Avast meldet: Rootkit "PHYSICALDRIVE1" und komiche sounds

#1 Hi Leute.

Ich habe schon seit ein paar Monaten total seltsame Sounds, die unregelmäßig auftreten. Es hört sich jedesmal wie eine Aufnahme an, die aber auf keinen Fall von mir stammen kann. Sehr abstakt... das eine mal hat es sich wie ein schreiendes BAby oder so angehört, dann war es einmal wie als würde jemand erdnüsse oder so was direkt vor dem mikro essen. Das passiert manchmal 2 Wochen lang nicht und manchmal 2 mal in einer Woche. Sie sind meistens ca 10 Sekunden lang.
Außerdem hat mir heute beim Systemstart Avast gemeldet, ich hätte ein Rootkit namens PHYSICALDRIVE1.
Ich sollte dann das System neustarten und vor dem start einen Komplettcheck von Avast machen lassen. Den hab ich komplett durchlaufen lassen, hat auch eine datei gefunden, ich weiß das genaue verzeichnis nicht mehr aber es war irgendwo im AppData Verzeichnis. Naja ich habe löschen ausgewählt und als der PC dann startete kam genau die selbe meldung wieder. dann habe ich mal gegoogelt und hoffe jetzt hier auf Hilfe.

Ich habe folgende Checks durchgeführt:

MBR.exe

Code

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 

device: opened successfully
user: error reading MBR 

Disk trace:
error: Read  Das Handle ist ungültig.
kernel: error reading MBR

MBRCheck

Code

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:            
Windows Version:        Windows 7 Ultimate Edition
Windows Information:         (build 7600), 64-bit
Base Board Manufacturer:    FUJITSU SIEMENS
BIOS Manufacturer:        American Megatrends Inc.
System Manufacturer:        FUJITSU SIEMENS
System Product Name:        G31T-M2
Logical Drives Mask:        0x0000fbfc

Kernel Drivers (total 159):
  0x02E66000 \SystemRoot\system32\ntoskrnl.exe
  0x02E1D000 \SystemRoot\system32\hal.dll
  0x00BD3000 \SystemRoot\system32\kdcom.dll
  0x00C2D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00C71000 \SystemRoot\system32\PSHED.dll
  0x00C85000 \SystemRoot\system32\CLFS.SYS
  0x00CE3000 \SystemRoot\system32\CI.dll
  0x00EBC000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00F60000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x010C6000 \SystemRoot\System32\Drivers\spjg.sys
  0x011EC000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x01000000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x0102F000 \SystemRoot\system32\DRIVERS\ACPI.sys
  0x01086000 \SystemRoot\system32\DRIVERS\msisadrv.sys
  0x01090000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
  0x00F6F000 \SystemRoot\system32\DRIVERS\pci.sys
  0x0109D000 \SystemRoot\System32\drivers\partmgr.sys
  0x00FA2000 \SystemRoot\system32\DRIVERS\volmgr.sys
  0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
  0x010B2000 \SystemRoot\system32\DRIVERS\intelide.sys
  0x00E5C000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
  0x00E6C000 \SystemRoot\System32\drivers\mountmgr.sys
  0x010BA000 \SystemRoot\system32\DRIVERS\atapi.sys
  0x00E86000 \SystemRoot\system32\DRIVERS\ataport.SYS
  0x011F5000 \SystemRoot\system32\DRIVERS\amdxata.sys
  0x00DA3000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00FB7000 \SystemRoot\system32\drivers\fileinfo.sys
  0x01257000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x014F0000 \SystemRoot\System32\Drivers\msrpc.sys
  0x0154E000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x01568000 \SystemRoot\System32\Drivers\cng.sys
  0x015DB000 \SystemRoot\System32\drivers\pcw.sys
  0x015EC000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x0161F000 \SystemRoot\system32\drivers\ndis.sys
  0x01711000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01771000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01803000 \SystemRoot\System32\drivers\tcpip.sys
  0x0179C000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x017E6000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
  0x01400000 \SystemRoot\system32\DRIVERS\volsnap.sys
  0x017F6000 \SystemRoot\System32\Drivers\spldr.sys
  0x0144C000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01600000 \SystemRoot\System32\Drivers\mup.sys
  0x01612000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01486000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x014C0000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01200000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x00FCB000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x01243000 \SystemRoot\System32\Drivers\Null.SYS
  0x0124C000 \SystemRoot\System32\Drivers\Beep.SYS
  0x00DEF000 \SystemRoot\System32\drivers\vga.sys
  0x00C00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x02C4F000 \SystemRoot\System32\drivers\watchdog.sys
  0x02C5F000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x02C68000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x02C71000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x02C7A000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x02C85000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x02C96000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x02CB4000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x02CC1000 \SystemRoot\System32\Drivers\aswTdi.SYS
  0x02CD1000 \SystemRoot\system32\drivers\afd.sys
  0x02D5B000 \SystemRoot\System32\Drivers\aswRdr.SYS
  0x02D65000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x02DAA000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x02DB5000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x02DBE000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x02DE4000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x02C00000 \SystemRoot\system32\DRIVERS\serial.sys
  0x02C1D000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x02C38000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x03E82000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x03ED3000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x03EDF000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x03EEA000 \SystemRoot\System32\drivers\discache.sys
  0x03EF9000 \SystemRoot\system32\drivers\csc.sys
  0x03F7C000 \SystemRoot\System32\Drivers\dfsc.sys
  0x03F9A000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x03FAB000 \SystemRoot\System32\Drivers\aswSP.SYS
  0x03E00000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x03E26000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x0FE24000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x10A7F000 \SystemRoot\System32\Drivers\nvBridge.kmd
  0x10A81000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x10B75000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x10BBB000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x040FD000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
  0x04154000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0x04161000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x041B7000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x04000000 \SystemRoot\system32\DRIVERS\1394ohci.sys
  0x0403E000 \SystemRoot\system32\DRIVERS\parport.sys
  0x0405B000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x04067000 \SystemRoot\System32\Drivers\alnvyvx2.SYS
  0x040AC000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
  0x040BC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x040D2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x041C8000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x03E3C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x041D4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x10BDF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x0FE00000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x041EF000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x03E6B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x044B9000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x044C8000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x044CA000 \SystemRoot\system32\DRIVERS\ks.sys
  0x0450D000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x0451F000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x04579000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x050F7000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x0534B000 \SystemRoot\system32\drivers\portcls.sys
  0x05388000 \SystemRoot\system32\drivers\drmk.sys
  0x053AA000 \SystemRoot\system32\drivers\ksthunk.sys
  0x053B0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x053CD000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x053CF000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x053DD000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x053F6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x05000000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x0500D000 \SystemRoot\system32\DRIVERS\RzSynapse.sys
  0x05025000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x05033000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
  0x0504E000 \SystemRoot\system32\drivers\usbaudio.sys
  0x05069000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x05077000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x05083000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x0508C000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x000D0000 \SystemRoot\System32\win32k.sys
  0x0509F000 \SystemRoot\System32\drivers\Dxapi.sys
  0x050AB000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x005E0000 \SystemRoot\System32\TSDDD.dll
  0x00790000 \SystemRoot\System32\cdd.dll
  0x00880000 \SystemRoot\System32\ATMFD.DLL
  0x050B9000 \SystemRoot\system32\drivers\luafv.sys
  0x0458E000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
  0x050DC000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
  0x045C8000 \SystemRoot\system32\drivers\WudfPf.sys
  0x045E9000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x04400000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x06826000 \SystemRoot\system32\drivers\HTTP.sys
  0x068EE000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x0690C000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x06924000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x06951000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0699F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x069C2000 \SystemRoot\system32\drivers\npf.sys
  0x06C2F000 \SystemRoot\system32\drivers\peauth.sys
  0x06CD5000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x06CE0000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x06D0D000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x06D1F000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x04418000 \SystemRoot\System32\DRIVERS\srv.sys
  0x06D86000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x09563000 \SystemRoot\system32\DRIVERS\usbscan.sys
  0x09574000 \SystemRoot\system32\DRIVERS\usbprint.sys
  0x77980000 \Windows\System32\ntdll.dll
  0x48270000 \Windows\System32\smss.exe
  0xFFCA0000 \Windows\System32\apisetschema.dll

