kein Wlan/Fehlermeldungen

[sylvia99]

Hallo,
ich habe hier gerade den Laptop meiner Freundin, der spinnt seit ein paar tagen.
Eine Wlan Verbindung kann nicht mehr aufgebaut werden.
Die letzten tage wurden Vista updates installiert (und wieder rückgängig gemacht)

die Ereignisanzeige gibt immerwieder folgenden fehler aus:
Der Dienst "Extensible Authentication-Protokoll" wurde mit folgendem Fehler beendet:
Extensible Authentication-Protokoll ist keine zulässige Win32-Anwendung.

Fehlermeldung 193

hier das 1. Log

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:05:31, on 02.06.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\ESB.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ESB] C:\Windows\system32\ESB.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WISO Urteilsmonitor.lnk = ?
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix: 
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

--
End of file - 6460 bytes

die weiteren logs folgen gleich

[sylvia99]

Code:

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.0.6001]
 
 
C:

  02.06.2008 17:10     C:\Windows --------- 32768   
  02.06.2008 17:05     C:\Program Files --------- 12288   
  02.06.2008 16:25     C:\System Volume Information --------- 32768   
       C:\hiberfil.sys ---------    
       C:\pagefile.sys ---------    
  01.06.2008 22:54     C:\found.001 --------- 0   
  17.05.2008 18:08     C:\ProgramData --------- 8192   
  26.04.2008 01:00     C:\Boot --------- 4096   
  26.04.2008 00:48     C:\PerfLogs --------- 0   
  14.04.2008 18:18     C:\skin --------- 0   
  19.01.2008 09:45     C:\bootmgr --------- 333203   
  15.05.2007 16:32     C:\found.000 --------- 0   
  19.04.2007 14:15     C:\$RECYCLE.BIN --------- 0   
  19.04.2007 14:14     C:\Users --------- 4096   
  19.04.2007 09:38     C:\Programme --------- 0   
  19.04.2007 09:38     C:\Dokumente und Einstellungen --------- 0   
  02.11.2006 14:59     C:\Documents and Settings --------- 0   
  18.09.2006 23:43     C:\config.sys --------- 10   
  18.09.2006 23:43     C:\autoexec.bat --------- 24   
----------------------------------------

 
C:\Windows

  02.06.2008 16:28     C:\Windows\WindowsUpdate.log --------- 1132270   
  02.06.2008 16:20     C:\Windows\bootstat.dat --------- 67584   
  02.06.2008 16:01     C:\Windows\setupact.log --------- 1263   
  02.06.2008 16:00     C:\Windows\setuperr.log --------- 0   
  17.05.2008 18:11     C:\Windows\hpiins06.dat --------- 147863   
  17.05.2008 18:07     C:\Windows\DPINST.LOG --------- 19196   
  28.04.2008 23:04     C:\Windows\PFRO.log --------- 26994   
  26.04.2008 01:00     C:\Windows\WindowsShell.Manifest --------- 749   
  26.04.2008 00:58     C:\Windows\DtcInstall.log --------- 7712   
  24.04.2008 20:43     C:\Windows\ntbtlog.txt --------- 120466   
  24.04.2008 20:39     C:\Windows\msxml4-KB941833-enu.LOG --------- 261288   
  23.04.2008 16:23     C:\Windows\msxml4-KB936181-enu.LOG --------- 261288   
  22.01.2008 10:14     C:\Windows\UNNeroMediaHome.exe --------- 972072   
  19.01.2008 09:33     C:\Windows\regedit.exe --------- 134656   
  19.01.2008 09:33     C:\Windows\notepad.exe --------- 151040   
  19.01.2008 09:33     C:\Windows\HelpPane.exe --------- 498176   
  19.01.2008 09:33     C:\Windows\fveupdate.exe --------- 13312   
  19.01.2008 09:33     C:\Windows\explorer.exe --------- 2927104   
  19.01.2008 09:33     C:\Windows\bfsvc.exe --------- 58880   
  07.11.2007 10:04     C:\Windows\MEMORY.DMP --------- 108821082   
  26.10.2007 13:11     C:\Windows\wiso.ini --------- 668   
  26.10.2007 13:09     C:\Windows\BUHL.INI --------- 244   
  27.08.2007 18:31     C:\Windows\QTFont.for --------- 1409   
  27.08.2007 18:31     C:\Windows\QTFont.qfn --------- 54156   
  03.08.2007 14:04     C:\Windows\UNRecode.exe --------- 972072   
  03.08.2007 13:58     C:\Windows\UNNeroVision.exe --------- 972072   
  18.07.2007 20:50     C:\Windows\hpoins07.dat --------- 116249   
  28.05.2007 14:28     C:\Windows\SHISETUP.SYS --------- 41   
  19.04.2007 20:16     C:\Windows\comsetup.log --------- 1244   
  19.04.2007 08:22     C:\Windows\TSSysprep.log --------- 10221   
  30.03.2007 07:55     C:\Windows\hpimdl06.dat --------- 0   
  20.03.2007 20:22     C:\Windows\UNNeroBackItUp.exe --------- 972336   
  28.02.2007 15:41     C:\Windows\UNNeroShowTime.exe --------- 972336   
  27.02.2007 19:36     C:\Windows\WMSysPr8.prx --------- 156910   
  06.02.2007 02:05     C:\Windows\AviSplitter.INI --------- 38   
  29.12.2006 12:03     C:\Windows\DirectX.log --------- 27471   
  29.12.2006 11:48     C:\Windows\s3iscfg.log --------- 6527   
  29.12.2006 11:38     C:\Windows\DIFxAPI.dll --------- 319984   
  20.11.2006 15:13     C:\Windows\RtHDVCpl.exe --------- 4018176   
  13.11.2006 14:07     C:\Windows\RtlUpd.exe --------- 1183744   
  02.11.2006 15:01     C:\Windows\win.ini --------- 144   
  02.11.2006 14:45     C:\Windows\SETUPAPI.LOG --------- 94   
  02.11.2006 14:34     C:\Windows\WMSysPr9.prx --------- 316640   
  02.11.2006 14:33     C:\Windows\twunk_16.exe --------- 49680   
  02.11.2006 14:33     C:\Windows\twain_32.dll --------- 50688   
  02.11.2006 14:33     C:\Windows\twunk_32.exe --------- 31232   
  02.11.2006 14:33     C:\Windows\twain.dll --------- 94784   
  02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
  02.11.2006 11:45     C:\Windows\hh.exe --------- 14848   
  02.11.2006 09:46     C:\Windows\mib.bin --------- 43131   
  19.09.2006 13:41     C:\Windows\HomeBasic.xml --------- 8286   
  18.09.2006 23:46     C:\Windows\system.ini --------- 219   
  18.09.2006 23:43     C:\Windows\_default.pif --------- 707   
  18.09.2006 23:43     C:\Windows\winhelp.exe --------- 256192   
  18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
  12.09.2006 15:34     C:\Windows\RtlExUpd.dll --------- 499712   
  30.06.2006 16:48     C:\Windows\corelpf.lrs --------- 30008   
  15.09.2005 13:35     C:\Windows\UNNeroMediaHome.cfg --------- 50   
  30.08.2005 20:37     C:\Windows\UNNeroVision.cfg --------- 50   
  30.08.2005 20:37     C:\Windows\UNNeroShowTime.cfg --------- 50   
  30.08.2005 20:36     C:\Windows\UNRecode.cfg --------- 50   
  30.08.2005 20:33     C:\Windows\UNNeroBackItUp.cfg --------- 50   
  24.05.2005 10:50     C:\Windows\hpomdl07.dat --------- 21124   
  17.11.1998 14:44     C:\Windows\IsUn0407.exe --------- 328704   
  29.10.1998 16:45     C:\Windows\IsUninst.exe --------- 306688   
----------------------------------------

 
C:\Windows\System

 02.11.2006 14:33      C:\Windows\System\mciseq.drv --------- 25264 
 02.11.2006 14:33      C:\Windows\System\mciwave.drv --------- 28160 
 02.11.2006 14:33      C:\Windows\System\avifile.dll --------- 109456 
 02.11.2006 14:33      C:\Windows\System\mciavi.drv --------- 73376 
 02.11.2006 14:33      C:\Windows\System\avicap.dll --------- 69584 
 02.11.2006 14:33      C:\Windows\System\msvideo.dll --------- 126912 
 02.11.2006 09:10      C:\Windows\System\OLESVR.DLL --------- 24064 
 02.11.2006 09:10      C:\Windows\System\WFWNET.DRV --------- 12704 
 02.11.2006 09:10      C:\Windows\System\COMMDLG.DLL --------- 32816 
 02.11.2006 09:10      C:\Windows\System\TIMER.DRV --------- 4048 
 02.11.2006 09:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
 02.11.2006 09:10      C:\Windows\System\mmtask.tsk --------- 1152 
 02.11.2006 09:10      C:\Windows\System\mouse.drv --------- 2032 
 02.11.2006 09:10      C:\Windows\System\vga.drv --------- 2176 
 02.11.2006 09:10      C:\Windows\System\sound.drv --------- 1744 
 02.11.2006 09:10      C:\Windows\System\keyboard.drv --------- 2000 
 02.11.2006 09:10      C:\Windows\System\SHELL.DLL --------- 5120 
 02.11.2006 09:10      C:\Windows\System\system.drv --------- 3360 
 18.09.2006 23:43      C:\Windows\System\ver.dll --------- 9008 
 18.09.2006 23:43      C:\Windows\System\olecli.dll --------- 82944 
 18.09.2006 23:43      C:\Windows\System\lzexpand.dll --------- 9936 
 18.09.2006 23:35      C:\Windows\System\stdole.tlb --------- 5532 
----------------------------------------

