumps:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\assembly:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\ArcSoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Apps:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Apple:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Apple Computer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\services:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\Adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData\Local\3GV3Xl9KEZG:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\AppData:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users\Gina\Adobe Flash Builder 4.6:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Users:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Update:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\temp:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\WinZipEC:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\WildTangent:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Wacom:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Temp:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Sun:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Sony:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Sony Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Skype:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Roaming:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\RedGiant:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\PCTheftDefense:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\PACE Anti-Piracy:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\NVIDIA:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\NVIDIA Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Norton:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Particular v2:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64):IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AuthenTec TrueSuite:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\McAfee:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Kaspersky Lab:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Kaspersky Lab Setup Files:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\iolo:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Intel:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\HP:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Evernote:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\ArcSoft:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple Computer:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\ALM:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData\Adobe:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\ProgramData:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Program Files:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Program Files (x86):IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\PerfLogs:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\MSOCache:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Intel:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Infineon:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Documentation:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\Config.Msi:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\c8b659c083dd8b3ef2:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\af4b3e525e4de1e30ae16a1616d45ca9:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\8b442563dcfe529492edff11:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\62ecc920da52e10827242e:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\51ba1d4f5e841ad9f6b9:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\44e4cf7f1dd4e742e239f3a9d2:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\05a3be176cffb59915a67ceb1064:IMAT__DS_DIR_HDR
@Alternate Data Stream - 3072 bytes -> C:\_OTL:IMAT__DS_DIR_HDR
< End of report >