Processes (total 62):
       0 System Idle Process
       4 System
     308 C:\Windows\System32\smss.exe
     516 csrss.exe
     580 csrss.exe
     588 C:\Windows\System32\wininit.exe
     636 C:\Windows\System32\winlogon.exe
     684 C:\Windows\System32\services.exe
     692 C:\Windows\System32\lsass.exe
     704 C:\Windows\System32\lsm.exe
     800 C:\Windows\System32\svchost.exe
     888 C:\Windows\System32\nvvsvc.exe
     928 C:\Windows\System32\svchost.exe
     116 C:\Windows\System32\svchost.exe
     396 C:\Windows\System32\svchost.exe
     476 C:\Windows\System32\svchost.exe
     456 C:\Windows\System32\audiodg.exe
    1048 C:\Windows\System32\svchost.exe
    1112 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    1132 C:\Windows\System32\nvvsvc.exe
    1208 C:\Windows\System32\svchost.exe
    1276 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    1472 C:\Windows\explorer.exe
    1748 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    1780 C:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
    1808 C:\Program Files (x86)\MySig.exe
    1896 C:\Program Files (x86)\Razer\Naga\NagaTray.exe
    1932 C:\Program Files (x86)\Gomez\GomezPEER\jre\bin\java.exe
    1964 C:\Windows\System32\conhost.exe
    1980 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    1348 C:\Windows\System32\spoolsv.exe
     508 C:\Windows\System32\taskhost.exe
     576 C:\Windows\System32\svchost.exe
    2188 C:\Windows\SysWOW64\svchost.exe
    2208 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    2340 C:\Windows\SysWOW64\PnkBstrA.exe
    2416 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    2468 C:\Windows\System32\svchost.exe
    2496 C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
    2552 C:\Program Files (x86)\Tunngle\TnglCtrl.exe
    2620 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    2976 C:\Windows\System32\SearchIndexer.exe
    3012 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    3088 C:\Windows\System32\svchost.exe
    3452 WUDFHost.exe
    3568 C:\Program Files\Windows Media Player\wmpnetwk.exe
    4000 C:\Windows\System32\svchost.exe
    3916 C:\Windows\System32\svchost.exe
    2644 dllhost.exe
    1292 C:\Program Files (x86)\Winamp\winamp.exe
     316 C:\Program Files (x86)\Nero\Update\NASvc.exe
    4204 C:\Windows\System32\svchost.exe
    4388 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    4720 C:\Windows\splwow64.exe
    2024 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    4288 C:\Windows\System32\notepad.exe
    4960 C:\Windows\System32\SearchProtocolHost.exe
    3144 C:\Windows\System32\SearchFilterHost.exe
    3996 WmiPrvSE.exe
    2476 C:\Users\Seemöse\Desktop\MBRCheck.exe
    3548 C:\Windows\System32\conhost.exe
    2040 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x0000005c`06a00000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000002`ee100000  (NTFS)
\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000001b`58100000  (NTFS)

PhysicalDrive1 Model Number: WDCWD5000AACS-00ZUB0, Rev: 01.01B01
PhysicalDrive0 Model Number: ST3500630AS, Rev: 3.AAD   

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive1   Unknown MBR code
            SHA1: 43D883454798828D348BD54C7A5CBDE0A9733364
    465 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit: 

Done!

OTL.txt

[spoiler]

Code

OTL logfile created on: 04.04.2011 20:41:49 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Seemöse\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 10,86 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 33,07 Gb Free Space | 33,86% Space Free | Partition Type: NTFS
Drive E: | 368,10 Gb Total Space | 61,29 Gb Free Space | 16,65% Space Free | Partition Type: NTFS
Drive F: | 356,38 Gb Total Space | 93,94 Gb Free Space | 26,36% Space Free | Partition Type: NTFS
 
