Part 2 of OTL.txt
---------------------
========== Files Created - No Company Name ==========
[2013.07.02 01:50:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.07.02 01:50:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.07.02 01:50:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.07.02 01:50:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.07.02 01:50:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.06.30 23:55:45 | 000,000,786 | ---- | C] () -- C:\Users\HEF01\Desktop\Mein SugarSync.lnk
[2013.06.30 23:50:31 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SugarSync.lnk
[2013.06.30 23:50:31 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\SugarSync.lnk
[2013.06.30 22:45:48 | 000,000,000 | -H-- | C] () -- C:\Users\HEF01\Documents\Default.rdp
[2013.06.22 17:12:31 | 353,889,239 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.06.19 22:13:26 | 000,002,102 | ---- | C] () -- C:\Users\HEF01\Desktop\SEPA Account Converter.lnk
[2013.06.15 11:08:10 | 000,000,964 | ---- | C] () -- C:\Users\Public\Desktop\ITN Converter.lnk
[2013.05.23 21:28:01 | 000,000,861 | ---- | C] () -- C:\Users\HEF01\AppData\Local\recently-used.xbel
[2013.05.04 00:50:01 | 000,000,772 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013.04.15 18:53:12 | 000,046,592 | ---- | C] () -- C:\Windows\System32\boost_thread-vc90-mt-1_47.dll
[2013.04.15 18:53:00 | 000,038,912 | ---- | C] () -- C:\Windows\System32\boost_date_time-vc90-mt-1_47.dll
[2013.04.15 18:52:44 | 000,227,840 | ---- | C] () -- C:\Windows\System32\boost_serialization-vc90-mt-1_47.dll
[2013.04.15 18:52:42 | 000,704,000 | ---- | C] () -- C:\Windows\System32\boost_regex-vc90-mt-1_47.dll
[2013.04.15 18:52:40 | 000,012,800 | ---- | C] () -- C:\Windows\System32\boost_system-vc90-mt-1_47.dll
[2013.04.15 18:52:24 | 000,130,048 | ---- | C] () -- C:\Windows\System32\boost_filesystem-vc90-mt-1_47.dll
[2013.04.03 20:49:41 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2013.03.23 18:11:03 | 000,001,263 | ---- | C] () -- C:\Windows\isxdlge2.ini
[2013.03.20 17:38:47 | 000,041,544 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2013.02.12 11:36:05 | 000,003,072 | ---- | C] () -- C:\ProgramData\keytemplate.db3
[2013.02.12 11:36:01 | 000,018,432 | ---- | C] () -- C:\ProgramData\schluesselverwaltung.db3
[2013.02.08 12:29:58 | 000,000,036 | ---- | C] () -- C:\Windows\Uniformula.ini
[2013.02.05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.02.05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.02.05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.02.05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.02.05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013.01.24 12:24:13 | 000,000,102 | ---- | C] () -- C:\Windows\{E3B99F3D-9856-482A-9048-305E28E2510C}.ini
[2013.01.01 17:56:59 | 000,000,021 | ---- | C] () -- C:\Windows\TemplateWizard.INI
[2012.11.24 22:25:02 | 000,000,078 | ---- | C] () -- C:\Users\HEF01\govello20.properties
[2012.11.07 16:10:28 | 000,000,373 | ---- | C] () -- C:\Windows\System32\CNCMFP20.INI
[2012.08.19 12:14:36 | 000,000,079 | ---- | C] () -- C:\Users\HEF01\AppData\Local\CrystalDiskMark30.ini
[2012.08.16 18:42:36 | 000,003,168 | ---- | C] () -- C:\Windows\System32\HI-epanelLSPService.ini
[2012.08.16 18:42:36 | 000,001,864 | ---- | C] () -- C:\Windows\System32\GacelaLSPServiceOff.ini
[2012.08.11 23:05:29 | 000,000,017 | ---- | C] () -- C:\Users\HEF01\AppData\Local\resmon.resmoncfg
[2012.06.16 00:40:14 | 000,011,489 | ---- | C] () -- C:\Users\HEF01\gsview32.ini
[2012.06.10 23:18:29 | 000,000,223 | ---- | C] () -- C:\Windows\KcMV3DGD.ini
[2012.06.10 23:13:29 | 000,002,259 | ---- | C] () -- C:\Users\HEF01\PRINTSERVER-NetTool.ini
[2012.05.28 13:29:08 | 000,002,048 | ---- | C] () -- C:\Windows\null.exe
[2012.05.16 10:41:18 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv7
[2011.09.04 21:05:06 | 000,000,001 | ---- | C] () -- C:\Users\HEF01\.SIG_PINSTATUS_VOREINSTELLUNG
[2011.09.04 21:05:06 | 000,000,001 | ---- | C] () -- C:\Users\HEF01\.SIG_DIALOG_VOREINSTELLUNG
[2011.04.18 05:33:13 | 000,010,752 | ---- | C] () -- C:\Users\HEF01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.07 20:17:52 | 000,646,848 | ---- | C] () -- C:\Users\HEF01\AppData\Local\wanancsp.dat