 
C:\Windows\System32

 02.06.2008 17:11     C:\Windows\system32\config --------- 12288  
 02.06.2008 17:10     C:\Windows\system32\spool --------- 4096  
 02.06.2008 17:10     C:\Windows\system32\Msdtc --------- 4096  
 02.06.2008 17:10     C:\Windows\system32\catroot2 --------- 12288  
 02.06.2008 17:10     C:\Windows\system32\wbem --------- 61440  
 02.06.2008 16:46     C:\Windows\system32\Kaspersky Lab --------- 0  
 02.06.2008 16:32     C:\Windows\system32\Tasks --------- 0  
 02.06.2008 16:27     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3552  
 02.06.2008 16:27     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3552  
 02.06.2008 16:27     C:\Windows\system32\perfh009.dat --------- 307842  
 02.06.2008 16:27     C:\Windows\system32\perfc009.dat --------- 38502  
 02.06.2008 16:27     C:\Windows\system32\perfh007.dat --------- 185564  
 02.06.2008 16:27     C:\Windows\system32\perfc007.dat --------- 51520  
 02.06.2008 16:27     C:\Windows\system32\PerfStringBackup.INI --------- 563826  
 02.06.2008 14:43     C:\Windows\system32\LogFiles --------- 0  
 28.05.2008 10:33     C:\Windows\system32\catroot --------- 0  
 25.05.2008 20:57     C:\Windows\system32\KGyGaAvL.sys --------- 952  
 17.05.2008 18:21     C:\Windows\system32\TEST.log --------- 44875  
 17.05.2008 18:21     C:\Windows\system32\SENT.log --------- 3239  
 17.05.2008 18:20     C:\Windows\system32\RECV.log --------- 7334  
 17.05.2008 18:14     C:\Windows\system32\drivers --------- 61440  
 09.05.2008 23:35     C:\Windows\system32\mrt.exe --------- 16863864  
 26.04.2008 00:54     C:\Windows\system32\FNTCACHE.DAT --------- 254920  
 26.04.2008 00:49     C:\Windows\system32\com --------- 0  
 26.04.2008 00:49     C:\Windows\system32\XPSViewer --------- 0  
 26.04.2008 00:49     C:\Windows\system32\da-DK --------- 0  
 26.04.2008 00:49     C:\Windows\system32\ko-KR --------- 0  
 26.04.2008 00:49     C:\Windows\system32\en-US --------- 4096  
 26.04.2008 00:49     C:\Windows\system32\de-DE --------- 258048  
 26.04.2008 00:49     C:\Windows\system32\it-IT --------- 0  
 26.04.2008 00:49     C:\Windows\system32\el-GR --------- 0  
 26.04.2008 00:49     C:\Windows\system32\oobe --------- 0  
 26.04.2008 00:49     C:\Windows\system32\sysprep --------- 0  
 26.04.2008 00:49     C:\Windows\system32\migration --------- 0  
 26.04.2008 00:49     C:\Windows\system32\AdvancedInstallers --------- 4096  
 26.04.2008 00:49     C:\Windows\system32\ru-RU --------- 0  
 26.04.2008 00:49     C:\Windows\system32\ias --------- 0  
 26.04.2008 00:49     C:\Windows\system32\fr-FR --------- 0  
 26.04.2008 00:49     C:\Windows\system32\sv-SE --------- 0  
 26.04.2008 00:49     C:\Windows\system32\he-IL --------- 0  
 26.04.2008 00:49     C:\Windows\system32\setup --------- 0  
 26.04.2008 00:49     C:\Windows\system32\fi-FI --------- 0  
 26.04.2008 00:49     C:\Windows\system32\cs-CZ --------- 0  
 26.04.2008 00:49     C:\Windows\system32\hu-HU --------- 0  
 26.04.2008 00:49     C:\Windows\system32\pt-PT --------- 0  
 26.04.2008 00:49     C:\Windows\system32\SLUI --------- 0  
 26.04.2008 00:49     C:\Windows\system32\zh-CN --------- 0  
 26.04.2008 00:49     C:\Windows\system32\manifeststore --------- 0  
 26.04.2008 00:49     C:\Windows\system32\es-ES --------- 0  
 26.04.2008 00:49     C:\Windows\system32\zh-TW --------- 0  
 26.04.2008 00:49     C:\Windows\system32\pl-PL --------- 0  
 26.04.2008 00:49     C:\Windows\system32\ja-JP --------- 0  
 26.04.2008 00:49     C:\Windows\system32\ro-RO --------- 0  
 26.04.2008 00:49     C:\Windows\system32\tr-TR --------- 0  
 26.04.2008 00:49     C:\Windows\system32\nb-NO --------- 0  
 26.04.2008 00:49     C:\Windows\system32\nl-NL --------- 0  
 26.04.2008 00:49     C:\Windows\system32\ar-SA --------- 0  
 26.04.2008 00:49     C:\Windows\system32\migwiz --------- 4096  
 26.04.2008 00:49     C:\Windows\system32\pt-BR --------- 0  
 26.04.2008 00:48     C:\Windows\system32\Boot --------- 0  
 25.04.2008 23:55     C:\Windows\system32\ifxcardm.dll --------- 101888  
 25.04.2008 23:55     C:\Windows\system32\axaltocm.dll --------- 82432  
 25.04.2008 20:19     C:\Windows\system32\jupdate-1.6.0_05-b13.log --------- 6591  
 29.02.2008 09:14     C:\Windows\system32\kd1394.dll --------- 19000  
 29.02.2008 09:11     C:\Windows\system32\winresume.exe --------- 927288  
 29.02.2008 09:11     C:\Windows\system32\winload.exe --------- 988216  
 29.02.2008 08:53     C:\Windows\system32\srcore.dll --------- 378368  
 29.02.2008 08:53     C:\Windows\system32\srclient.dll --------- 40960  
 29.02.2008 08:53     C:\Windows\system32\setbcdlocale.dll --------- 46592  
 29.02.2008 08:35     C:\Windows\system32\kbd106n.dll --------- 6656  
 29.02.2008 06:21     C:\Windows\system32\win32k.sys --------- 2032128  
 29.02.2008 06:12     C:\Windows\system32\rstrui.exe --------- 318464  
 29.02.2008 06:12     C:\Windows\system32\srdelayed.exe --------- 14848  
 22.02.2008 07:05     C:\Windows\system32\ci.dll --------- 615992  
 22.02.2008 07:01     C:\Windows\system32\wininet.dll --------- 826880  
 22.02.2008 07:01     C:\Windows\system32\urlmon.dll --------- 1166336  
 22.02.2008 06:59     C:\Windows\system32\mstime.dll --------- 671232  
 22.02.2008 06:59     C:\Windows\system32\mshtml.dll --------- 3578368  
 22.02.2008 06:58     C:\Windows\system32\jsproxy.dll --------- 28160  
 22.02.2008 06:57     C:\Windows\system32\gdi32.dll --------- 295936  
 22.02.2008 04:50     C:\Windows\system32\mshtml.tlb --------- 1383424  
 22.02.2008 02:33     C:\Windows\system32\javaws.exe --------- 139264  
 22.02.2008 01:23     C:\Windows\system32\javaw.exe --------- 135168  
 22.02.2008 01:23     C:\Windows\system32\java.exe --------- 135168  
 19.01.2008 09:43     C:\Windows\system32\ntkrnlpa.exe --------- 3600440  
 19.01.2008 09:43     C:\Windows\system32\ntoskrnl.exe --------- 3548728  
 19.01.2008 09:43     C:\Windows\system32\mcupdate_GenuineIntel.dll --------- 376376  
 19.01.2008 09:42     C:\Windows\system32\clfs.sys --------- 247352  
 19.01.2008 09:42     C:\Windows\system32\MigAutoPlay.exe --------- 94776  
 19.01.2008 09:42     C:\Windows\system32\hal.dll --------- 177208  
 19.01.2008 09:42     C:\Windows\system32\halmacpi.dll --------- 177208  
 19.01.2008 09:42     C:\Windows\system32\PSHED.DLL --------- 51768  
 19.01.2008 09:42     C:\Windows\system32\halacpi.dll --------- 141880  
 19.01.2008 09:41     C:\Windows\system32\BOOTVID.DLL --------- 24120  
 19.01.2008 09:41     C:\Windows\system32\kdusb.dll --------- 21560  
 19.01.2008 09:41     C:\Windows\system32\kdcom.dll --------- 19512  
 19.01.2008 09:38     C:\Windows\system32\NAPHLPR.DLL --------- 103936  
 19.01.2008 09:38     C:\Windows\system32\NAPCRYPT.DLL --------- 46080  
 19.01.2008 09:38     C:\Windows\system32\ntdll.dll --------- 1203792  
 19.01.2008 09:38     C:\Windows\system32\AuthFWSnapin.dll --------- 4595712  
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 02.06.2008 17:15     C:\Windows\Tasks\User_Feed_Synchronization-{1810E4F2-D75D-4D10-98FA-CC7334BE11AC}.job --------- 416  
 02.06.2008 16:20     C:\Windows\Tasks\SA.DAT --------- 6  
 16.05.2008 14:27     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32606  
----------------------------------------