Computer Name: ICARUZ | User Name: Seemöse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Seemöse\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe ()
PRC - F:\WoW\Wow.exe (Blizzard Entertainment)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Gomez\GomezPEER\jre\bin\java.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Razer\Naga\NagaTray.exe (Razer USA Ltd)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\MySig.exe (sDesign)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Seemöse\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (RzSynapse) -- C:\Windows\SysNative\drivers\RzSynapse.sys (Razer USA Ltd)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:[b]64bit:[/b] - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:[b]64bit:[/b] - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:[b]64bit:[/b] - (bulkadi) -- C:\Windows\SysNative\drivers\bulkrazer_x64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (vcd10bus) -- C:\Windows\SysNative\drivers\vcd10bus.sys (H+H Software GmbH)
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 71 C8 FF DA 67 A4 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.2
FF - prefs.js..extensions.enabledItems: {1cff04ef-0c75-4621-ba2a-2efb77346996}:2.3
FF - prefs.js..extensions.enabledItems: {464F169E-ACE1-4C5F-A778-A433A3DABBAE}:1.0
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:4.1.12s
FF - prefs.js..extensions.enabledItems: orbitdownloaderfix@e4zune.com.ar:1.0.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.36
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.25 00:20:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.25 00:20:06 | 000,000,000 | ---D | M]
 