[2011.04.07 19:18:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.06.16 15:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.02 13:48:12 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Avery
[2013.06.02 21:58:31 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\AVM
[2011.04.13 12:21:20 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Broad Intelligence
[2011.04.09 13:24:51 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Buhl Data Service
[2013.01.30 15:22:50 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Bytemobile
[2012.12.14 01:10:35 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\calibre
[2012.12.16 16:07:18 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Canneverbe Limited
[2012.11.28 17:20:47 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Canon
[2013.03.23 18:11:37 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Chipcardmaster
[2013.04.06 00:45:31 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\com.amazon.music.uploader
[2013.07.02 02:15:03 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\convert
[2011.04.12 21:49:32 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\DataDesign
[2012.01.01 19:49:14 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\DoublePics
[2013.07.02 01:00:03 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Dropbox
[2012.06.07 00:29:11 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\DVDVideoSoft
[2013.05.29 11:49:01 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\eIntaller
[2011.11.02 23:47:10 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\elsterformular
[2013.06.26 01:40:14 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\FileZilla
[2012.10.04 23:15:50 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\FreeFileSync
[2013.05.04 02:19:36 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\FRITZ!
[2013.05.02 01:19:47 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2013.01.17 13:57:48 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\GetRightToGo
[2013.03.14 23:15:15 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\GLS Vereinsmeister
[2011.05.10 16:16:26 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\ImgBurn
[2012.09.07 20:02:00 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\InterVideo
[2013.05.20 17:34:55 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\IPCamWizard
[2011.05.15 19:17:22 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\IrfanView
[2012.02.02 23:57:09 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Lenovo
[2011.04.12 21:31:22 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Lexware
[2013.03.08 11:20:34 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Motorola
[2013.03.08 11:23:07 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Motorola Mobility
[2012.01.04 02:43:34 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\NetMeter
[2012.06.08 00:41:01 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Notepad++
[2011.04.26 19:20:39 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\OpenOffice.org
[2011.05.05 14:57:10 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\PCDr
[2011.04.20 18:56:41 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Philipp Winterberg
[2012.11.24 01:44:54 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\PrivateTunnel
[2011.04.21 22:16:23 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\PwrMgr
[2013.04.08 23:42:24 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\QcWizard
[2012.05.26 22:54:18 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\RavensburgerTipToi
[2013.04.17 11:49:47 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Samsung
[2011.04.16 11:57:13 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\SmartLine
[2011.04.15 21:44:22 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Softland
[2013.03.24 02:01:01 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Synaptics
[2013.06.12 18:37:33 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\TeamViewer
[2012.09.08 00:09:56 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Telefónica
[2012.09.08 00:09:56 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\TGCMLog