 
C:\Windows\Temp

----------------------------------------

 
C:\Users\Marc\AppData\Local\Temp

 02.06.2008 17:25     C:\Users\Marc\AppData\Local\Temp\Low --------- 20480  
 02.06.2008 16:35     C:\Users\Marc\AppData\Local\Temp\Marc.bmp --------- 31832  
 02.06.2008 16:33     C:\Users\Marc\AppData\Local\Temp\tmpAF93.vbs --------- 208  
 02.06.2008 16:33     C:\Users\Marc\AppData\Local\Temp\tmpAF72.url --------- 398  
 02.06.2008 16:33     C:\Users\Marc\AppData\Local\Temp\tmpAF93.tmp --------- 0  
 02.06.2008 16:33     C:\Users\Marc\AppData\Local\Temp\tmpAF72.tmp --------- 0  
 02.06.2008 16:32     C:\Users\Marc\AppData\Local\Temp\tmp6AC4.vbs --------- 208  
 02.06.2008 16:32     C:\Users\Marc\AppData\Local\Temp\tmp6AC3.url --------- 398  
 02.06.2008 16:32     C:\Users\Marc\AppData\Local\Temp\tmp6AC4.tmp --------- 0  
 02.06.2008 16:32     C:\Users\Marc\AppData\Local\Temp\tmp6AC3.tmp --------- 0  
 02.06.2008 16:26     C:\Users\Marc\AppData\Local\Temp\jusched.log --------- 13051  
 02.06.2008 16:21     C:\Users\Marc\AppData\Local\Temp\MARB00C.tmp --------- 1285  
 02.06.2008 16:21     C:\Users\Marc\AppData\Local\Temp\WPDNSE --------- 0  
 02.06.2008 15:37     C:\Users\Marc\AppData\Local\Temp\tmp1D01.tmp --------- 0  
 02.06.2008 15:33     C:\Users\Marc\AppData\Local\Temp\MAR83BF.tmp --------- 1285  
 02.06.2008 14:44     C:\Users\Marc\AppData\Local\Temp\MAR2BE.tmp --------- 1285  
 02.06.2008 14:41     C:\Users\Marc\AppData\Local\Temp\{f06d87ba-eee0-4249-9893-d261a5748795} --------- 0  
 02.06.2008 13:39     C:\Users\Marc\AppData\Local\Temp\{264f782a-7d18-44d0-88d7-31dc09370f19} --------- 0  
 02.06.2008 13:00     C:\Users\Marc\AppData\Local\Temp\tmpEBE4.tmp --------- 0  
 02.06.2008 12:31     C:\Users\Marc\AppData\Local\Temp\MAR3E08.tmp --------- 1285  
 02.06.2008 09:04     C:\Users\Marc\AppData\Local\Temp\mwsqm03.sqm --------- 188  
 02.06.2008 09:02     C:\Users\Marc\AppData\Local\Temp\MARB6AC.tmp --------- 1285  
 02.06.2008 00:23     C:\Users\Marc\AppData\Local\Temp\IM --------- 0  
 02.06.2008 00:07     C:\Users\Marc\AppData\Local\Temp\MARA4F6.tmp --------- 1285  
 01.06.2008 22:59     C:\Users\Marc\AppData\Local\Temp\MAR3F8E.tmp --------- 1285  
 01.06.2008 17:14     C:\Users\Marc\AppData\Local\Temp\PCULog0.txt --------- 279689  
 01.06.2008 16:27     C:\Users\Marc\AppData\Local\Temp\MAR4B05.tmp --------- 1285  
 31.05.2008 20:14     C:\Users\Marc\AppData\Local\Temp\MAR94A0.tmp --------- 1285  
 31.05.2008 18:46     C:\Users\Marc\AppData\Local\Temp\MARDBFC.tmp --------- 1285  
 31.05.2008 15:34     C:\Users\Marc\AppData\Local\Temp\trk5DE1.tmp --------- 0  
 31.05.2008 15:13     C:\Users\Marc\AppData\Local\Temp\WMT33D4.tmp --------- 0  
 31.05.2008 15:13     C:\Users\Marc\AppData\Local\Temp\trk525.tmp --------- 0  
 31.05.2008 15:12     C:\Users\Marc\AppData\Local\Temp\trkFA3C.tmp --------- 0  
 31.05.2008 15:10     C:\Users\Marc\AppData\Local\Temp\wmsetup.log --------- 15179  
 31.05.2008 14:57     C:\Users\Marc\AppData\Local\Temp\wmplog00.sqm --------- 1754  
 31.05.2008 14:44     C:\Users\Marc\AppData\Local\Temp\Nero Web --------- 0  
 31.05.2008 14:35     C:\Users\Marc\AppData\Local\Temp\TWAIN.LOG --------- 1029  
 31.05.2008 14:35     C:\Users\Marc\AppData\Local\Temp\Twunk001.MTX --------- 156  
 31.05.2008 14:35     C:\Users\Marc\AppData\Local\Temp\Twain001.Mtx --------- 3  
 31.05.2008 14:27     C:\Users\Marc\AppData\Local\Temp\trk349E.tmp --------- 0  
 31.05.2008 14:26     C:\Users\Marc\AppData\Local\Temp\trk86D0.tmp --------- 0  
 31.05.2008 13:09     C:\Users\Marc\AppData\Local\Temp\MARE9F0.tmp --------- 1285  
 31.05.2008 11:18     C:\Users\Marc\AppData\Local\Temp\Acr4F29.tmp --------- 2048000  
 31.05.2008 11:05     C:\Users\Marc\AppData\Local\Temp\MAR8371.tmp --------- 1285  
 30.05.2008 19:34     C:\Users\Marc\AppData\Local\Temp\MAR186F.tmp --------- 1285  
 30.05.2008 16:48     C:\Users\Marc\AppData\Local\Temp\MAR24DE.tmp --------- 1285  
 28.05.2008 22:53     C:\Users\Marc\AppData\Local\Temp\MAR6A36.tmp --------- 1285  
 28.05.2008 17:43     C:\Users\Marc\AppData\Local\Temp\MFPL7014.DLL --------- 917504  
 26.05.2008 15:01     C:\Users\Marc\AppData\Local\Temp\MAR959A.tmp --------- 1285  
 25.05.2008 20:57     C:\Users\Marc\AppData\Local\Temp\PCULog3.txt --------- 1427  
 25.05.2008 18:58     C:\Users\Marc\AppData\Local\Temp\PCULog2.txt --------- 1427  
 20.05.2008 16:15     C:\Users\Marc\AppData\Local\Temp\MAREEE.tmp --------- 1285  
 19.05.2008 19:36     C:\Users\Marc\AppData\Local\Temp\MARF15F.tmp --------- 1285  
 19.05.2008 19:26     C:\Users\Marc\AppData\Local\Temp\WT18FCF.tmp --------- 4096  
 19.05.2008 19:26     C:\Users\Marc\AppData\Local\Temp\WT18FCE.tmp --------- 0  
 19.05.2008 19:26     C:\Users\Marc\AppData\Local\Temp\WT18FCD.tmp --------- 546  
 19.05.2008 19:26     C:\Users\Marc\AppData\Local\Temp\~DF6025.tmp --------- 512  
 19.05.2008 19:26     C:\Users\Marc\AppData\Local\Temp\~DF6019.tmp --------- 16384  
 18.05.2008 18:48     C:\Users\Marc\AppData\Local\Temp\MARE55E.tmp --------- 1285  
 18.05.2008 14:38     C:\Users\Marc\AppData\Local\Temp\MAR7879.tmp --------- 1285  
 18.05.2008 00:34     C:\Users\Marc\AppData\Local\Temp\MAREE92.tmp --------- 1285  
 17.05.2008 18:39     C:\Users\Marc\AppData\Local\Temp\MAR648C.tmp --------- 1285  
 17.05.2008 18:11     C:\Users\Marc\AppData\Local\Temp\MAR256B.tmp --------- 1285  
 17.05.2008 18:04     C:\Users\Marc\AppData\Local\Temp\7zSA3CD.tmp --------- 0  
 30.04.2008 12:28     C:\Users\Marc\AppData\Local\Temp\hpzset012.log --------- 4423  
 30.04.2008 12:28     C:\Users\Marc\AppData\Local\Temp\hpzrcv009.log --------- 1077  
 30.04.2008 12:28     C:\Users\Marc\AppData\Local\Temp\hpzopt011.log --------- 1697  
 30.04.2008 12:28     C:\Users\Marc\AppData\Local\Temp\hpzchk011.log --------- 8058  
 30.04.2008 12:27     C:\Users\Marc\AppData\Local\Temp\hpzgat011.log --------- 758  
 30.04.2008 12:27     C:\Users\Marc\AppData\Local\Temp\hpznop011.log --------- 702  
 30.04.2008 12:27     C:\Users\Marc\AppData\Local\Temp\hpzshl012.log --------- 807  
 30.04.2008 12:27     C:\Users\Marc\AppData\Local\Temp\hpzwup012.log --------- 2493  
 30.04.2008 12:26     C:\Users\Marc\AppData\Local\Temp\hpzrei012.log --------- 1390  
 30.04.2008 12:26     C:\Users\Marc\AppData\Local\Temp\hpzpsc012.log --------- 1094  
 30.04.2008 12:26     C:\Users\Marc\AppData\Local\Temp\hpzpnp023.log --------- 624  
 30.04.2008 12:26     C:\Users\Marc\AppData\Local\Temp\hpzpad001.htm --------- 13808  
 30.04.2008 12:26     C:\Users\Marc\AppData\Local\Temp\hpzpnp022.log --------- 620  
 27.04.2008 14:50     C:\Users\Marc\AppData\Local\Temp\Google Toolbar --------- 0  
 26.04.2008 13:40     C:\Users\Marc\AppData\Local\Temp\hpzset011.log --------- 4413  
 26.04.2008 13:40     C:\Users\Marc\AppData\Local\Temp\hpzrcv008.log --------- 1076  
 26.04.2008 13:40     C:\Users\Marc\AppData\Local\Temp\hpzopt010.log --------- 1694  
 26.04.2008 13:40     C:\Users\Marc\AppData\Local\Temp\hpzchk010.log --------- 8057  
 26.04.2008 13:39     C:\Users\Marc\AppData\Local\Temp\hpzgat010.log --------- 757  
 26.04.2008 13:39     C:\Users\Marc\AppData\Local\Temp\hpznop010.log --------- 701  
 26.04.2008 13:39     C:\Users\Marc\AppData\Local\Temp\hpzshl011.log --------- 1019  
 26.04.2008 13:39     C:\Users\Marc\AppData\Local\Temp\hpzwup011.log --------- 2492  
 26.04.2008 13:38     C:\Users\Marc\AppData\Local\Temp\hpzrei011.log --------- 1389  
 26.04.2008 13:38     C:\Users\Marc\AppData\Local\Temp\hpzpsc011.log --------- 1093  
 26.04.2008 13:38     C:\Users\Marc\AppData\Local\Temp\hpzpnp021.log --------- 623  
 26.04.2008 13:38     C:\Users\Marc\AppData\Local\Temp\hpzpnp020.log --------- 620  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzset010.log --------- 4422  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzrcv007.log --------- 1077  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzopt009.log --------- 1697  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzchk009.log --------- 8058  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzgat009.log --------- 758  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpznop009.log --------- 702  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzshl010.log --------- 807  
 25.04.2008 22:56     C:\Users\Marc\AppData\Local\Temp\hpzwup010.log --------- 2493  
 25.04.2008 22:55     C:\Users\Marc\AppData\Local\Temp\hpzrei010.log --------- 1390  
 25.04.2008 22:55     C:\Users\Marc\AppData\Local\Temp\hpzpsc010.log --------- 1094  
 25.04.2008 22:55     C:\Users\Marc\AppData\Local\Temp\hpzpnp019.log --------- 624  
 25.04.2008 22:55     C:\Users\Marc\AppData\Local\Temp\hpzpnp018.log --------- 620  
 25.04.2008 22:42     C:\Users\Marc\AppData\Local\Temp\hpzset009.log --------- 4431  
 25.04.2008 22:42     C:\Users\Marc\AppData\Local\Temp\hpzrcv006.log --------- 1078  
 25.04.2008 22:42     C:\Users\Marc\AppData\Local\Temp\hpzopt008.log --------- 1700  
 25.04.2008 22:42     C:\Users\Marc\AppData\Local\Temp\hpzchk008.log --------- 8059  
 25.04.2008 22:41     C:\Users\Marc\AppData\Local\Temp\hpzgat008.log --------- 759  
 25.04.2008 22:41     C:\Users\Marc\AppData\Local\Temp\hpznop008.log --------- 703  
 25.04.2008 22:41     C:\Users\Marc\AppData\Local\Temp\hpzshl009.log --------- 808  
 25.04.2008 22:41     C:\Users\Marc\AppData\Local\Temp\hpzwup009.log --------- 1822  
 25.04.2008 22:41     C:\Users\Marc\AppData\Local\Temp\hpzrei009.log --------- 1391  
 25.04.2008 22:40     C:\Users\Marc\AppData\Local\Temp\hpzpsc009.log --------- 1095  
 25.04.2008 22:40     C:\Users\Marc\AppData\Local\Temp\hpzpnp017.log --------- 625  
 25.04.2008 22:40     C:\Users\Marc\AppData\Local\Temp\hpzpnp016.log --------- 620  
 25.04.2008 22:40     C:\Users\Marc\AppData\Local\Temp\{1ca41d3c-840d-46c0-8cf4-699edfb97ea7} --------- 0  
 25.04.2008 22:38     C:\Users\Marc\AppData\Local\Temp\hpzset008.log --------- 4681  
 25.04.2008 22:38     C:\Users\Marc\AppData\Local\Temp\hpzopt007.log --------- 1697  
 25.04.2008 22:38     C:\Users\Marc\AppData\Local\Temp\hpzchk007.log --------- 8058  
 25.04.2008 22:36     C:\Users\Marc\AppData\Local\Temp\hpzgat007.log --------- 758  
 25.04.2008 22:36     C:\Users\Marc\AppData\Local\Temp\hpznop007.log --------- 702  
 25.04.2008 22:36     C:\Users\Marc\AppData\Local\Temp\hpzshl008.log --------- 807  
 25.04.2008 22:36     C:\Users\Marc\AppData\Local\Temp\hpzwup008.log --------- 2493  
 25.04.2008 22:35     C:\Users\Marc\AppData\Local\Temp\hpzrei008.log --------- 1390  
 25.04.2008 22:35     C:\Users\Marc\AppData\Local\Temp\hpzpsc008.log --------- 1094  
 25.04.2008 22:35     C:\Users\Marc\AppData\Local\Temp\hpzpnp015.log --------- 624  
 25.04.2008 22:35     C:\Users\Marc\AppData\Local\Temp\hpzpnp014.log --------- 620  
 25.04.2008 20:19     C:\Users\Marc\AppData\Local\Temp\hsperfdata_Marc --------- 0  
 25.04.2008 20:19     C:\Users\Marc\AppData\Local\Temp\java_install_reg.log --------- 9596  
 25.04.2008 20:17     C:\Users\Marc\AppData\Local\Temp\jinstall.cfg --------- 8242  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzset007.log --------- 4422  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzrcv005.log --------- 1077  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzopt006.log --------- 1697  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzchk006.log --------- 8058  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzgat006.log --------- 758  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpznop006.log --------- 702  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzshl007.log --------- 807  
 25.04.2008 18:06     C:\Users\Marc\AppData\Local\Temp\hpzwup007.log --------- 2493  
 25.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\hpzrei007.log --------- 1390  
 25.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\hpzpsc007.log --------- 1094  
 25.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\hpzpnp013.log --------- 624  
 25.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\hpzpnp012.log --------- 620  
 25.04.2008 17:24     C:\Users\Marc\AppData\Local\Temp\hpzset006.log --------- 4423  
 25.04.2008 17:24     C:\Users\Marc\AppData\Local\Temp\hpzrcv004.log --------- 1077  
 25.04.2008 17:24     C:\Users\Marc\AppData\Local\Temp\hpzopt005.log --------- 1697  
 25.04.2008 17:24     C:\Users\Marc\AppData\Local\Temp\hpzchk005.log --------- 8058  
 25.04.2008 17:23     C:\Users\Marc\AppData\Local\Temp\hpzgat005.log --------- 758  
 25.04.2008 17:23     C:\Users\Marc\AppData\Local\Temp\hpznop005.log --------- 702  
 25.04.2008 17:23     C:\Users\Marc\AppData\Local\Temp\hpzshl006.log --------- 807  
 25.04.2008 17:23     C:\Users\Marc\AppData\Local\Temp\hpzwup006.log --------- 2696  
 25.04.2008 17:21     C:\Users\Marc\AppData\Local\Temp\hpzrei006.log --------- 1390  
 25.04.2008 17:20     C:\Users\Marc\AppData\Local\Temp\hpzpsc006.log --------- 1094  
 25.04.2008 17:20     C:\Users\Marc\AppData\Local\Temp\hpzpnp011.log --------- 624  
 25.04.2008 17:20     C:\Users\Marc\AppData\Local\Temp\hpzpnp010.log --------- 620  
 25.04.2008 17:19     C:\Users\Marc\AppData\Local\Temp\hpzset005.log --------- 4423  
 25.04.2008 17:19     C:\Users\Marc\AppData\Local\Temp\hpzrcv003.log --------- 1077  
 25.04.2008 17:19     C:\Users\Marc\AppData\Local\Temp\hpzopt004.log --------- 1697  
 25.04.2008 17:19     C:\Users\Marc\AppData\Local\Temp\hpzchk004.log --------- 27348  
 25.04.2008 17:17     C:\Users\Marc\AppData\Local\Temp\hpzgat004.log --------- 758  
 25.04.2008 17:17     C:\Users\Marc\AppData\Local\Temp\hpznop004.log --------- 702  
 25.04.2008 17:17     C:\Users\Marc\AppData\Local\Temp\hpzshl005.log --------- 807  
 25.04.2008 17:17     C:\Users\Marc\AppData\Local\Temp\hpzwup005.log --------- 2493  
 25.04.2008 17:17     C:\Users\Marc\AppData\Local\Temp\hpzrei005.log --------- 1390  
 25.04.2008 17:16     C:\Users\Marc\AppData\Local\Temp\hpzpsc005.log --------- 1094  
 25.04.2008 17:16     C:\Users\Marc\AppData\Local\Temp\hpzpnp009.log --------- 624  
 25.04.2008 17:16     C:\Users\Marc\AppData\Local\Temp\hpzpnp008.log --------- 620  
 25.04.2008 17:11     C:\Users\Marc\AppData\Local\Temp\{c23ac8d3-1fdb-41fa-ac54-f7e6f5fe29be} --------- 0  
 25.04.2008 17:09     C:\Users\Marc\AppData\Local\Temp\hpzset004.log --------- 4422  
 25.04.2008 17:09     C:\Users\Marc\AppData\Local\Temp\hpzrcv002.log --------- 1077  