[2010.02.03 02:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Extensions
[2011.04.04 19:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions
[2010.02.03 02:32:53 | 000,000,000 | ---D | M] ("ChromaTabs Plus") -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
[2011.03.11 17:10:02 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.03.24 16:13:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.02.03 15:24:40 | 000,000,000 | ---D | M] (SearchStatus) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
[2010.04.18 03:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.03.30 16:08:56 | 000,000,000 | ---D | M] (FireGestures) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\firegestures@xuldev.org
[2010.05.08 18:12:09 | 000,000,000 | ---D | M] (E4ZUNE | ORBIT DOWNLOADER FIX) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\orbitdownloaderfix@e4zune.com.ar
[2010.05.08 18:36:11 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Seemöse\AppData\Roaming\mozilla\Firefox\Profiles\tyiq53hx.default\extensions\SkipScreen@SkipScreen
[2011.04.04 19:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.02.28 13:25:29 | 000,000,000 | ---D | M] (VMLoad) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE}
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\{1CFF04EF-0C75-4621-BA2A-2EFB77346996}
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\FIREGESTURES@XULDEV.ORG
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\ORBITDOWNLOADERFIX@E4ZUNE.COM.AR
File not found (No name found) -- C:\USERS\SEEMöSE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TYIQ53HX.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010.09.09 22:09:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.09 22:09:57 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.09 22:09:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.09 22:09:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.09 22:09:57 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\NagaTray.exe (Razer USA Ltd)
O4 - Startup: C:\Users\Seemöse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MySig.lnk = C:\Program Files (x86)\MySig.exe (sDesign)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:[b]64bit:[/b] - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:[b]64bit:[/b] - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:[b]64bit:[/b] - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] -  File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\PrxerNsp.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0f833389-f6c7-11de-937e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0f833389-f6c7-11de-937e-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Support\AutoRun\AutoRun.exe
O33 - MountPoints2\{55b1521b-1438-11df-9421-0019214b8c62}\Shell - "" = AutoRun
O33 - MountPoints2\{55b1521b-1438-11df-9421-0019214b8c62}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{e124100c-1197-11df-af16-0019214b8c62}\Shell - "" = AutoRun
O33 - MountPoints2\{e124100c-1197-11df-af16-0019214b8c62}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.04.04 20:39:16 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Seemöse\Desktop\OTL.exe
[2011.04.03 22:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.03.28 22:47:28 | 014,257,720 | ---- | C] (Razer USA Ltd.                                               ) -- C:\Users\Seemöse\Desktop\Razer_Megalodon_FirmwareUpdater_v2.12.exe
[2011.03.20 17:52:23 | 000,000,000 | ---D | C] -- C:\Users\Seemöse\AppData\Roaming\.minecraft_xray
[2011.03.20 17:51:48 | 000,000,000 | ---D | C] -- C:\Users\Seemöse\Desktop\minecraft_xray_2.7_mb_11
[2011.03.13 12:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 2
[2011.03.13 12:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chicken Invaders 2
[2011.03.13 12:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReflexiveArcade
[2011.03.09 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\Seemöse\AppData\Local\PlayerScore
[2011.03.09 18:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayerScore
[2011.03.09 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayerScoreClient
[2011.03.09 18:20:03 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.03.09 18:20:03 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.03.09 18:20:03 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.03.09 18:20:02 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.03.09 18:19:59 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.03.09 18:19:59 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.03.09 18:19:58 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.03.09 18:19:58 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.03.09 18:19:53 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 18:19:52 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 18:19:52 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 18:19:52 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 18:19:51 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 18:19:51 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 18:19:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 18:19:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2008.07.18 01:15:47 | 000,696,320 | ---- | C] (sDesign) -- C:\Program Files (x86)\MySig.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.04.04 20:45:29 | 000,301,568 | ---- | M] () -- C:\Users\Seemöse\Desktop\xeeouj6s.exe
[2011.04.04 20:43:57 | 000,000,383 | ---- | M] () -- C:\Program Files (x86)\setup.ini
[2011.04.04 20:39:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Seemöse\Desktop\OTL.exe
[2011.04.04 19:12:30 | 000,080,384 | ---- | M] () -- C:\Users\Seemöse\Desktop\MBRCheck.exe
[2011.04.04 19:09:28 | 000,089,088 | ---- | M] () -- C:\Windows\SysNative\mbr.exe
[2011.04.04 18:53:44 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 18:53:44 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 18:52:42 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.04 18:52:42 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.04 18:52:42 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.04 18:52:42 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.04 18:52:42 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.04 18:46:21 | 000,000,884 | ---- | M] () -- C:\Users\Seemöse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MySig.lnk
[2011.04.04 18:44:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.04 15:49:33 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.04 15:48:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2011.04.03 22:39:10 | 000,000,969 | ---- | M] () -- C:\Users\Seemöse\Desktop\Crysis2 - Verknüpfung.lnk
[2011.03.29 18:13:00 | 185,548,749 | ---- | M] () -- C:\Users\Seemöse\Desktop\PS3UPDAT.PUP
[2011.03.29 15:41:39 | 002,834,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.03.28 22:51:47 | 000,260,580 | ---- | M] () -- C:\Windows\SysWow64\temp.bin
[2011.03.28 22:48:25 | 014,257,720 | ---- | M] (Razer USA Ltd.                                               ) -- C:\Users\Seemöse\Desktop\Razer_Megalodon_FirmwareUpdater_v2.12.exe
[2011.03.28 14:50:09 | 000,010,766 | ---- | M] () -- C:\Users\Seemöse\Desktop\Gruppeneinteilung.odt
[2011.03.28 14:49:48 | 000,517,841 | ---- | M] () -- C:\Users\Seemöse\Desktop\domain-kuendigung-80659.pdf
[2011.03.17 20:51:34 | 000,046,208 | ---- | M] () -- C:\Users\Seemöse\Documents\ts3_clientui-win32-12815-2011-03-17 19_51_33.898437.dmp
[2011.03.17 18:13:29 | 000,270,142 | ---- | M] () -- C:\Users\Seemöse\Desktop\Minecraft.exe
[2011.03.13 12:59:37 | 000,001,084 | ---- | M] () -- C:\Users\Seemöse\Desktop\Chicken Invaders 2.lnk
[2011.03.08 19:50:33 | 000,017,485 | ---- | M] () -- C:\Users\Seemöse\Desktop\Tagesberichte.odt
[2011.03.08 19:17:42 | 000,022,177 | ---- | M] () -- C:\Users\Seemöse\Desktop\Wochenberichte.odt
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.04.04 19:12:28 | 000,080,384 | ---- | C] () -- C:\Users\Seemöse\Desktop\MBRCheck.exe
[2011.04.04 19:09:26 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\mbr.exe
[2011.04.03 22:39:10 | 000,000,969 | ---- | C] () -- C:\Users\Seemöse\Desktop\Crysis2 - Verknüpfung.lnk
[2011.03.29 18:06:04 | 185,548,749 | ---- | C] () -- C:\Users\Seemöse\Desktop\PS3UPDAT.PUP
[2011.03.28 22:51:47 | 000,260,580 | ---- | C] () -- C:\Windows\SysWow64\temp.bin
[2011.03.28 14:50:07 | 000,010,766 | ---- | C] () -- C:\Users\Seemöse\Desktop\Gruppeneinteilung.odt
[2011.03.27 03:55:56 | 000,517,841 | ---- | C] () -- C:\Users\Seemöse\Desktop\domain-kuendigung-80659.pdf
[2011.03.17 20:51:33 | 000,046,208 | ---- | C] () -- C:\Users\Seemöse\Documents\ts3_clientui-win32-12815-2011-03-17 19_51_33.898437.dmp
[2011.03.17 18:13:28 | 000,270,142 | ---- | C] () -- C:\Users\Seemöse\Desktop\Minecraft.exe
[2011.03.13 12:59:37 | 000,001,084 | ---- | C] () -- C:\Users\Seemöse\Desktop\Chicken Invaders 2.lnk
[2011.03.07 20:41:54 | 000,022,177 | ---- | C] () -- C:\Users\Seemöse\Desktop\Wochenberichte.odt
[2010.11.08 21:39:04 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.11.08 21:39:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.10.31 03:02:00 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.10.30 12:42:15 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.07.22 22:50:34 | 000,000,112 | ---- | C] () -- C:\Users\Seemöse\AppData\Roaming\Current.prx
[2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.06.27 16:02:49 | 000,000,280 | ---- | C] () -- C:\Users\Seemöse\AppData\Local\DelUnist.bat
[2010.06.20 17:45:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.06.17 20:39:45 | 000,000,285 | ---- | C] () -- C:\Windows\game.ini
[2010.06.05 16:19:51 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.06.05 16:19:51 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.22 16:41:08 | 000,000,000 | ---- | C] () -- C:\Windows\VisitorVille.INI
[2010.04.07 18:06:13 | 005,652,144 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2010.04.07 18:06:13 | 000,015,347 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2010.02.13 03:51:36 | 000,000,014 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.02.05 20:58:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.02.03 18:39:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.02.03 18:21:24 | 000,000,383 | ---- | C] () -- C:\Program Files (x86)\setup.ini
[2010.01.01 13:25:12 | 000,007,609 | ---- | C] () -- C:\Users\Seemöse\AppData\Local\Resmon.ResmonCfg
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.03.29 06:29:31 | 000,057,344 | ---- | C] () -- C:\Program Files (x86)\MySigUpdater.exe
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011.03.20 17:12:52 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\.minecraft
[2011.03.20 17:52:23 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\.minecraft_xray
[2011.03.24 00:08:17 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\.purple
[2010.05.12 17:37:57 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\aicon
[2011.02.01 21:08:11 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Bioshock2
[2010.05.23 13:32:58 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\com.oskoui-oskoui.avatar
[2010.10.12 15:39:05 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2010.02.08 00:53:18 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\DAEMON Tools Lite
[2010.04.26 15:34:51 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\dBpoweramp
[2010.09.13 00:02:34 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Dev-Cpp
[2010.12.06 00:22:14 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\FileZilla
[2010.02.28 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\FMZilla
[2011.01.11 01:19:56 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\FTPRush
[2010.10.23 21:17:03 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Gomez
[2010.05.08 18:37:25 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\GrabPro
[2011.01.20 19:56:18 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\gtk-2.0
[2010.02.26 22:41:53 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\IrfanView
[2010.05.22 16:38:15 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\LLL Records
[2010.06.23 15:01:50 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\LolClient
[2010.04.18 15:37:59 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010.05.17 00:08:34 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Microsys
[2010.10.23 18:52:36 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\NetMeter
[2010.06.11 18:21:06 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Octoshape
[2010.04.16 20:12:22 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\OpenOffice.org
[2010.10.30 22:15:09 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Opera
[2011.01.24 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Orbit
[2010.12.13 13:01:31 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\PureBasic
[2010.10.12 14:08:42 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Red Alert 3
[2011.01.26 23:57:06 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\RIFT
[2010.11.04 20:43:43 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\SecondLife
[2010.04.21 18:03:58 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\SpeedSim
[2010.06.04 15:57:27 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\SquareLogic
[2010.03.11 21:47:21 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\TeamViewer
[2010.02.28 14:49:11 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\TheLastRipper
[2010.03.14 02:04:28 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\TS3Client
[2010.12.25 01:01:47 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Tunngle
[2010.10.21 15:35:52 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\Ubisoft
[2010.02.23 22:38:50 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\UseNeXT
[2010.08.27 22:59:47 | 000,000,000 | --SD | M] -- C:\Users\Seemöse\AppData\Roaming\Virtual CD v10
[2010.02.28 19:14:26 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\VMLoad
[2010.07.13 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\W
[2010.07.13 21:41:47 | 000,000,000 | ---D | M] -- C:\Users\Seemöse\AppData\Roaming\wargaming.net
[2011.01.17 16:37:26 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