[2011.04.09 17:20:53 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Thunderbird
[2012.01.20 01:41:20 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Total Immersion
[2011.04.24 17:43:12 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\TuneUp Software
[2012.05.16 10:56:03 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\TwonkyMedia
[2012.08.01 23:43:59 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\TwonkyServer
[2011.12.27 23:31:45 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Ulead Systems
[2011.04.13 11:38:27 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Uniblue
[2011.05.05 14:44:14 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Update
[2013.01.01 01:49:29 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Vodafone
[2012.12.22 21:19:33 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Windows Live Writer
[2012.06.23 16:18:20 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\Wireshark
[2013.02.22 00:24:16 | 000,000,000 | ---D | M] -- C:\Users\HEF01\AppData\Roaming\YCanPDF
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2010.01.05 07:00:49 | 000,004,226 | ---- | M] () MD5=EE23420A7C0E74A9D316221F8BFB2477 -- C:\Windows\PolicyDefinitions\de-DE\Explorer.adml
[2010.01.05 07:00:49 | 000,004,226 | ---- | M] () MD5=EE23420A7C0E74A9D316221F8BFB2477 -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_de-de_79e5ffbcdccafc09\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009.06.10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009.06.10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
< MD5 for: EXPLORER.DMP >
[2012.04.23 14:03:33 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\Users\Public\Lenovo\Access Connections\Explorer.dmp
< MD5 for: EXPLORER.EXE >
[2010.01.05 07:02:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
[2013.05.16 10:58:12 | 003,859,928 | ---- | M] (Safer-Networking Ltd.) MD5=03250DB0886A23B1F6C077C5D9F152B0 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2010.01.05 07:02:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2010.01.05 07:00:32 | 000,025,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\de-DE\explorer.exe.mui
[2010.01.05 07:00:32 | 000,025,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5cd80747e61754a0\explorer.exe.mui
< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2013.07.02 03:08:07 | 000,222,750 | ---- | M] () MD5=3620BDFEF8CBB3B3472C961C7AD6E744 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
< MD5 for: IEXPLORE.BAT >
[2013.04.21 09:58:12 | 000,029,803 | ---- | M] () MD5=E4B95882FB080670179EA3605395889B -- C:\JRT\iexplore.bat
< MD5 for: IEXPLORE.EXE >
[2012.05.18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_b12560b1c817cfde\iexplore.exe
[2013.05.17 04:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Program Files\Internet Explorer\iexplore.exe
[2013.05.17 04:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\ERDNT\cache\iexplore.exe
[2013.05.17 04:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_ba6545dc65e543de\iexplore.exe
[2012.08.24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_b1148f09c82553c5\iexplore.exe
[2012.05.18 00:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_b19f2c1ee1420ce6\iexplore.exe
[2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_b119907bc820d278\iexplore.exe
[2013.03.21 13:11:10 | 000,770,560 | ---- | M] (Microsoft Corporation) MD5=2859EBC065D2E1CCC94161CE28BAC085 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16521_none_ba715a6a65dbf461\iexplore.exe
[2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_b346f9b4861b55c2\iexplore.exe
[2013.04.05 07:55:38 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=2DC6BD1047553611DAEF97C751131A5D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_a39ee59e7f860811\iexplore.exe
[2012.06.02 11:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_b12660fbc816e935\iexplore.exe
[2013.05.17 03:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_a38c5d6c7f953fa9\iexplore.exe
[2012.08.24 09:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_b1a52ddae13ca4f0\iexplore.exe
[2013.01.09 00:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_b10dc045c829d512\iexplore.exe
[2011.04.09 23:39:23 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