 25.04.2008 17:09     C:\Users\Marc\AppData\Local\Temp\hpzopt003.log --------- 1697  
 25.04.2008 17:09     C:\Users\Marc\AppData\Local\Temp\hpzchk003.log --------- 8058  
 25.04.2008 17:09     C:\Users\Marc\AppData\Local\Temp\hpzgat003.log --------- 758  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpznop003.log --------- 702  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzshl004.log --------- 807  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzwup004.log --------- 2493  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzrei004.log --------- 1390  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzpsc004.log --------- 1094  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzpnp007.log --------- 624  
 25.04.2008 17:08     C:\Users\Marc\AppData\Local\Temp\hpzpnp006.log --------- 620  
 25.04.2008 17:04     C:\Users\Marc\AppData\Local\Temp\{17ab68bc-c441-4f79-b03e-09dae7b42607} --------- 0  
 25.04.2008 17:04     C:\Users\Marc\AppData\Local\Temp\hpzset003.log --------- 4432  
 25.04.2008 17:04     C:\Users\Marc\AppData\Local\Temp\hpzrcv001.log --------- 1078  
 25.04.2008 17:03     C:\Users\Marc\AppData\Local\Temp\hpzopt002.log --------- 1700  
 25.04.2008 17:03     C:\Users\Marc\AppData\Local\Temp\hpzchk002.log --------- 8262  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzgat002.log --------- 759  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpznop002.log --------- 703  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzshl003.log --------- 808  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzwup003.log --------- 1822  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzrei003.log --------- 1391  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzpsc003.log --------- 1095  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzpnp005.log --------- 625  
 25.04.2008 17:01     C:\Users\Marc\AppData\Local\Temp\hpzpnp004.log --------- 620  
 25.04.2008 17:00     C:\Users\Marc\AppData\Local\Temp\{8dd48ff5-1441-46f6-8369-7fdb7729331e} --------- 0  
 25.04.2008 17:00     C:\Users\Marc\AppData\Local\Temp\hpzset002.log --------- 4691  
 25.04.2008 17:00     C:\Users\Marc\AppData\Local\Temp\hpzopt001.log --------- 1700  
 25.04.2008 17:00     C:\Users\Marc\AppData\Local\Temp\hpzchk001.log --------- 14895  
 25.04.2008 16:59     C:\Users\Marc\AppData\Local\Temp\hpzgat001.log --------- 759  
 25.04.2008 16:59     C:\Users\Marc\AppData\Local\Temp\hpznop001.log --------- 703  
 25.04.2008 16:59     C:\Users\Marc\AppData\Local\Temp\hpzshl002.log --------- 808  
 25.04.2008 16:59     C:\Users\Marc\AppData\Local\Temp\hpzwup002.log --------- 2494  
 25.04.2008 16:58     C:\Users\Marc\AppData\Local\Temp\hpzrei002.log --------- 1391  
 25.04.2008 16:58     C:\Users\Marc\AppData\Local\Temp\hpzpsc002.log --------- 1095  
 25.04.2008 16:58     C:\Users\Marc\AppData\Local\Temp\hpzpnp003.log --------- 625  
 25.04.2008 16:58     C:\Users\Marc\AppData\Local\Temp\hpzpnp002.log --------- 620  
 25.04.2008 16:57     C:\Users\Marc\AppData\Local\Temp\nps.tmp --------- 0  
 25.04.2008 16:52     C:\Users\Marc\AppData\Local\Temp\nero.tmp --------- 0  
 25.04.2008 16:44     C:\Users\Marc\AppData\Local\Temp\{bc30affb-a97d-4b98-91ed-67495fd001f7} --------- 0  
 25.04.2008 16:44     C:\Users\Marc\AppData\Local\Temp\hpzset001.log --------- 4681  
 25.04.2008 16:44     C:\Users\Marc\AppData\Local\Temp\hpzopt000.log --------- 1697  
 25.04.2008 16:44     C:\Users\Marc\AppData\Local\Temp\hpzchk000.log --------- 8261  
 25.04.2008 16:43     C:\Users\Marc\AppData\Local\Temp\hpzgat000.log --------- 758  
 25.04.2008 16:43     C:\Users\Marc\AppData\Local\Temp\hpznop000.log --------- 702  
 25.04.2008 16:43     C:\Users\Marc\AppData\Local\Temp\hpzshl001.log --------- 807  
 25.04.2008 16:42     C:\Users\Marc\AppData\Local\Temp\hpzwup001.log --------- 2493  
 25.04.2008 16:42     C:\Users\Marc\AppData\Local\Temp\hpzrei001.log --------- 1390  
 25.04.2008 16:42     C:\Users\Marc\AppData\Local\Temp\hpzpsc001.log --------- 1094  
 25.04.2008 16:42     C:\Users\Marc\AppData\Local\Temp\hpzpnp001.log --------- 624  
 25.04.2008 16:42     C:\Users\Marc\AppData\Local\Temp\hpzpnp000.log --------- 620  
 23.04.2008 00:21     C:\Users\Marc\AppData\Local\Temp\MMF78A.tmp --------- 416  
 22.04.2008 23:32     C:\Users\Marc\AppData\Local\Temp\SxsTemp --------- 0  
 22.04.2008 23:32     C:\Users\Marc\AppData\Local\Temp\nro.tmp --------- 0  
 22.04.2008 23:29     C:\Users\Marc\AppData\Local\Temp\NERO14688 --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6498.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6497.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6496.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6476.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6475.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6385.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6384.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6383.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6382.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int6381.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int631D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int631C.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int631B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int631A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int630A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int616E.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int616D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int616C.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int60FE.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int60CE.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5BD9.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5BD8.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5BD7.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5BA7.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5BA6.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5A87.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5A86.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5A85.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5A74.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5A73.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int561A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5619.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5618.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5607.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5606.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5583.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5573.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5572.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5532.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5512.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5432.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5431.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5420.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int5410.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int540F.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int52D1.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int52C0.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int52BF.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int52AE.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int52AD.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4F8C.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4F8B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4F8A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4F6A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4F69.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4E0B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4E0A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4E09.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4DBA.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4DAA.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4BA1.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4BA0.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4B9F.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4B8E.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4B8D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int488B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int488A.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4889.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4878.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4839.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4363.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4362.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4361.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4302.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int4301.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int40E9.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int40E8.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int40D7.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int40C6.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int40C5.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int324E.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int324D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int323D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int323C.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int323B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int31F6.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int31F5.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int31F4.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int31B5.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int31B4.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int3028.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int3027.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int3026.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int3015.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int3014.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2D41.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2D40.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2D3F.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2D2E.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2D2D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2644.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2643.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2642.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2632.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2631.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int24B4.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int24B3.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int24B2.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int24B1.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int24A1.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int22F5.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int22F4.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int22F3.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int22E3.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int22E2.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2194.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2193.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2192.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2153.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2152.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2014.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2013.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int2002.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1FF2.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1FF1.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1F7D.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1F7C.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1F7B.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1C01.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1C00.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int1160.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int115F.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\int114E.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\intBA2.tmp --------- 0  