[/spoiler]

Extras.txt


[spoiler]

Code

OTL Extras logfile created on: 04.04.2011 20:41:49 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Seemöse\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 10,86 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 33,07 Gb Free Space | 33,86% Space Free | Partition Type: NTFS
Drive E: | 368,10 Gb Total Space | 61,29 Gb Free Space | 16,65% Space Free | Partition Type: NTFS
Drive F: | 356,38 Gb Total Space | 93,94 Gb Free Space | 26,36% Space Free | Partition Type: NTFS
 
Computer Name: ICARUZ | User Name: Seemöse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PureBasic_is1" = PureBasic 4.51 Demo (64 bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1367FA2F-2B3D-430F-872F-588B93420BFC}" = TimeShift
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4D565319-8B91-41cb-961C-0DDC86101AC5}" = Dragon Age II Demo
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5454085C-840F-4070-8FAA-441000018301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000028301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000028302}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038302}" = BioShock 2
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = Die Sims™ 3 Erstelle einen Sim
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F64A0D3-B0D2-4EE1-9A9D-452BD4459D09}" = Razer Naga
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE12677C-F7D2-45A8-BBF9-0FC0B972EDC3}" = League of Legends
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3FCC3AFB41454763995BFF6E08972DDE_is1" = A1 Keyword Research
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Akamai" = Akamai NetSession Interface
"Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"avast5" = avast! Free Antivirus
"Big Money Deluxe 1.22" = Big Money Deluxe 1.22
"Cain & Abel v4.9.36" = Cain & Abel v4.9.36
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Chicken Invaders 2_is1" = Chicken Invaders 2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"EasyBCD" = EasyBCD 2.0
"EPSON Scanner" = EPSON Scan
"eToro" = eToro
"EVE" = EVE Online (remove only)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FileZilla Client" = FileZilla Client 3.3.5.1
"Fraps" = Fraps (remove only)
"FTPRush_is1" = FTPRush v1 Unicode
"Garena" = Garena 2010
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GomezPEER" = GomezPEER
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MySig" = MySig 1.44.40.1 
"netloader" = netloader
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Orbit_is1" = Orbit Downloader
"Patrizier II Gold_is1" = Patrizier II Gold
"Pidgin" = Pidgin
"PokerStars.net" = PokerStars.net
"Proxifier_is1" = Proxifier version 2.9
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"Serious Sam HD The First Encounter_is1" = Serious Sam HD The First Encounter
"SpeedSim" = SpeedSim
"SprayR" = SprayR 1.0 RC7b
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"Steam App 17520" = Synergy
"Steam App 211" = Source SDK
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steamless Team Fortress 2 Pack" = Steamless Team Fortress 2 Pack
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"Tunngle beta_is1" = Tunngle beta
"uploaded Tool 2009_is1" = uploaded Tool 2009 Version 1.0
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"Xfire" = Xfire (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"Octoshape Streaming Services" = Octoshape Streaming Services
"Skat-Online V8" = Skat-Online V8
"Winamp Detect" = Winamp Erkennungs-Plug-in
"World of Logs Client" = World of Logs Client
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 22.03.2011 17:24:59 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1144    Startzeit:
 01cbe8cc037698fa    Endzeit: 99    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 d54a26b6-54ca-11e0-bb0f-0019214b8c62  
 
Error - 23.03.2011 12:12:06 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 158    Startzeit: 
01cbe9720229b16c    Endzeit: 149    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 4a8cf43c-5568-11e0-a0ae-0019214b8c62  
 
Error - 24.03.2011 17:59:06 | Computer Name = IcaruZ | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.4079,
 Zeitstempel: 0x4d6fb663  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x01110bb8  ID des fehlerhaften
 Prozesses: 0x154  Startzeit der fehlerhaften Anwendung: 0x01cbea2dafd3ca66  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: effe3527-5661-11e0-9a5a-0019214b8c62
 
Error - 25.03.2011 11:59:05 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1244    Startzeit:
 01cbeb03f0e2785c    Endzeit: 106    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 ce35ace4-56f8-11e0-88ae-0019214b8c62  
 
Error - 25.03.2011 22:12:25 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: bb0    Startzeit: 
01cbeb58d4862046    Endzeit: 103    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 7c23c8a7-574e-11e0-a96e-0019214b8c62  
 
Error - 28.03.2011 17:22:24 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: cb4    Startzeit: 
01cbed8c3d28f0a0    Endzeit: 96    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
   
 
Error - 29.03.2011 16:51:41 | Computer Name = IcaruZ | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.180.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 103c    Startzeit:
 01cbee4d17a1312e    Endzeit: 83    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
   
 
Error - 03.04.2011 16:21:16 | Computer Name = IcaruZ | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 03.04.2011 16:39:26 | Computer Name = IcaruZ | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.12.6658,
 Zeitstempel: 0x4d27ce94  Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.12.6658,
 Zeitstempel: 0x4d27cbb9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000059c4c
ID
 des fehlerhaften Prozesses: 0x474  Startzeit der fehlerhaften Anwendung: 0x01cbf223577d0c82
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\NVSVC64.DLL  Berichtskennung: 76e38f9b-5e32-11e0-9c70-0019214b8c62
 
Error - 04.04.2011 12:44:56 | Computer Name = IcaruZ | Source = Desktop Window Manager | ID = 9020
Description = Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x0) 
festgestellt.
 
[ System Events ]
Error - 29.03.2011 12:04:37 | Computer Name = IcaruZ | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 30.03.2011 10:30:28 | Computer Name = IcaruZ | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 30.03.2011 10:30:31 | Computer Name = IcaruZ | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 30.03.2011 10:30:32 | Computer Name = IcaruZ | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 30.03.2011 10:30:32 | Computer Name = IcaruZ | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 01.04.2011 10:15:14 | Computer Name = IcaruZ | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 01.04.2011 10:15:14 | Computer Name = IcaruZ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 01.04.2011 10:15:14 | Computer Name = IcaruZ | Source = DCOM | ID = 10005
Description = 
 
Error - 03.04.2011 16:47:40 | Computer Name = IcaruZ | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?04.?2011 um 22:45:58 unerwartet heruntergefahren.
 