[2010.12.18 07:32:25 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_b3e23cc79f2c4cea\iexplore.exe
[2012.06.29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_b1276145c816028c\iexplore.exe
[2013.02.25 01:52:40 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=A11C5E3E288256C540B7ED8BE3A04B01 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20644_none_a39aa01e7f89ef98\iexplore.exe
[2013.02.02 06:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_b17dbc10e15b4762\iexplore.exe
[2010.12.18 07:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_b384dff685ed56b3\iexplore.exe
[2013.04.05 08:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_ba75e9f465d7f339\iexplore.exe
[2012.11.16 18:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=B201AF83DF2E85323E29EB83E4046810 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_b11b910fc81f0526\iexplore.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2012.06.02 10:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_b1a12cb2e1403f94\iexplore.exe
[2012.11.16 05:08:47 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=C0BA71C1B3FB6E3DD432FF3CCAEBDC62 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_b1985d5ae1468e33\iexplore.exe
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_b5780d7c8309d95c\iexplore.exe
[2012.10.08 10:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_b1955c7ce149422e\iexplore.exe
[2013.02.02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_b0feef31c8358ba7\iexplore.exe
[2013.02.21 13:28:11 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_ba7371c665da0d6e\iexplore.exe
[2012.06.29 01:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_b1a22cfce13f58eb\iexplore.exe
[2013.01.08 23:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_b18b8cdae1507776\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2011.04.09 23:39:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=0272AAC78F0D1CC205B893CCF5835DC5 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_de-de_01f1be9610db4e6b\iexplore.exe.mui
[2011.04.09 23:39:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui
[2013.03.21 13:12:45 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Program Files\Internet Explorer\de-DE\iexplore.exe.mui
[2013.03.21 13:12:45 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6511725A9ACB570CD967BCE68DB2986A -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_de-de_0b2d19e8aeab2983\iexplore.exe.mui
[2013.03.21 13:11:10 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013.03.21 13:11:10 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_b41defe19d893548\iexplore.exe.mui
[2010.01.05 07:00:49 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=D74E70EF11B77E438111FE0C79AAFD97 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_de-de_0402b932ceea8ae4\iexplore.exe.mui
[2010.01.05 07:00:49 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=D74E70EF11B77E438111FE0C79AAFD97 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_de-de_0633ccfacbd90e7e\iexplore.exe.mui
< MD5 for: IEXPLORE.PNG >
[2011.07.18 08:46:32 | 000,016,619 | ---- | M] () MD5=2DC4DF31FA082FD9310B20F3F950432C -- C:\Program Files\Lenovo\SimpleTap\Add-ons\Lenovo\InternetExplorer\iexplore.png
< MD5 for: SERVICES >
[2012.08.15 17:51:44 | 002,497,591 | ---- | M] () MD5=644A5F77D534ABBF4EBABFB4128F925C -- C:\Program Files\Wireshark\services
[2009.06.10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009.06.10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.ASFX >
[2012.09.23 20:43:44 | 000,002,677 | ---- | M] () MD5=22FEEF662B7E813F8547E1446EBC706B -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\de_DE\Services\Services.asfx
< MD5 for: SERVICES.CFG >
[2012.09.23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA71301B744BA0000000010\11.0.0\services.cfg
[2013.05.11 12:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.CNF >
[2001.09.25 22:48:16 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Users\HEF01\Documents\Eigene Webs\_vti_pvt\services.cnf
< MD5 for: SERVICES.DAT >
[2013.04.22 05:04:55 | 000,001,720 | ---- | M] () MD5=43C1700D78D89F0B1F6FA88FD132BE1A -- C:\JRT\services.dat
< MD5 for: SERVICES.DLL >