 22.04.2008 23:28     C:\Users\Marc\AppData\Local\Temp\intBA1.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intFD0B.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intFD0A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intFD09.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intFC1E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intFC1D.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF2B4.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF2B3.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF2B2.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF292.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF291.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF163.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF162.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF161.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF076.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intF075.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intE2D8.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intE2D7.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intE2D6.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intE229.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intE228.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intDD81.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intDD80.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intDD7F.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intDCF1.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intDCF0.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intD665.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intD664.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intD663.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intD4FB.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intD4FA.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBCF2.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBCF1.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBCF0.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBC91.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBC90.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBB33.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBB32.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBB31.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBAE2.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intBAE1.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB917.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB916.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB915.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB904.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB8E4.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB362.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB361.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB360.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB34F.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB34E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB26E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB26D.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB25C.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB25B.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB25A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB1C8.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB1C7.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB1C6.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB196.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB195.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB141.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB140.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB130.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB12F.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB12E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB07C.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB07B.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB07A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB079.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB078.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB034.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB013.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB012.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB011.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intB001.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAF7E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAF7D.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAF6C.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAF6B.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAF6A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAE7A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAE79.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAE69.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAE58.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAE57.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAD86.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAD85.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAD84.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAD74.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAD54.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAC16.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAC15.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAC14.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAC13.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAC12.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAAC4.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAAC3.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAAC2.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAAC1.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intAAC0.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA9D0.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA9CF.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA9BE.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA9BD.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA9BC.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA8DC.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA8DB.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA8DA.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA8D9.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA8D8.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA865.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA864.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA863.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA843.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA842.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA7BF.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA7BE.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA7BD.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA7AC.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA7AB.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA738.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA737.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA726.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA716.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA715.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA663.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA662.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA661.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA651.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA640.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA550.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA54F.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA53E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA52E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA52D.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA49A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA499.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA498.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA497.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA496.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA3A6.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA3A5.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA3A4.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA394.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA393.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA310.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA30F.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA30E.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA2FD.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA2AE.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA23B.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA23A.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA239.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA238.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA228.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA1A5.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA1A4.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA1A3.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA1A2.tmp --------- 0  
 22.04.2008 23:27     C:\Users\Marc\AppData\Local\Temp\intA1A1.tmp --------- 0  
 22.04.2008 23:26     C:\Users\Marc\AppData\Local\Temp\nro.log --------- 0  
 22.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\~DFBBA.tmp --------- 512  
 22.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\~DFBB0.tmp --------- 16384  
 22.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\~DFABB.tmp --------- 512  
 22.04.2008 18:05     C:\Users\Marc\AppData\Local\Temp\~DFAB1.tmp --------- 311296  
 10.04.2008 14:50     C:\Users\Marc\AppData\Local\Temp\IncrediMail --------- 0  
 10.04.2008 14:49     C:\Users\Marc\AppData\Local\Temp\ImInstaller --------- 0  
 05.04.2008 18:22     C:\Users\Marc\AppData\Local\Temp\srv8A09.tmp --------- 0  
 21.03.2008 11:50     C:\Users\Marc\AppData\Local\Temp\ppcrlui_1612_2.ui --------- 0  
 19.03.2008 22:40     C:\Users\Marc\AppData\Local\Temp\WT13BAB.tmp --------- 4096  
 19.03.2008 22:40     C:\Users\Marc\AppData\Local\Temp\WT13BAA.tmp --------- 0  
 19.03.2008 22:40     C:\Users\Marc\AppData\Local\Temp\WT13BA9.tmp --------- 546  
 19.03.2008 22:40     C:\Users\Marc\AppData\Local\Temp\~DF7BBD.tmp --------- 512  
 19.03.2008 22:40     C:\Users\Marc\AppData\Local\Temp\~DF7BB6.tmp --------- 16384  
 19.03.2008 22:32     C:\Users\Marc\AppData\Local\Temp\WT14E60.tmp --------- 4096  
 19.03.2008 22:32     C:\Users\Marc\AppData\Local\Temp\WT14E5F.tmp --------- 0  
 19.03.2008 22:32     C:\Users\Marc\AppData\Local\Temp\WT14E5E.tmp --------- 546  
 19.03.2008 22:32     C:\Users\Marc\AppData\Local\Temp\~DFFD3E.tmp --------- 512  
 19.03.2008 22:32     C:\Users\Marc\AppData\Local\Temp\~DFFD37.tmp --------- 16384  
 19.03.2008 22:30     C:\Users\Marc\AppData\Local\Temp\WT1389F.tmp --------- 4096  
 19.03.2008 22:30     C:\Users\Marc\AppData\Local\Temp\WT1389E.tmp --------- 0  
 19.03.2008 22:30     C:\Users\Marc\AppData\Local\Temp\WT1389D.tmp --------- 546  
 19.03.2008 22:30     C:\Users\Marc\AppData\Local\Temp\~DF1823.tmp --------- 512  
 19.03.2008 22:30     C:\Users\Marc\AppData\Local\Temp\~DF1815.tmp --------- 16384  
 17.03.2008 21:22     C:\Users\Marc\AppData\Local\Temp\{b36ea8bc-5b43-4d9a-9196-73b0a213fd94} --------- 0  
 16.03.2008 20:51     C:\Users\Marc\AppData\Local\Temp\~DFDBC1.tmp --------- 16384  
 16.03.2008 20:48     C:\Users\Marc\AppData\Local\Temp\~DF7EB9.tmp --------- 16384  
 16.03.2008 18:58     C:\Users\Marc\AppData\Local\Temp\~DF7537.tmp --------- 512  
 16.03.2008 18:58     C:\Users\Marc\AppData\Local\Temp\~DF7530.tmp --------- 16384  
 16.03.2008 17:47     C:\Users\Marc\AppData\Local\Temp\~DFCCAA.tmp --------- 512  
 16.03.2008 17:47     C:\Users\Marc\AppData\Local\Temp\~DFCC9E.tmp --------- 16384  
 16.03.2008 17:26     C:\Users\Marc\AppData\Local\Temp\~DFC048.tmp --------- 16384  
 15.03.2008 15:10     C:\Users\Marc\AppData\Local\Temp\srv6872.tmp --------- 0  
 15.03.2008 15:01     C:\Users\Marc\AppData\Local\Temp\~DF4444.tmp --------- 16384  
 15.03.2008 14:59     C:\Users\Marc\AppData\Local\Temp\~DF8E99.tmp --------- 16384  
 15.03.2008 14:56     C:\Users\Marc\AppData\Local\Temp\~DF814F.tmp --------- 16384  
 15.03.2008 14:56     C:\Users\Marc\AppData\Local\Temp\~DF66A9.tmp --------- 16384  
 15.03.2008 14:56     C:\Users\Marc\AppData\Local\Temp\~DF4C85.tmp --------- 16384  
 15.03.2008 14:41     C:\Users\Marc\AppData\Local\Temp\~DFD6DB.tmp --------- 16384  
 15.03.2008 14:41     C:\Users\Marc\AppData\Local\Temp\srv205B.tmp --------- 0  
 15.03.2008 00:54     C:\Users\Marc\AppData\Local\Temp\~DF956A.tmp --------- 512  
 15.03.2008 00:54     C:\Users\Marc\AppData\Local\Temp\~DF9563.tmp --------- 16384  
 15.03.2008 00:54     C:\Users\Marc\AppData\Local\Temp\srv5733.tmp --------- 0  
 15.03.2008 00:38     C:\Users\Marc\AppData\Local\Temp\~DF33D6.tmp --------- 512  
 15.03.2008 00:38     C:\Users\Marc\AppData\Local\Temp\~DF33CE.tmp --------- 16384  
 15.03.2008 00:15     C:\Users\Marc\AppData\Local\Temp\~DFCF80.tmp --------- 512  
 15.03.2008 00:15     C:\Users\Marc\AppData\Local\Temp\~DFCF73.tmp --------- 16384  
 06.03.2008 13:15     C:\Users\Marc\AppData\Local\Temp\ppcrlui_1836_2.ui --------- 0  
 10.02.2008 22:08     C:\Users\Marc\AppData\Local\Temp\~DF8B0D.tmp --------- 512  
 10.02.2008 22:08     C:\Users\Marc\AppData\Local\Temp\~DF8B03.tmp --------- 16384  
 10.02.2008 22:08     C:\Users\Marc\AppData\Local\Temp\~DF8AEC.tmp --------- 512  
 10.02.2008 22:08     C:\Users\Marc\AppData\Local\Temp\~DF8AE2.tmp --------- 573440  
 06.02.2008 23:12     C:\Users\Marc\AppData\Local\Temp\~PIB6EA.tmp --------- 17301504  
 06.02.2008 23:12     C:\Users\Marc\AppData\Local\Temp\~PIAFC3.tmp --------- 17301504  
 06.02.2008 23:12     C:\Users\Marc\AppData\Local\Temp\~PIAFC4.tmp --------- 655360  
 05.02.2008 16:53     C:\Users\Marc\AppData\Local\Temp\srv8487.tmp --------- 0  
 01.02.2008 15:40     C:\Users\Marc\AppData\Local\Temp\~nsu.tmp --------- 0  
 31.01.2008 21:36     C:\Users\Marc\AppData\Local\Temp\~DFF865.tmp --------- 512  
 31.01.2008 21:36     C:\Users\Marc\AppData\Local\Temp\~DFF85B.tmp --------- 16384  
 31.01.2008 21:36     C:\Users\Marc\AppData\Local\Temp\~DFF7EB.tmp --------- 512  
 31.01.2008 21:36     C:\Users\Marc\AppData\Local\Temp\~DFF7E1.tmp --------- 573440  
 29.01.2008 19:05     C:\Users\Marc\AppData\Local\Temp\setup.log --------- 167  
 29.01.2008 18:50     C:\Users\Marc\AppData\Local\Temp\isp138A.tmp --------- 0  
 29.01.2008 18:50     C:\Users\Marc\AppData\Local\Temp\ispF225.tmp --------- 0  
 29.01.2008 18:36     C:\Users\Marc\AppData\Local\Temp\{8efac29a-ec75-4d22-924c-84006af002d7} --------- 0  
 29.01.2008 18:27     C:\Users\Marc\AppData\Local\Temp\{AC1DC85C-AA5A-4501-9FDE-353A77BB797A} --------- 0  
 29.01.2008 18:26     C:\Users\Marc\AppData\Local\Temp\SetF9C0.tmp --------- 107512  
 29.01.2008 18:24     C:\Users\Marc\AppData\Local\Temp\ispD6D8.tmp --------- 0  
 29.01.2008 18:24     C:\Users\Marc\AppData\Local\Temp\ispA147.tmp --------- 0  
 29.01.2008 12:51     C:\Users\Marc\AppData\Local\Temp\~DF6F1C.tmp --------- 16384  
 21.12.2007 21:34     C:\Users\Marc\AppData\Local\Temp\~DF9177.tmp --------- 512  
 21.12.2007 21:34     C:\Users\Marc\AppData\Local\Temp\~DF9172.tmp --------- 16384  
 21.12.2007 21:34     C:\Users\Marc\AppData\Local\Temp\~DF907B.tmp --------- 512  
 21.12.2007 21:34     C:\Users\Marc\AppData\Local\Temp\~DF9076.tmp --------- 573440  
 12.12.2007 13:34     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000BCC --------- 1020  
 11.12.2007 16:16     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000518 --------- 1020  
 11.12.2007 13:33     C:\Users\Marc\AppData\Local\Temp\~DF5239.tmp --------- 512  
 11.12.2007 13:33     C:\Users\Marc\AppData\Local\Temp\~DF5234.tmp --------- 16384  
 10.12.2007 23:41     C:\Users\Marc\AppData\Local\Temp\~DFC3C8.tmp --------- 512  
 10.12.2007 23:41     C:\Users\Marc\AppData\Local\Temp\~DFC3C3.tmp --------- 573440  