Error - 04.04.2011 13:10:48 | Computer Name = IcaruZ | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\SEEMSE~1\AppData\Local\Temp\mbr.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
 
< End of report >

Defogger ( damit habe ich daemon tools deaktiviert )

Code

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:15 on 04/04/2011 (Seemöse)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

GMER

[spoiler]

Code

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-04 21:52:28
Windows 6.1.7600  
Running: xeeouj6s.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x61 0xF1 0x83 0x61 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x83 0x64 0x53 0x15 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xDC 0x29 0x6D 0x8B ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x61 0xF1 0x83 0x61 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x83 0x64 0x53 0x15 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xDC 0x29 0x6D 0x8B ...

---- EOF - GMER 1.0.15 ----

#2 Ich werde mich heute Abend melden.

#3 wunderbar danke

#4 Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Lade ComboFix von einem der unten aufgeführten Links herunter. Du musst diese umbenennen, bevor Du es auf den Desktop speicherst. Speichere ComboFix auf deinen Desktop.

• BleepingComputer
• ForoSpyware**NB: Es ist wichtig, das ComboFix.exe auf dem Desktop gespeichert wird**




• Deaktivere Deine Anti-Virus- und Anti-Spyware-Programme. Normalerweise kannst Du dies über einen Rechtsklick auf das Systemtray-Icon tun. Die Programme könnten sonst eventuell unsere Programme bei deren Arbeit stören.
• Doppel-klicke auf ComboFix.exe und folge den Aufforderungen.
• Wenn ComboFix fertig ist, wird es ein Log für dich erstellen.
• Bitte poste mir den Inhalt von C:\ComboFix.txt hier in de Thread.

#5 ähm... ich hab es rutnergeladen und es sagtmir eine aktuellere version steht zur verfügung... soll ich jetzt updaten oder muss ich diese benutzten?

#6 Wenn kommt diese Meldung?

#7 naja also ich hab den antivirus aus gemacht und dann als diese blaue kommandozeile kam, kam dadrüber die update meldung.

#8 Dann mach das Update.