[2009.05.22 20:31:22 | 000,020,480 | ---- | M] ( ) MD5=17AD4A8A51AECE2EC20D8CF7994BC9F4 -- C:\Program Files\Common Files\Lenovo\InvAgent\local\collect\services.dll
[2012.11.13 18:38:36 | 000,008,704 | ---- | M] () MD5=E41D70348B1B51C0C76B617EA572B105 -- C:\Program Files\Lenovo\System Update\egather\local\collect\services.dll
< MD5 for: SERVICES.DLL.CONFIG >
[2012.11.01 18:05:50 | 000,000,305 | ---- | M] () MD5=126EB374FFE77DAA27113E5AD6307C0B -- C:\Program Files\Lenovo\System Update\egather\local\collect\services.dll.config
< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2010.01.05 07:00:30 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5BB3A4AC670D245257DBA6C397DF2EEB -- C:\Windows\System32\de-DE\services.exe.mui
[2010.01.05 07:00:30 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5BB3A4AC670D245257DBA6C397DF2EEB -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_de-de_c0e2c741986ab76d\services.exe.mui
< MD5 for: SERVICES.HTM >
[2013.06.12 15:27:07 | 000,010,020 | ---- | M] () MD5=3BB8966C4302BAB7B015A42792BDD688 -- C:\Users\HEF01\Documents\Websites\bmi25\www\services.htm
[2012.12.25 22:33:40 | 000,010,717 | ---- | M] () MD5=79C8C4D401F745689667453C4FE25745 -- C:\Users\HEF01\AppData\Local\VirtualStore\Program Files\1blu\1blu HomepageBuilder 2\onlineshop\services.htm
[2012.12.25 23:12:42 | 000,010,616 | ---- | M] () MD5=BD5449F06D2270FC459035DC9F1F84B8 -- C:\Users\HEF01\AppData\Local\VirtualStore\Program Files\1blu\homepage\services.htm
< MD5 for: SERVICES.HTML >
[1999.11.20 01:10:40 | 000,003,881 | ---- | M] () MD5=70AF558BFB9814F4C27BDEA2BECE06D7 -- C:\Users\HEF01\Documents\Websites\E DPC1\MG Dateien\MGF Dateien alt\MGF Platte\MGF-Web\Projects\bender\www.mgbspares.com\Services.html
[1999.08.10 05:49:52 | 000,006,829 | ---- | M] () MD5=7860035843CD461C946A1FC169337B33 -- C:\Users\HEF01\Documents\Websites\E DPC1\MG Dateien\MGF Dateien alt\MGF Platte\MGF-Web\Projects\bastian\www.mgcars.org.uk\mgcc\services.html
[1999.11.02 00:03:44 | 000,006,829 | ---- | M] () MD5=7860035843CD461C946A1FC169337B33 -- C:\Users\HEF01\Documents\Websites\E DPC1\MG Dateien\MGF Dateien alt\MGF Platte\MGF-Web\Projects\MGCC UK\www.mgcars.org.uk\mgcc\services.html
< MD5 for: SERVICES.JSP >
[2009.04.17 17:10:45 | 000,003,347 | ---- | M] () MD5=F6BC4DD21FC354287A1B1485CA13BDB5 -- C:\Users\HEF01\Documents\Websites\E DPC1\2005_10_EPC\System\Tomcat\server\webapps\admin\service\services.jsp
[2003.04.28 20:29:41 | 000,003,347 | ---- | M] () MD5=F6BC4DD21FC354287A1B1485CA13BDB5 -- C:\Users\HEF01\Documents\Websites\E DPC1\2005_EPC\System\Tomcat\server\webapps\admin\service\services.jsp
< MD5 for: SERVICES.LNK >
[2009.07.14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009.07.14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009.06.10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009.06.10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >
[2009.06.10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009.06.10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2010.01.05 07:00:29 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\System32\de-DE\services.msc
[2010.01.05 07:00:29 | 000,092,744 | ---- | M] () MD5=7FC1BD72E9D0E622638C4620E33FAD47 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_de-de_fb24972d6ed45160\services.msc
< MD5 for: SERVICES.PTXML >
[2009.07.13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009.07.13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.RDB >
[2012.08.13 10:51:02 | 000,178,348 | ---- | M] () MD5=039C8CFBD74EE07F38CD9E4C7D95C5C6 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
[2012.08.13 10:51:02 | 000,000,453 | ---- | M] () MD5=3D2ADA15FEF5B5FF468243161543D610 -- C:\Program Files\OpenOffice.org 3\program\services.rdb
[2012.08.10 15:12:16 | 000,008,060 | ---- | M] () MD5=7CA7D7150EC46321162F932ADCF5F35B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
< MD5 for: SERVICES.SBS >
[2011.03.01 00:00:00 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Includes\Services.sbs
[2011.03.01 09:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Updates\Extracts\Services.sbs
[2008.06.02 14:25:44 | 000,063,501 | ---- | M] () MD5=A6D9C8B376ED8833763A935D56514AC0 -- C:\Program Files\SDistTest\includes\Services.sbs