 06.12.2007 18:47     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000E60 --------- 1020  
 04.12.2007 11:35     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000EA4 --------- 1020  
 04.12.2007 01:46     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000F94 --------- 1020  
 02.12.2007 21:20     C:\Users\Marc\AppData\Local\Temp\srv6458.tmp --------- 0  
 27.11.2007 18:17     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000DD0 --------- 1020  
 27.11.2007 14:16     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000A5C --------- 1020  
 19.11.2007 17:45     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000EF8 --------- 1020  
 26.10.2007 13:09     C:\Users\Marc\AppData\Local\Temp\{A7C9F7BF-B0F0-43AD-8D4B-E6FA0DEECB0D} --------- 0  
 15.10.2007 11:57     C:\Users\Marc\AppData\Local\Temp\bye58D6.tmp --------- 0  
 07.10.2007 14:11     C:\Users\Marc\AppData\Local\Temp\~DFC465.tmp --------- 16384  
 24.09.2007 18:52     C:\Users\Marc\AppData\Local\Temp\_ISTMP1.DIR --------- 0  
 28.08.2007 23:09     C:\Users\Marc\AppData\Local\Temp\TempCover4 --------- 0  
 28.08.2007 22:52     C:\Users\Marc\AppData\Local\Temp\{AC76BA86-7AD7-1031-7B44-A81000000003}.ini --------- 475  
 28.08.2007 22:50     C:\Users\Marc\AppData\Local\Temp\RunTime.ini --------- 520  
 28.08.2007 22:50     C:\Users\Marc\AppData\Local\Temp\Neroe264138ffb6442f5a8d50552c6810fc2.nru --------- 13164  
 28.08.2007 22:50     C:\Users\Marc\AppData\Local\Temp\TempCover3 --------- 0  
 28.08.2007 22:43     C:\Users\Marc\AppData\Local\Temp\Neroec8ed6e639b24afb87a12618486e6fcb.nru --------- 13164  
 28.08.2007 22:43     C:\Users\Marc\AppData\Local\Temp\TempCover2 --------- 0  
 27.08.2007 18:31     C:\Users\Marc\AppData\Local\Temp\GEARInstall.log --------- 588  
 27.08.2007 18:30     C:\Users\Marc\AppData\Local\Temp\QTInstallCode.log --------- 2571  
 27.08.2007 18:22     C:\Users\Marc\AppData\Local\Temp\qtplugin.log --------- 4105  
 19.08.2007 21:33     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000740 --------- 1020  
 17.08.2007 12:19     C:\Users\Marc\AppData\Local\Temp\~ROMFN_000008A0 --------- 1020  
 14.08.2007 21:09     C:\Users\Marc\AppData\Local\Temp\~DF3812.tmp --------- 32768  
 14.08.2007 16:51     C:\Users\Marc\AppData\Local\Temp\dlg_0x6AE63F188.tmp --------- 369152  
 11.08.2007 13:29     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000F04 --------- 1020  
 10.08.2007 12:30     C:\Users\Marc\AppData\Local\Temp\{56DC8B58-C64D-4F3C-AE7D-EFEE973A23F2} --------- 0  
 10.08.2007 11:25     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000B00 --------- 1020  
 03.08.2007 21:00     C:\Users\Marc\AppData\Local\Temp\~DF2E58.tmp --------- 512  
 03.08.2007 21:00     C:\Users\Marc\AppData\Local\Temp\~DF2DE7.tmp --------- 16384  
 03.08.2007 21:00     C:\Users\Marc\AppData\Local\Temp\~DF2CC0.tmp --------- 512  
 03.08.2007 21:00     C:\Users\Marc\AppData\Local\Temp\~DF2CBB.tmp --------- 524288  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdD001.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdCE2C.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdCC38.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdCA63.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdC86F.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdC6AA.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdC496.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdC2C1.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdC0BD.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdBED9.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdBCE5.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdBB00.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdB93B.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdB766.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdB552.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdB38D.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdB1B8.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdAFC4.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdADEF.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdABFA.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdAA25.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdA831.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdA63D.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdA439.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdA274.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcdA070.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd9E6C.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd9C68.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd9AA3.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd989F.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd96DA.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd94D6.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd9311.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd910D.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd8F47.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd8D34.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd8B5F.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd894C.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd8767.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd8563.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd837F.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd816B.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd7FA6.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd7DA2.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd7BDD.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd7AF2.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd79C8.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd78CE.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd77D3.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd76D8.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd75AF.tmp --------- 96  
 19.07.2007 13:11     C:\Users\Marc\AppData\Local\Temp\vcd74B4.tmp --------- 96  
 18.07.2007 20:59     C:\Users\Marc\AppData\Local\Temp\hpzset000.log --------- 3297  
 18.07.2007 20:56     C:\Users\Marc\AppData\Local\Temp\hpzrcv000.log --------- 850  
 18.07.2007 20:56     C:\Users\Marc\AppData\Local\Temp\hpzshl000.log --------- 6780  
 18.07.2007 20:56     C:\Users\Marc\AppData\Local\Temp\hpzpsc000.log --------- 704  
 18.07.2007 20:56     C:\Users\Marc\AppData\Local\Temp\hpzwup000.log --------- 1305  
 18.07.2007 20:54     C:\Users\Marc\AppData\Local\Temp\hpzrei000.log --------- 490  
 18.07.2007 20:13     C:\Users\Marc\AppData\Local\Temp\{3eeef230-50a5-47d3-94c4-51af6e76eff9} --------- 0  
 10.06.2007 13:46     C:\Users\Marc\AppData\Local\Temp\srv488E.tmp --------- 0  
 30.05.2007 21:47     C:\Users\Marc\AppData\Local\Temp\CV1BC7.tmp --------- 340  
 30.05.2007 21:47     C:\Users\Marc\AppData\Local\Temp\CV19D2.tmp --------- 340  
 30.05.2007 21:43     C:\Users\Marc\AppData\Local\Temp\srvC00D.tmp --------- 0  
 30.05.2007 21:43     C:\Users\Marc\AppData\Local\Temp\srv4DDA.tmp --------- 0  
 30.05.2007 21:42     C:\Users\Marc\AppData\Local\Temp\srv6C62.tmp --------- 0  
 30.05.2007 21:41     C:\Users\Marc\AppData\Local\Temp\srvD918.tmp --------- 0  
 30.05.2007 21:38     C:\Users\Marc\AppData\Local\Temp\srvA202.tmp --------- 0  
 30.05.2007 21:18     C:\Users\Marc\AppData\Local\Temp\srvD705.tmp --------- 0  
 30.05.2007 21:15     C:\Users\Marc\AppData\Local\Temp\srvF2EE.tmp --------- 0  
 30.05.2007 21:10     C:\Users\Marc\AppData\Local\Temp\srv7C97.tmp --------- 0  
 28.05.2007 19:35     C:\Users\Marc\AppData\Local\Temp\srv3C64.tmp --------- 0  
 28.05.2007 18:23     C:\Users\Marc\AppData\Local\Temp\~DFEDCB.tmp --------- 512  
 28.05.2007 18:23     C:\Users\Marc\AppData\Local\Temp\~DFDE8E.tmp --------- 512  
 28.05.2007 18:23     C:\Users\Marc\AppData\Local\Temp\~DFDE86.tmp --------- 16384  
 28.05.2007 18:23     C:\Users\Marc\AppData\Local\Temp\~DFDE2C.tmp --------- 512  
 28.05.2007 18:23     C:\Users\Marc\AppData\Local\Temp\srv6635.tmp --------- 0  
 28.05.2007 18:09     C:\Users\Marc\AppData\Local\Temp\srv8806.tmp --------- 0  
 28.05.2007 18:04     C:\Users\Marc\AppData\Local\Temp\srv5B1D.tmp --------- 0  
 28.05.2007 18:02     C:\Users\Marc\AppData\Local\Temp\CVB762.tmp --------- 340  
 28.05.2007 18:02     C:\Users\Marc\AppData\Local\Temp\CVB6E3.tmp --------- 340  
 28.05.2007 17:31     C:\Users\Marc\AppData\Local\Temp\srv68E2.tmp --------- 0  
 28.05.2007 17:31     C:\Users\Marc\AppData\Local\Temp\CV287A.tmp --------- 340  
 28.05.2007 17:31     C:\Users\Marc\AppData\Local\Temp\CV2685.tmp --------- 340  
 28.05.2007 17:15     C:\Users\Marc\AppData\Local\Temp\srvDBFE.tmp --------- 0  
 28.05.2007 16:58     C:\Users\Marc\AppData\Local\Temp\CVFD8C.tmp --------- 240  
 28.05.2007 16:58     C:\Users\Marc\AppData\Local\Temp\CVFCBF.tmp --------- 240  
 28.05.2007 16:34     C:\Users\Marc\AppData\Local\Temp\CV7450.tmp --------- 240  
 28.05.2007 16:34     C:\Users\Marc\AppData\Local\Temp\CV7355.tmp --------- 240  
 28.05.2007 16:30     C:\Users\Marc\AppData\Local\Temp\CVB768.tmp --------- 240  
 28.05.2007 16:30     C:\Users\Marc\AppData\Local\Temp\CVB6AB.tmp --------- 240  
 28.05.2007 14:35     C:\Users\Marc\AppData\Local\Temp\shiiptmp --------- 0  
 28.05.2007 14:30     C:\Users\Marc\AppData\Local\Temp\MSI57c41.LOG --------- 316  
 28.05.2007 14:30     C:\Users\Marc\AppData\Local\Temp\~68EF.tmp --------- 0  
 28.05.2007 14:29     C:\Users\Marc\AppData\Local\Temp\{A8C0E87D-585B-45EF-B994-BD93C51A119F} --------- 0  
 28.05.2007 14:22     C:\Users\Marc\AppData\Local\Temp\~DFAF41.tmp --------- 512  
 28.05.2007 14:22     C:\Users\Marc\AppData\Local\Temp\~DFAF3C.tmp --------- 507904  
 16.05.2007 17:49     C:\Users\Marc\AppData\Local\Temp\CV6E7C.tmp --------- 240  
 16.05.2007 17:49     C:\Users\Marc\AppData\Local\Temp\CV6D80.tmp --------- 240  
 16.05.2007 17:48     C:\Users\Marc\AppData\Local\Temp\srv3882.tmp --------- 0  
 16.05.2007 17:46     C:\Users\Marc\AppData\Local\Temp\srvF3B5.tmp --------- 0  
 16.05.2007 17:46     C:\Users\Marc\AppData\Local\Temp\srv8D07.tmp --------- 0  
 16.05.2007 17:19     C:\Users\Marc\AppData\Local\Temp\srvF125.tmp --------- 0  
 16.05.2007 16:34     C:\Users\Marc\AppData\Local\Temp\srvCCE2.tmp --------- 0  
 16.05.2007 16:11     C:\Users\Marc\AppData\Local\Temp\~DF9406.tmp --------- 16384  
 16.05.2007 16:01     C:\Users\Marc\AppData\Local\Temp\srvCF42.tmp --------- 0  
 16.05.2007 16:00     C:\Users\Marc\AppData\Local\Temp\srv408.tmp --------- 0  
 16.05.2007 15:57     C:\Users\Marc\AppData\Local\Temp\srv30C2.tmp --------- 0  
 01.05.2007 11:08     C:\Users\Marc\AppData\Local\Temp\~ROMFN_00000AC0 --------- 1020  
 01.05.2007 10:49     C:\Users\Marc\AppData\Local\Temp\Adobe --------- 0  
 26.04.2007 17:27     C:\Users\Marc\AppData\Local\Temp\Setup.BC76A4A3-9ED2-4D4F-8BD5-9C88587FFD8D.log --------- 5588  
 22.04.2007 15:36     C:\Users\Marc\AppData\Local\Temp\{a0d91e3e-ac6d-461b-81e6-7b12a05dd1ea} --------- 0  
 22.04.2007 15:35     C:\Users\Marc\AppData\Local\Temp\wp13html.log --------- 93  
 22.04.2007 15:31     C:\Users\Marc\AppData\Local\Temp\java_install.log --------- 0  
 22.04.2007 11:10     C:\Users\Marc\AppData\Local\Temp\~DF5073.tmp --------- 512  
 22.04.2007 11:10     C:\Users\Marc\AppData\Local\Temp\~DF5053.tmp --------- 32768  
 19.04.2007 20:16     C:\Users\Marc\AppData\Local\Temp\mwsqm02.sqm --------- 200  
 19.04.2007 19:52     C:\Users\Marc\AppData\Local\Temp\tmpD20F.tmp --------- 0  
 19.04.2007 19:51     C:\Users\Marc\AppData\Local\Temp\~DF6C6E.tmp --------- 512  
 19.04.2007 19:51     C:\Users\Marc\AppData\Local\Temp\~DF6C69.tmp --------- 32768  
 19.04.2007 19:43     C:\Users\Marc\AppData\Local\Temp\mwsqm01.sqm --------- 188  
 19.04.2007 13:31     C:\Users\Marc\AppData\Local\Temp\BdeMerge.ini --------- 145  
 19.04.2007 12:39     C:\Users\Marc\AppData\Local\Temp\Twunk002.MTX --------- 0  
 19.04.2007 12:05     C:\Users\Marc\AppData\Local\Temp\0LY5R5X --------- 0  
 19.04.2007 12:05     C:\Users\Marc\AppData\Local\Temp\~DF9B48.tmp --------- 32768  
 19.04.2007 12:03     C:\Users\Marc\AppData\Local\Temp\0XBSAPY --------- 0  
 19.04.2007 12:03     C:\Users\Marc\AppData\Local\Temp\~DF4BB.tmp --------- 32768  
 19.04.2007 12:03     C:\Users\Marc\AppData\Local\Temp\0XZD03E --------- 0  
 19.04.2007 12:03     C:\Users\Marc\AppData\Local\Temp\~DFF3BF.tmp --------- 32768  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\JABLS8 --------- 0  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\~DF8935.tmp --------- 32768  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\VFD5SQ --------- 0  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\~DF761F.tmp --------- 32768  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\0LGWRFG --------- 0  
 19.04.2007 12:02     C:\Users\Marc\AppData\Local\Temp\~DF4295.tmp --------- 32768  
 19.04.2007 12:01     C:\Users\Marc\AppData\Local\Temp\W4DABR --------- 0  
 19.04.2007 12:01     C:\Users\Marc\AppData\Local\Temp\~DF1E81.tmp --------- 32768  
 19.04.2007 12:00     C:\Users\Marc\AppData\Local\Temp\2RN87K --------- 0  
 19.04.2007 12:00     C:\Users\Marc\AppData\Local\Temp\~DFA9B.tmp --------- 32768  
 19.04.2007 11:54     C:\Users\Marc\AppData\Local\Temp\mwsqm00.sqm --------- 188  
 19.04.2007 09:50     C:\Users\Marc\AppData\Local\Temp\Beata.bmp --------- 31832  
 19.04.2007 09:50     C:\Users\Marc\AppData\Local\Temp\Gast.bmp --------- 49208  
 23.12.2006 19:11     C:\Users\Marc\AppData\Local\Temp\NeroSearchTrayHook_{23194990-7B9F-468D-BB9A-CEFE342B36CE}.dll --------- 49152  
 02.11.2006 14:33     C:\Users\Marc\AppData\Local\Temp\ppcrlui_1612_2 --------- 254216  
 02.11.2006 14:33     C:\Users\Marc\AppData\Local\Temp\ppcrlui_1836_2 --------- 254216  
 22.10.2004 05:16     C:\Users\Marc\AppData\Local\Temp\set8BF1.tmp --------- 118736  
 22.10.2004 05:16     C:\Users\Marc\AppData\Local\Temp\set1CAB.tmp --------- 118736  
 22.10.2004 05:16     C:\Users\Marc\AppData\Local\Temp\setF62.tmp --------- 118736  
 22.10.2004 05:16     C:\Users\Marc\AppData\Local\Temp\setD214.tmp --------- 118736  
 22.10.2004 04:16     C:\Users\Marc\AppData\Local\Temp\Set9B8A.tmp --------- 118736  
 22.10.2004 04:16     C:\Users\Marc\AppData\Local\Temp\SetED71.tmp --------- 118736  
----------------------------------------