#9

Code

ComboFix 11-04-07.08 - Seemöse 08.04.2011  19:34:42.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.4095.2527 [GMT 2:00]
ausgeführt von:: c:\users\Seemöse\Desktop\Combo-Fix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Gomez
c:\program files (x86)\Gomez\GomezPEER\agents\agents.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\image\gozilla.zip
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\.autoreg
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\AccessibleMarshal.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\application.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\blocklist.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\browserconfig.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutCertError.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutPrivateBrowsing.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRights.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRobots.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutSessionRestore.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\browserdirprovider.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\brwsrcmp.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedConverter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedProcessor.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedWriter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\flashplayer.xpt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\fuelApplication.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\gomezplugin.xpt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\jsconsole-clhandler.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\NetworkGeolocationProvider.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsAddonRepository.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBadCertHandler.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBlocklistService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserContentHandler.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserGlue.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentDispatchChooser.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentPrefService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDefaultCLH.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDownloadManagerUI.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsExtensionManager.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHandlerService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHelperAppDlg.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLivemarkService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginInfo.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManager.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManagerPrompter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsMicrosummaryService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesDBFlush.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesTransactionsService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPostUpdateWin.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPrivateBrowsingService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsProxyAutoConfig.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSafebrowsingApplication.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchSuggestions.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStartup.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStore.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSetDefaultBrowser.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSidebar.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTaggingService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTryToClose.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUpdateService.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierLib.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierListManager.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsURLFormatter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\nsWebHandlerApp.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\pluginGlue.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-Legacy.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-mozStorage.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\txEXSLTRegExFunctions.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\components\WebContentConverter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter-override.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.exe
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\platform.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\prefcalls.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\channel-prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-branding.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-l10n.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\reporter.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\bookmarks.html
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userChrome-example.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userContent-example.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\localstore.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\mimeTypes.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.aff
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.dic
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome\xhtmlmp.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-logging.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-multipartmixed-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\defaults\preferences\xhtmlmp.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\install.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\readme.txt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome\wmlbrowser.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\components\wml-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\defaults\preferences\prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome.manifest
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome\gomezagent.jar
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-alogger-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-cache-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-filter-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-prompt-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-psrbuilder-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-scoe-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-stats-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-utility-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-visualresult-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\browser-monitor-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\gsl-converter-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\http-event-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIFxAgent.xpt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.xpt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.xpt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-executor.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-server-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\zconsole-server-service.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\config\loggerConfig.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\install.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\beautify.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\gsl2shim.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\io.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\json2.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\psrtest.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\utils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\version.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\zipit.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.chk
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\awaitfile.exe
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-launch.cmd
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision-sa.cmd
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision.cmd
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gozilla.exe
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\all.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\security-prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\xpinstall.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\js3250.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\LICENSE
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\debug.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\distribution.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadLastDir.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadUtils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\ISO8601DateUtils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\Microformats.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\openLocationLastURL.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\PlacesDBUtils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\PluralForm.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\SpatialNavigation.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\utils.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\WindowDraggingUtils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\modules\XPCOMUtils.jsm
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\mozcrt19.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nspr4.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nss3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nssckbi.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.chk
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\nssutil3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\platform.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plc4.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plds4.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgfp.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgslp.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npnul32.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\plugins\NPSWF32.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\README.txt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\removed-files
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\arrow.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\arrowd.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\broken-image.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetalias.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetData.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\contenteditable.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\designmode.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\mathml.dtd
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\xhtml11.dtd
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\EditorOverride.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Latin1.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Special.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Symbols.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\htmlEntityVersions.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\mathml20.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\transliterate.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfont.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontStandardSymbolsL.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXNonUnicode.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXSize1.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSymbol.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontUnicode.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\forms.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\grabber.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\hiddenWindow.html
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\html.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\html\folder.png
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\langGroups.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\language.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\loading-image.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\mathml.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\quirk.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\svg.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-active.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-hover.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row.gif
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\ua.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\viewsource.css
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\res\wincharset.properties
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\amazondotcom.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\answers.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\creativecommons.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\eBay.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\google.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\wikipedia.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\yahoo.xml
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\smime3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.chk
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\sqlite3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\ssl3.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0\ScriptCache\sizzle20090425wrb
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\bookmarkbackups\bookmarks-2010-09-13.json
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_001_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_002_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_003_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_MAP_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cert8.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compatibility.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compreg.dat
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\content-prefs.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cookies.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\downloads.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.cache
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\formhistory.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\key3.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\localstore.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\mimeTypes.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\OfflineCache\index.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\permissions.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite-journal
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\profile.done
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.json
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\secmod.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\signons.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\webappsstore.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XPC.mfl
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\xpti.dat
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XUL.mfl
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\agt-0-ga.log
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-4-8-17-30-5_Crackle_Search_Script_-_FF_Agent_agt-0.log
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-4-8-19-30-9_Mazda_DE_LMHP-FF-Automotive-DE_-_FF_Agen_agt-0.log
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-4-8-19-5-6_FD_BasicFlashTag_LM_agt-0.log
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\uninstall\helper.exe
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\update.locale
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\updater.exe
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\updater.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\version.txt
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\bookmarkbackups\bookmarks-2010-09-13.json
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_001_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_002_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_003_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_MAP_
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\cert8.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\compatibility.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\compreg.dat
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\content-prefs.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\cookies.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\downloads.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.cache
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.ini
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\formhistory.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\key3.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\localstore.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\mimeTypes.rdf
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\OfflineCache\index.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\permissions.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\places.sqlite-journal
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\places.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\pluginreg.dat
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\prefs.js
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\profile.done
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\search.json
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\search.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\secmod.db
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\signons.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\urlclassifier3.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\webappsstore.sqlite
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\XPC.mfl
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\xpti.dat
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\XUL.mfl
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\xpcom.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\xul.dll
c:\program files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\zlib1.dll
c:\program files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
c:\program files (x86)\Gomez\GomezPEER\cache\helper\GomezGlobalFunctions.008.js
c:\program files (x86)\Gomez\GomezPEER\cache\helper\static_helpers.003.js
c:\program files (x86)\Gomez\GomezPEER\cache\params.xml
c:\program files (x86)\Gomez\GomezPEER\cache\Respawn.class
c:\program files (x86)\Gomez\GomezPEER\country_list.txt
c:\program files (x86)\Gomez\GomezPEER\decode.exe
c:\program files (x86)\Gomez\GomezPEER\dll.log
c:\program files (x86)\Gomez\GomezPEER\getclean.exe
c:\program files (x86)\Gomez\GomezPEER\gomez.dat
c:\program files (x86)\Gomez\GomezPEER\gomez.dat.backup1
c:\program files (x86)\Gomez\GomezPEER\gomez.dat.backup2
c:\program files (x86)\Gomez\GomezPEER\gomez.dat.backup3
c:\program files (x86)\Gomez\GomezPEER\javparms.dat
c:\program files (x86)\Gomez\GomezPEER\jre\bin\attach.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\awt.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\axbridge.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\client\classes.jsa
c:\program files (x86)\Gomez\GomezPEER\jre\bin\client\jvm.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\client\Xusage.txt
c:\program files (x86)\Gomez\GomezPEER\jre\bin\cmm.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\comfyj.lic
c:\program files (x86)\Gomez\GomezPEER\jre\bin\dcpr.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\deploy.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\dt_shmem.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\dt_socket.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\eula.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\fontmanager.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\hpi.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\hprof.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\ICE_JNIRegistry.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\instrument.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\ioser12.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\j2pcsc.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\j2pkcs11.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jaas_nt.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\java-rmi.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\java.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\java.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\java_crw_demo.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\javacpl.cpl
c:\program files (x86)\Gomez\GomezPEER\jre\bin\javacpl.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\javaw.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\javaws.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jawt.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\JdbcOdbc.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jdwp.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jexplorer.lic
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jli.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jniwrap.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jniwrap.lic
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpeg.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpicom.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpiexp.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpinscp.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpioji.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jpishare.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jsound.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jsoundds.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jucheck.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jureg.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\jusched.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\keytool.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\kinit.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\klist.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\ktab.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\management.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\Microsoft.VC80.CRT.manifest
c:\program files (x86)\Gomez\GomezPEER\jre\bin\msvcm80.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\msvcp80.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\msvcr71.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\msvcr80.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\net.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\nio.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjava11.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjava12.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjava13.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjava14.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjava32.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjpi160.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npjpi160_03.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npoji610.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\npt.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\orbd.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\pack200.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\policytool.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\porivonet.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\PorivoProcess.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\regutils.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\rmi.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\rmid.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\rmiregistry.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\server\jvm.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\server\Xusage.txt