< MD5 for: SERVICES.SBS-20110301.CAB >
[2013.05.30 01:56:26 | 000,041,248 | ---- | M] () MD5=149FF3413EED31253183D6E65E383138 -- C:\Program Files\Spybot - Search & Destroy 2\Updates\Downloads\Services.sbs-20110301.cab
< MD5 for: WINLOGON.ADML >
[2010.01.05 07:00:47 | 000,009,904 | ---- | M] () MD5=25AA9560CB997F785CDD845AD425D37D -- C:\Windows\PolicyDefinitions\de-DE\WinLogon.adml
[2010.01.05 07:00:47 | 000,009,904 | ---- | M] () MD5=25AA9560CB997F785CDD845AD425D37D -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ebe991b24f578375\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009.06.10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009.06.10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010.01.05 07:00:29 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6D27EDFB15F475065FC18EB7CFCDB683 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_de-de_21de11b5768bfbe6\winlogon.exe.mui
[2010.11.20 14:01:15 | 000,026,624 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\de-DE\winlogon.exe.mui
[2010.11.20 14:01:15 | 000,026,624 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_de-de_240f257d737a7f80\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2010.01.05 07:00:30 | 000,001,080 | ---- | M] () MD5=4AC5B532F44BAE30CBE41B7750954729 -- C:\Windows\System32\wbem\de-DE\winlogon.mfl
[2010.01.05 07:00:30 | 000,001,080 | ---- | M] () MD5=4AC5B532F44BAE30CBE41B7750954729 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_de-de_7fa0638091c4557b\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009.07.13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009.07.13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013.05.30 12:35:55 | 000,013,864 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2013.05.30 12:38:04 | 000,000,370 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2009.06.10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010.11.20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2009.07.21 08:20:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.07.02 03:00:40 | 000,045,060 | ---- | M] () -- C:\ComboFix.txt
[2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007.11.07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2013.05.06 18:13:26 | 000,000,136 | ---- | M] () -- C:\GPEapSim.log
[2013.07.02 02:33:11 | 2406,219,776 | -HS- | M] () -- C:\hiberfil.sys
[2007.11.07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2013.02.20 22:56:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002.01.05 04:48:16 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\mfc70.dll
[2002.01.05 04:36:38 | 000,964,608 | ---- | M] (Microsoft Corporation) -- C:\mfc70u.dll
[2012.09.12 21:11:16 | 000,006,594 | ---- | M] () -- C:\MPMSetup.log
[2013.02.20 22:56:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2002.01.05 03:40:20 | 000,487,424 | ---- | M] (Microsoft Corporation) -- C:\msvcp70.dll
[2002.01.05 03:37:28 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\msvcr70.dll
[2009.10.22 18:35:30 | 000,000,618 | ---- | M] () -- C:\NetworkCfg.xml
[2013.07.02 02:33:10 | 3208,294,400 | -HS- | M] () -- C:\pagefile.sys
[2011.09.08 11:53:15 | 000,000,207 | ---- | M] () -- C:\setup.log
[2012.12.30 19:54:55 | 000,000,024 | ---- | M] () -- C:\SISHashTodo
[2012.12.30 19:54:55 | 000,002,440 | ---- | M] () -- C:\SISTodo
[2013.07.01 22:45:52 | 000,174,712 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_01.07.2013_21.50.38_log.txt
[2007.11.07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007.11.07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007.11.07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2011.04.13 16:04:52 | 000,004,201 | ---- | M] () -- C:\WirelessDiagLog.csv
< %systemroot%\Fonts\*.com >
[2009.07.14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009.06.10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012.09.12 16:57:44 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2012.11.07 13:37:25 | 000,001,686 | -HS- | M] () -- C:\Users\HEF01\AppData\Roaming\Microsoft\LastFlashConfig.wfc
< %PROGRAMFILES%\*.* >
[2009.07.14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Datentr„ger in Laufwerk C: ist Windows7_OS