 
C:\Program Files

 02.06.2008 17:05     C:\Program Files\Trend Micro --------- 0  
 19.05.2008 19:54     C:\Program Files\Haufe --------- 0  
 17.05.2008 18:08     C:\Program Files\HP --------- 0  
 17.05.2008 18:08     C:\Program Files\Common Files --------- 4096  
 17.05.2008 18:04     C:\Program Files\HP PSE 9.0 SW --------- 0  
 16.05.2008 14:26     C:\Program Files\Windows Mail --------- 0  
 28.04.2008 23:04     C:\Program Files\Google --------- 4096  
 26.04.2008 01:00     C:\Program Files\desktop.ini --------- 174  
 26.04.2008 00:49     C:\Program Files\Windows Calendar --------- 0  
 26.04.2008 00:49     C:\Program Files\Windows Sidebar --------- 4096  
 26.04.2008 00:49     C:\Program Files\Movie Maker --------- 0  
 26.04.2008 00:49     C:\Program Files\Internet Explorer --------- 4096  
 26.04.2008 00:49     C:\Program Files\Windows Media Player --------- 4096  
 26.04.2008 00:49     C:\Program Files\Windows Collaboration --------- 4096  
 26.04.2008 00:49     C:\Program Files\Windows Photo Gallery --------- 4096  
 26.04.2008 00:49     C:\Program Files\Windows Defender --------- 4096  
 25.04.2008 20:19     C:\Program Files\Java --------- 4096  
 25.04.2008 17:39     C:\Program Files\AskTBar --------- 0  
 23.04.2008 16:23     C:\Program Files\MSXML 4.0 --------- 0  
 10.04.2008 14:51     C:\Program Files\IncrediMail --------- 0  
 29.01.2008 19:05     C:\Program Files\InstallShield Installation Information --------- 0  
 29.01.2008 18:47     C:\Program Files\Winamp --------- 4096  
 26.10.2007 13:08     C:\Program Files\WISO --------- 0  
 11.09.2007 19:27     C:\Program Files\Gadu-Gadu --------- 4096  
 28.08.2007 22:51     C:\Program Files\Adobe --------- 0  
 27.08.2007 18:30     C:\Program Files\iTunes --------- 4096  
 27.08.2007 18:30     C:\Program Files\iPod --------- 0  
 21.08.2007 17:42     C:\Program Files\Mozilla Firefox --------- 0  
 21.08.2007 17:42     C:\Program Files\VistaCodecPack --------- 4096  
 07.07.2007 20:51     C:\Program Files\AVS4YOU --------- 0  
 07.07.2007 16:59     C:\Program Files\Apple Software Update --------- 4096  
 28.05.2007 14:28     C:\Program Files\WEKA --------- 0  
 19.04.2007 09:38     C:\Program Files\Windows NT --------- 0  
 19.04.2007 09:38     C:\Program Files\Gemeinsame Dateien --------- 0  
 29.12.2006 12:04     C:\Program Files\Nero --------- 0  
 29.12.2006 11:54     C:\Program Files\WordPerfect Office X3 --------- 4096  
 29.12.2006 11:47     C:\Program Files\S3 --------- 0  
 29.12.2006 11:44     C:\Program Files\Synaptics --------- 0  
 29.12.2006 11:43     C:\Program Files\CONEXANT --------- 0  
 29.12.2006 11:38     C:\Program Files\Realtek --------- 0  
 02.11.2006 14:58     C:\Program Files\Uninstall Information --------- 0  
 02.11.2006 14:35     C:\Program Files\Microsoft Games --------- 4096  
 02.11.2006 14:35     C:\Program Files\Reference Assemblies --------- 0  
 02.11.2006 14:35     C:\Program Files\MSBuild --------- 0  
----------------------------------------

 
C:\ProgramData\.. 

Beata    
Marc    
desktop.ini    
ADMINI~1    
Default    
All Users    
Default User    
Public    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         9.976 K
smss.exe                       408 Services                   0           556 K
csrss.exe                      480 Services                   0         4.476 K
csrss.exe                      524 Console                    1         7.928 K
wininit.exe                    532 Services                   0         3.308 K
winlogon.exe                   588 Console                    1         4.348 K
services.exe                   612 Services                   0         5.860 K
lsass.exe                      624 Services                   0         2.024 K
lsm.exe                        632 Services                   0         3.200 K
svchost.exe                    804 Services                   0         6.116 K
svchost.exe                    864 Services                   0         6.348 K
svchost.exe                    896 Services                   0        28.488 K
svchost.exe                    988 Services                   0        13.484 K
svchost.exe                   1020 Services                   0        58.016 K
svchost.exe                   1036 Services                   0        40.664 K
audiodg.exe                   1136 Services                   0        12.812 K
SLsvc.exe                     1172 Services                   0         8.412 K
svchost.exe                   1208 Services                   0        14.164 K
svchost.exe                   1400 Services                   0        18.108 K
spoolsv.exe                   1536 Services                   0         7.004 K
svchost.exe                   1564 Services                   0        10.608 K
AppleMobileDeviceService.     1732 Services                   0         3.016 K
svchost.exe                   1764 Services                   0         4.860 K
LSSrvc.exe                    1788 Services                   0         2.736 K
svchost.exe                   1936 Services                   0         4.764 K
PSIService.exe                1992 Services                   0         2.912 K
svchost.exe                   2032 Services                   0         4.732 K
svchost.exe                    196 Services                   0         1.936 K
SearchIndexer.exe              280 Services                   0         9.728 K
taskeng.exe                   2080 Console                    1         9.768 K
dwm.exe                       2108 Console                    1         4.260 K
explorer.exe                  2176 Console                    1        43.988 K
taskeng.exe                   2236 Services                   0         5.176 K
MSASCui.exe                   2452 Console                    1        12.468 K
RtHDVCpl.exe                  2460 Console                    1         5.108 K
ESB.EXE                       2468 Console                    1         4.172 K
SynTPEnh.exe                  2476 Console                    1         5.068 K
s3trayp.exe                   2512 Console                    1         3.772 K
winampa.exe                   2580 Console                    1         3.752 K
jusched.exe                   2620 Console                    1         2.968 K
iTunesHelper.exe              2656 Console                    1         9.192 K
hpwuSchd2.exe                 2696 Console                    1         2.600 K
sidebar.exe                   2712 Console                    1        24.044 K
gg.exe                        2796 Console                    1        16.136 K
GoogleToolbarNotifier.exe     2900 Console                    1         1.644 K
hpqtra08.exe                  2908 Console                    1         5.688 K
ImApp.exe                     3520 Console                    1        14.284 K
iPodService.exe               1256 Services                   0         4.976 K
ieuser.exe                    2188 Console                    1        21.084 K
iexplore.exe                  2628 Console                    1       105.860 K
conime.exe                    2520 Console                    1         3.252 K
taskeng.exe                   1972 Console                    1         7.140 K
cmd.exe                       1864 Console                    1         2.728 K
SearchFilterHost.exe          3672 Services                   0         4.780 K
tasklist.exe                  1392 Console                    1         4.580 K
WmiPrvSE.exe                  3744 Services                   0         5.796 K

 
***** Ende des Scans 02.06.2008 um 17:27:21,10 ***

[sylvia99]

so, hier noch die Logs vom Dss
main:

Code:

Deckard's System Scanner v20071014.68
Run by Marc on 2008-06-02 17:32:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
10: 2008-06-02 14:25:42 UTC - RP235 - Windows Update
9: 2008-06-02 13:27:22 UTC - RP234 - Wiederherstellungsvorgang
8: 2008-06-02 10:24:44 UTC - RP233 - Wiederherstellungsvorgang
7: 2008-06-02 09:51:50 UTC - RP232 - Geplanter Prüfpunkt
6: 2008-06-01 13:11:39 UTC - RP231 - Geplanter Prüfpunkt


-- First Restore Point -- 
1: 2008-05-28 09:16:20 UTC - RP226 - Geplanter Prüfpunkt


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 958 MiB (1024 MiB recommended).


-- HijackThis (run as Marc.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:14, on 02.06.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\ESB.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\s3trayp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Users\Marc\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Marc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ESB] C:\Windows\system32\ESB.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WISO Urteilsmonitor.lnk = ?
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix: 
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

--
End of file - 6384 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>

S2 XAudioService - c:\windows\system32\drivers\xaudio.exe (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-02 17:15:29       416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{1810E4F2-D75D-4D10-98FA-CC7334BE11AC}.job


-- Files created between 2008-05-02 and 2008-06-02 -----------------------------

2008-06-02 17:05:04         0 d-------- C:\Program Files\Trend Micro
2008-06-02 16:46:29         0 d-------- C:\Windows\system32\Kaspersky Lab
2008-06-01 22:54:15         0 d--hs---- C:\found.001
2008-05-17 18:08:55         0 d-------- C:\Users\All Users\HP Product Assistant
2008-05-17 18:08:12         0 d-------- C:\Program Files\Common Files\HP
2008-05-17 18:05:25         0 d-------- C:\Program Files\HP
2008-05-17 18:04:51         0 -----n--- C:\Windows\hpimdl06.dat
2008-05-17 18:04:51    147863 --a------ C:\Windows\hpiins06.dat
2008-05-17 18:04:26         0 d-------- C:\Users\All Users\HP
2008-05-17 18:03:44         0 d-a------ C:\Program Files\HP PSE 9.0 SW


-- Find3M Report ---------------------------------------------------------------

2008-06-02 16:27:17    185564 --a------ C:\Windows\system32\perfh007.dat
2008-06-02 16:27:17     51520 --a------ C:\Windows\system32\perfc007.dat
2008-05-31 19:11:23         0 d-------- C:\Users\Marc\AppData\Roaming\Ahead
2008-05-31 14:44:07         0 d-------- C:\Users\Marc\AppData\Roaming\Real
2008-05-25 20:57:50       952 --ahs---- C:\Windows\system32\KGyGaAvL.sys
2008-05-19 19:54:29         0 d-------- C:\Program Files\Haufe
2008-05-17 18:14:14         0 d-------- C:\Users\Marc\AppData\Roaming\HP
2008-05-17 18:08:12         0 d-------- C:\Program Files\Common Files
2008-05-16 14:26:44         0 d-------- C:\Program Files\Windows Mail
2008-05-01 23:23:45         0 d-------- C:\Users\Marc\AppData\Roaming\Google
2008-04-28 23:04:52         0 d-------- C:\Program Files\Google
2008-04-26 01:00:05       174 --ahs---- C:\Program Files\desktop.ini
2008-04-26 00:49:57         0 d-------- C:\Program Files\Windows Sidebar
2008-04-26 00:49:57         0 d-------- C:\Program Files\Windows Collaboration
2008-04-26 00:49:57         0 d-------- C:\Program Files\Windows Calendar
2008-04-26 00:49:57         0 d-------- C:\Program Files\Movie Maker
2008-04-26 00:49:56         0 d-------- C:\Program Files\Windows Photo Gallery
2008-04-26 00:49:55         0 d-------- C:\Program Files\Windows Defender
2008-04-25 20:19:49         0 d-------- C:\Program Files\Java
2008-04-25 17:39:32         0 d-------- C:\Program Files\AskTBar
2008-04-25 16:51:30         0 d-------- C:\Program Files\Common Files\Ahead
2008-04-23 16:23:36         0 d-------- C:\Program Files\MSXML 4.0
2008-04-10 14:51:17         0 d-------- C:\Program Files\IncrediMail


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]
"RtHDVCpl"="RtHDVCpl.exe" [20.11.2006 15:13 C:\Windows\RtHDVCpl.exe]
"ESB"="C:\Windows\system32\ESB.EXE" [29.05.2006 14:40]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [23.10.2006 12:00]
"S3Trayp"="S3trayp.exe" [15.12.2006 15:04 C:\Windows\System32\s3trayp.exe]
"QuickFinder Scheduler"="C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [03.01.2007 05:21]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [13.02.2007 20:29]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25]
"QuickTime Task"="C:\Program Files\VistaCodecPack\QT\QTTask.exe" [29.06.2007 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [15.08.2007 20:15]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.05.2007 03:06]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01.03.2007 14:57]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11.03.2007 21:34]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [22.01.2008 10:13]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [09.07.2007 09:39]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [01.03.2007 10:37]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [03.04.2008 09:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [27.04.2008 14:50]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11.03.2007 21:26:24]
WISO Urteilsmonitor.lnk - C:\Program Files\WISO\Sparbuch 2007\rswisoservice.exe [10.08.2007 12:29:47]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService	nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient SstpSvc
LocalSystemNetworkRestricted	hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork	PLA DPS BFE mpssvc
hpdevmgmt	hpqcxs08 hpqddsvc

*Newly Created Service* - EAPHOST
*Newly Created Service* - WLANSVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-02 17:36:25 ------------

und extra

Code:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Basic  (build 6001) SP 1.0
Architecture: X86; Language: German

CPU 0: Genuine Intel(R) CPU           T1300  @ 1.66GHz
Percentage of Memory in Use: 64%
Physical Memory (total/avail): 957.39 MiB / 341.52 MiB
Pagefile Memory (total/avail): 2179.12 MiB / 1491.71 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1908.85 MiB

C: is Fixed (NTFS) - 64.69 GiB total, 40.21 GiB free. 
D: is Fixed (FAT32) - 9.83 GiB total, 8.53 GiB free. 
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800BEVS-00RST0 ATA Device - 74.53 GiB - 2 partitions
  \PARTITION0 (bootable) - Installierbares Dateisystem - 64.69 GiB - C:
  \PARTITION1 - Unknown - 9.84 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Marc\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MARC-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Marc
LOCALAPPDATA=C:\Users\Marc\AppData\Local
LOGONSERVER=\\MARC-PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\VistaCodecPack\QT\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Marc\AppData\Local\Temp
TMP=C:\Users\Marc\AppData\Local\Temp
USERDOMAIN=Marc-PC
USERNAME=Marc
USERPROFILE=C:\Users\Marc
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Marc
Beata


-- Add/Remove Programs ---------------------------------------------------------

 --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
 --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
 --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
 --> C:\Windows\UNNeroShowTime.exe /UNINSTALL
 --> C:\Windows\UNNeroVision.exe /UNINSTALL
 --> C:\Windows\UNRecode.exe /UNINSTALL
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 8.1.0 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81000000003}
Apple Mobile Device Support --> MsiExec.exe /I{763E8D6C-0098-4FF4-801A-3F311D2D9D80}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Ask Toolbar --> rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O 
AVS DVDMenu Editor 1.2.1.19 --> "C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Converter 5.6 --> "C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2 --> "C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Easy Start Button --> C:\Windows\system32\UNESB.EXE
Gadu-Gadu 7.7 --> C:\Program Files\Gadu-Gadu\Setup.exe
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Imaging Device Functions 9.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Kameras 9.0 --> C:\Program Files\HP\Digital Imaging\{AA057FD9-0CFC-47e4-8AB4-E0F7EC85631D}\setup\hpzscr01.exe -datfile hpiscr06.dat
HP Solution Center 9.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
IncrediMail Xe --> C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
iTunes --> MsiExec.exe /I{974C05A0-C76C-4724-A9A2-11D5D1355729}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Development Kit 6 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160000}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kaspersky Online Scanner --> C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2005 SP1 CRT Redistributable --> MsiExec.exe /I{CC038D57-788A-4544-BF8F-179E5CF50D2F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Nero 7 Essentials --> MsiExec.exe /X{22FB6750-ADDF-4726-B67F-6901E1991031}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Taschenguide BGB --> C:\Windows\IsUn0407.exe -fC:\Programme\Haufe\TG_BGB\TG_BGB.isu
VIA Display Vista Driver 7.14.10.0053 --> C:\PROGRA~1\S3\UChromeP\s3minset.exe /u -log UChromeP.uns
VIA Rhine-Family Fast-Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Vista Codec Package --> MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
WEKA VOB Stand 10.06 . --> C:\Program Files\InstallShield Installation Information\Setup.exe -uninstall -guid"WEKA VOB STAND 10_06 _" -tguid"{CA9EB2CC-FFF0-498E-A784-21D2A77774F2}" -hwnd"0"
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WISO Lohnsteuerermäßigung 2008 --> C:\Program Files\InstallShield Installation Information\{6551D522-E39F-4CD0-9067-70E6E17F41F4}\setup.exe -runfromtemp -l0x0007 -removeonly
WISO Sparbuch 2007 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EDB9281-1F84-4195-9CDD-85985D17DDC7}\setup.exe" -l0x7  -removeonly
WordPerfect Office X3 --> "C:\Program Files\WordPerfect Office X3\CabsDE\MSILauncher.exe" "{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}"
WordPerfect Office X3 --> MsiExec.exe /I{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}


-- Application Event Log -------------------------------------------------------

Event Record #/Type7439 / Success
Event Submitted/Written: 06/02/2008 04:21:02 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Der Softwarelizenzierungsdienst wurde gestartet.

Event Record #/Type7438 / Success
Event Submitted/Written: 06/02/2008 04:21:01 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type7436 / Success
Event Submitted/Written: 06/02/2008 04:20:59 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type7425 / Warning
Event Submitted/Written: 06/02/2008 04:02:07 PM
Event ID/Source: 1530 / profsvc
Event Description:
Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.  

 DETAIL - 
 1 user registry handles leaked from \Registry\User\S-1-5-21-3041457313-3554905181-3576956154-1000_Classes:
Process 904 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3041457313-3554905181-3576956154-1000_CLASSES

Event Record #/Type7424 / Warning
Event Submitted/Written: 06/02/2008 04:02:05 PM
Event ID/Source: 1530 / profsvc
Event Description:
Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.  

 DETAIL - 
 1 user registry handles leaked from \Registry\User\S-1-5-21-3041457313-3554905181-3576956154-1000:
Process 904 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3041457313-3554905181-3576956154-1000



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type60218 / Warning
Event Submitted/Written: 06/02/2008 05:34:25 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Marc-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Marc-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.

Weitere Informationen finden Sie im Folgenden:
%Marc-PC275

	Scan-ID: {6382340B-D694-4F92-973A-3DC32501A89A}
 
	Benutzer: Marc-PC\Marc

	Name: %Marc-PC271

	ID: %Marc-PC272

	Schweregrad-ID: %Marc-PC273

	Kategorie-ID: %Marc-PC274

	Gefundener Pfad: %Marc-PC276

	Warnungsart: %Marc-PC278

	Feststellungstyp:  1.1.1600.02

Event Record #/Type60217 / Warning
Event Submitted/Written: 06/02/2008 05:34:25 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Marc-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Marc-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.

Weitere Informationen finden Sie im Folgenden:
%Marc-PC275

	Scan-ID: {15328626-755C-44BC-889C-8865E00B9E69}
 
	Benutzer: Marc-PC\Marc

	Name: %Marc-PC271

	ID: %Marc-PC272

	Schweregrad-ID: %Marc-PC273

	Kategorie-ID: %Marc-PC274

	Gefundener Pfad: %Marc-PC276

	Warnungsart: %Marc-PC278

	Feststellungstyp:  1.1.1600.02

Event Record #/Type60216 / Warning
Event Submitted/Written: 06/02/2008 05:34:25 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Marc-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Marc-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.

Weitere Informationen finden Sie im Folgenden:
%Marc-PC275

	Scan-ID: {6B3DB5B7-53E5-4AD8-B6B8-7432F6AF65DD}
 
	Benutzer: Marc-PC\Marc

	Name: %Marc-PC271

	ID: %Marc-PC272

	Schweregrad-ID: %Marc-PC273

	Kategorie-ID: %Marc-PC274

	Gefundener Pfad: %Marc-PC276

	Warnungsart: %Marc-PC278

	Feststellungstyp:  1.1.1600.02

Event Record #/Type60215 / Warning
Event Submitted/Written: 06/02/2008 05:34:23 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Marc-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Marc-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.

Weitere Informationen finden Sie im Folgenden:
%Marc-PC275

	Scan-ID: {9FFD59D1-06EB-4D10-9B75-39D4228F8345}
 
	Benutzer: Marc-PC\Marc

	Name: %Marc-PC271

	ID: %Marc-PC272

	Schweregrad-ID: %Marc-PC273

	Kategorie-ID: %Marc-PC274

	Gefundener Pfad: %Marc-PC276

	Warnungsart: %Marc-PC278

	Feststellungstyp:  1.1.1600.02

Event Record #/Type60214 / Warning
Event Submitted/Written: 06/02/2008 05:34:23 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Marc-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Marc-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.

Weitere Informationen finden Sie im Folgenden:
%Marc-PC275

	Scan-ID: {006C12DE-5D16-45CA-8EBA-88120AE69625}
 
	Benutzer: Marc-PC\Marc

	Name: %Marc-PC271

	ID: %Marc-PC272

	Schweregrad-ID: %Marc-PC273

	Kategorie-ID: %Marc-PC274

	Gefundener Pfad: %Marc-PC276

	Warnungsart: %Marc-PC278

	Feststellungstyp:  1.1.1600.02



-- End of Deckard's System Scanner: finished at 2008-06-02 17:36:25 ------------

wäre toll, wenn hier einer eine Idee hat, ich bin ziemlich ratlos