Volumeseriennummer: 16C0-7A55
Verzeichnis von C:\
14.07.2009 06:53 <VERBINDUNG> Documents and Settings [C:\Users]
28.10.2010 14:58 <VERBINDUNG> Dokumente und Einstellungen [C:\Users]
28.10.2010 14:58 <VERBINDUNG> Programme [C:\Program Files]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Program Files
28.10.2010 14:58 <VERBINDUNG> Gemeinsame Dateien [C:\Program Files\Common Files]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Program Files\Windows NT
28.10.2010 14:58 <VERBINDUNG> Zubeh”r [C:\Program Files\Windows NT\Accessories]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData
28.10.2010 14:58 <VERBINDUNG> Anwendungsdaten [C:\ProgramData]
14.07.2009 06:53 <VERBINDUNG> Application Data [C:\ProgramData]
14.07.2009 06:53 <VERBINDUNG> Desktop [C:\Users\Public\Desktop]
14.07.2009 06:53 <VERBINDUNG> Documents [C:\Users\Public\Documents]
28.10.2010 14:58 <VERBINDUNG> Dokumente [C:\Users\Public\Documents]
28.10.2010 14:58 <VERBINDUNG> Favoriten [C:\Users\Public\Favorites]
14.07.2009 06:53 <VERBINDUNG> Favorites [C:\Users\Public\Favorites]
14.07.2009 06:53 <VERBINDUNG> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
28.10.2010 14:58 <VERBINDUNG> Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009 06:53 <VERBINDUNG> Templates [C:\ProgramData\Microsoft\Windows\Templates]
28.10.2010 14:58 <VERBINDUNG> Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData\Microsoft\Windows\Start Menu
28.10.2010 14:58 <VERBINDUNG> Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPG-Fibu
28.02.2013 13:11 <VERBINDUNG> SPG-Fibu Anleitungen [\??\c:\spg\spg-fibu\doku]
0 Datei(en), 0 Bytes
Verzeichnis von C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPG-Verein
16.06.2012 11:37 <VERBINDUNG> SPG-Verein Anleitungen [\??\C:\Users\HEF01\Documents\BVSG\doku]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users
14.07.2009 06:53 <SYMLINKD> All Users [C:\ProgramData]
14.07.2009 06:53 <VERBINDUNG> Default User [C:\Users\Default]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users
28.10.2010 14:58 <VERBINDUNG> Anwendungsdaten [C:\ProgramData]
14.07.2009 06:53 <VERBINDUNG> Application Data [C:\ProgramData]
14.07.2009 06:53 <VERBINDUNG> Desktop [C:\Users\Public\Desktop]
14.07.2009 06:53 <VERBINDUNG> Documents [C:\Users\Public\Documents]
28.10.2010 14:58 <VERBINDUNG> Dokumente [C:\Users\Public\Documents]
28.10.2010 14:58 <VERBINDUNG> Favoriten [C:\Users\Public\Favorites]
14.07.2009 06:53 <VERBINDUNG> Favorites [C:\Users\Public\Favorites]
14.07.2009 06:53 <VERBINDUNG> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
28.10.2010 14:58 <VERBINDUNG> Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009 06:53 <VERBINDUNG> Templates [C:\ProgramData\Microsoft\Windows\Templates]
28.10.2010 14:58 <VERBINDUNG> Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users\Microsoft\Windows\Start Menu
28.10.2010 14:58 <VERBINDUNG> Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SPG-Fibu
28.02.2013 13:11 <VERBINDUNG> SPG-Fibu Anleitungen [\??\c:\spg\spg-fibu\doku]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SPG-Verein
16.06.2012 11:37 <VERBINDUNG> SPG-Verein Anleitungen [\??\C:\Users\HEF01\Documents\BVSG\doku]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default
28.10.2010 14:58 <VERBINDUNG> Anwendungsdaten [C:\Users\Default\AppData\Roaming]
14.07.2009 06:53 <VERBINDUNG> Application Data [C:\Users\Default\AppData\Roaming]
28.10.2010 14:58 <VERBINDUNG> Druckumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
28.10.2010 14:58 <VERBINDUNG> Eigene Dateien [C:\Users\Default\Documents]
14.07.2009 06:53 <VERBINDUNG> Local Settings [C:\Users\Default\AppData\Local]
28.10.2010 14:58 <VERBINDUNG> Lokale Einstellungen [C:\Users\Default\AppData\Local]
14.07.2009 06:53 <VERBINDUNG> My Documents [C:\Users\Default\Documents]
14.07.2009 06:53 <VERBINDUNG> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
28.10.2010 14:58 <VERBINDUNG> Netzwerkumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14.07.2009 06:53 <VERBINDUNG> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14.07.2009 06:53 <VERBINDUNG> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14.07.2009 06:53 <VERBINDUNG> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14.07.2009 06:53 <VERBINDUNG> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
28.10.2010 14:58 <VERBINDUNG> Startmen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14.07.2009 06:53 <VERBINDUNG> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
28.10.2010 14:58 <VERBINDUNG> Vorlagen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\AppData\Local
28.10.2010 14:58 <VERBINDUNG> Anwendungsdaten [C:\Users\Default\AppData\Local]
14.07.2009 06:53 <VERBINDUNG> Application Data [C:\Users\Default\AppData\Local]
14.07.2009 06:53 <VERBINDUNG> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14.07.2009 06:53 <VERBINDUNG> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
28.10.2010 14:58 <VERBINDUNG> Verlauf [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
28.10.2010 14:58 <VERBINDUNG> Programme [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Default\Documents
28.10.2010 14:58 <VERBINDUNG> Eigene Bilder [C:\Users\Default\Pictures]
28.10.2010 14:58 <VERBINDUNG> Eigene Musik [C:\Users\Default\Music]
28.10.2010 14:58 <VERBINDUNG> Eigene Videos [C:\Users\Default\Videos]
14.07.2009 06:53 <VERBINDUNG> My Music [C:\Users\Default\Music]
14.07.2009 06:53 <VERBINDUNG> My Pictures [C:\Users\Default\Pictures]
14.07.2009 06:53 <VERBINDUNG> My Videos [C:\Users\Default\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\HEF01
07.04.2011 17:04 <VERBINDUNG> Anwendungsdaten [C:\Users\HEF01\AppData\Roaming]
07.04.2011 17:04 <VERBINDUNG> Cookies [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Cookies]
07.04.2011 17:04 <VERBINDUNG> Druckumgebung [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07.04.2011 17:04 <VERBINDUNG> Eigene Dateien [C:\Users\HEF01\Documents]
07.04.2011 17:04 <VERBINDUNG> Lokale Einstellungen [C:\Users\HEF01\AppData\Local]
07.04.2011 17:04 <VERBINDUNG> Netzwerkumgebung [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07.04.2011 17:04 <VERBINDUNG> Recent [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Recent]
07.04.2011 17:04 <VERBINDUNG> SendTo [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\SendTo]
07.04.2011 17:04 <VERBINDUNG> Startmen [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Start Menu]
07.04.2011 17:04 <VERBINDUNG> Vorlagen [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Templates]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\HEF01\AppData\Local
07.04.2011 17:04 <VERBINDUNG> Anwendungsdaten [C:\Users\HEF01\AppData\Local]
07.04.2011 17:04 <VERBINDUNG> Temporary Internet Files [C:\Users\HEF01\AppData\Local\Microsoft\Windows\Temporary Internet Files]
07.04.2011 17:04 <VERBINDUNG> Verlauf [C:\Users\HEF01\AppData\Local\Microsoft\Windows\History]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Start Menu
07.04.2011 17:04 <VERBINDUNG> Programme [C:\Users\HEF01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\HEF01\Documents
07.04.2011 17:04 <VERBINDUNG> Eigene Bilder [C:\Users\HEF01\Pictures]
07.04.2011 17:04 <VERBINDUNG> Eigene Musik [C:\Users\HEF01\Music]
07.04.2011 17:04 <VERBINDUNG> Eigene Videos [C:\Users\HEF01\Videos]
0 Datei(en), 0 Bytes
Verzeichnis von C:\Users\Public\Documents
28.10.2010 14:58 <VERBINDUNG> Eigene Bilder [C:\Users\Public\Pictures]
28.10.2010 14:58 <VERBINDUNG> Eigene Musik [C:\Users\Public\Music]
28.10.2010 14:58 <VERBINDUNG> Eigene Videos [C:\Users\Public\Videos]
14.07.2009 06:53 <VERBINDUNG> My Music [C:\Users\Public\Music]
14.07.2009 06:53 <VERBINDUNG> My Pictures [C:\Users\Public\Pictures]
14.07.2009 06:53 <VERBINDUNG> My Videos [C:\Users\Public\Videos]
0 Datei(en), 0 Bytes
Anzahl der angezeigten Dateien:
0 Datei(en), 0 Bytes
86 Verzeichnis(se), 443.905.892.352 Bytes frei
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011.04.09 23:42:25 | 000,000,221 | -HS- | M] () -- C:\Users\HEF01\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2013.05.30 13:51:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HEF01\Desktop\OTL.exe
[2013.02.12 18:14:45 | 001,239,976 | ---- | M] (Microsoft Corporation) -- C:\Users\HEF01\Desktop\wlsetup-web.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
[2011.12.19 03:04:46 | 000,000,698 | ---- | M] () -- C:\Windows\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-07-02 09:06:52
< End of report >