c:\program files (x86)\Gomez\GomezPEER\jre\bin\servertool.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\splashscreen.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\ssv.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\sunmscapi.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\SystemInfo.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\tnameserv.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\unicows.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\unpack.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\unpack200.exe
c:\program files (x86)\Gomez\GomezPEER\jre\bin\verify.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\w2k_lsa_auth.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\WinTimer.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\wsdetect.dll
c:\program files (x86)\Gomez\GomezPEER\jre\bin\zip.dll
c:\program files (x86)\Gomez\GomezPEER\jre\COPYRIGHT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\audio\soundbank.gm
c:\program files (x86)\Gomez\GomezPEER\jre\lib\calendars.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\charsets.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\classlist
c:\program files (x86)\Gomez\GomezPEER\jre\lib\cmm\CIEXYZ.pf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\cmm\GRAY.pf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\cmm\LINEAR_RGB.pf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\cmm\PYCC.pf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\cmm\sRGB.pf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\content-types.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\ffjcext.zip
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_de.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_es.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_fr.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_it.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_ja.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_ko.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_sv.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_zh_CN.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_zh_HK.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\messages_zh_TW.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\deploy\splash.jpg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\endorsed\xalan.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\commons-codec.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\commons-lang.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\css.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\dnsjava.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\dnsns.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\gomez-webcore.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\HeartBeatProject.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\jdom.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\JNIRegistry.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\jniwrap.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\js.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\jstools.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\Kernel.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\localedata.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\log4j.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\meta-index
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\nekohtml.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\oro.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\peergui.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\PeerReviewProject.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\poi.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\porivo-agent.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\porivo-lib.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\porivo-modules.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\porivo-utils.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\sunjce_provider.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\sunmscapi.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\sunpkcs11.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\winpack.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\ext\xerces.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\flavormap.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fontconfig.98.bfc
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fontconfig.98.properties.src
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fontconfig.bfc
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fontconfig.properties.src
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiBold.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiItalic.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightItalic.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightRegular.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaSansDemiBold.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaSansRegular.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterBold.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterRegular.ttf
c:\program files (x86)\Gomez\GomezPEER\jre\lib\i386\jvm.cfg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\im\indicim.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\im\thaiim.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\cursors.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\invalid32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\program files (x86)\Gomez\GomezPEER\jre\lib\javaws.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\jce.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\jsse.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\jvm.hprof.txt
c:\program files (x86)\Gomez\GomezPEER\jre\lib\logging.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\management-agent.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\management\jmxremote.access
c:\program files (x86)\Gomez\GomezPEER\jre\lib\management\jmxremote.password.template
c:\program files (x86)\Gomez\GomezPEER\jre\lib\management\management.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\management\snmp.acl.template
c:\program files (x86)\Gomez\GomezPEER\jre\lib\meta-index
c:\program files (x86)\Gomez\GomezPEER\jre\lib\net.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\plugin.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\psfont.properties.ja
c:\program files (x86)\Gomez\GomezPEER\jre\lib\psfontj2d.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\resources.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\rt.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\cacerts
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\gsr.policy
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\java.policy
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\java.security
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\javaws.policy
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\local_policy.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\security\US_export_policy.jar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\sound.properties
c:\program files (x86)\Gomez\GomezPEER\jre\lib\tzmappings
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Abidjan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Accra
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Addis_Ababa
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Algiers
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Asmara
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Asmera
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Bamako
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Bangui
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Banjul
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Bissau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Blantyre
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Brazzaville
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Bujumbura
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Cairo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Casablanca
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Ceuta
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Conakry
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Dakar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Dar_es_Salaam
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Djibouti
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Douala
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\El_Aaiun
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Freetown
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Gaborone
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Harare
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Johannesburg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Kampala
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Khartoum
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Kigali
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Kinshasa
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Lagos
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Libreville
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Lome
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Luanda
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Lubumbashi
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Lusaka
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Malabo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Maputo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Maseru
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Mbabane
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Mogadishu
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Monrovia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Nairobi
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Ndjamena
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Niamey
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Nouakchott
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Ouagadougou
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Porto-Novo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Sao_Tome
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Tripoli
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Tunis
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Africa\Windhoek
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Adak
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Anchorage
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Anguilla
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Antigua
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Araguaina
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Buenos_Aires
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Catamarca
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Cordoba
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Jujuy
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\La_Rioja
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Mendoza
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Rio_Gallegos
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\San_Juan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Tucuman
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Ushuaia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Aruba
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Asuncion
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Atikokan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Bahia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Barbados
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Belem
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Belize
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Blanc-Sablon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Boa_Vista
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Bogota
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Boise
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Cambridge_Bay
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Campo_Grande
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Cancun
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Caracas
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Cayenne
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Cayman
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Chicago
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Chihuahua
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Costa_Rica
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Cuiaba
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Curacao
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Danmarkshavn
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Dawson
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Dawson_Creek
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Denver
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Detroit
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Dominica
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Edmonton
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Eirunepe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\El_Salvador
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Fortaleza
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Glace_Bay
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Godthab
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Goose_Bay
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Grand_Turk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Grenada
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Guadeloupe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Guatemala
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Guayaquil
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Guyana
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Halifax
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Havana
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Hermosillo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Indianapolis
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Knox
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Marengo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Petersburg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Tell_City
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vevay
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vincennes
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Winamac
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Inuvik
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Iqaluit
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Jamaica
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Juneau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Louisville
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Monticello
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\La_Paz
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Lima
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Los_Angeles
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Maceio
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Managua
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Manaus
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Martinique
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Mazatlan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Menominee
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Merida
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Mexico_City
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Miquelon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Moncton
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Monterrey
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Montevideo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Montreal
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Montserrat
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Nassau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\New_York
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Nipigon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Nome
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Noronha
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\Center
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\New_Salem
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Panama
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Pangnirtung
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Paramaribo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Phoenix
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Port-au-Prince
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Port_of_Spain
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Porto_Velho
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Puerto_Rico
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Rainy_River
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Rankin_Inlet
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Recife
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Regina
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Resolute
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Rio_Branco
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Santiago
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Santo_Domingo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Sao_Paulo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Scoresbysund
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\St_Johns
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\St_Kitts
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\St_Lucia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\St_Thomas
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\St_Vincent
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Swift_Current
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Tegucigalpa
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Thule
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Thunder_Bay
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Tijuana
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Toronto
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Tortola
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Vancouver
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Whitehorse
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Winnipeg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Yakutat
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\America\Yellowknife
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Casey
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Davis
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\DumontDUrville
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Mawson
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\McMurdo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Palmer
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Rothera
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Syowa
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Antarctica\Vostok
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Aden
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Almaty
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Amman
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Anadyr
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtobe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Ashgabat
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Baghdad
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Bahrain
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Baku
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Bangkok
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Beirut
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Bishkek
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Brunei
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Calcutta
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Choibalsan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Chongqing
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Colombo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Damascus
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Dhaka
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Dili
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Dubai
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Dushanbe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Gaza
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Harbin
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Hong_Kong
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Hovd
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Irkutsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Jakarta
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Jayapura
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Jerusalem
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kabul
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kamchatka
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Karachi
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kashgar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Katmandu
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Krasnoyarsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kuala_Lumpur
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kuching
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Kuwait
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Macau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Magadan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Makassar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Manila
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Muscat
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Nicosia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Novosibirsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Omsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Oral
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Phnom_Penh
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Pontianak
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Pyongyang
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Qatar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Qyzylorda
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Rangoon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh87
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh88
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh89
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Saigon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Sakhalin
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Samarkand
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Seoul
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Shanghai
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Singapore
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Taipei
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Tashkent
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Tbilisi
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Tehran
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Thimphu
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Tokyo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Ulaanbaatar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Urumqi
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Vientiane
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Vladivostok
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Yakutsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Yekaterinburg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Asia\Yerevan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Azores
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Bermuda
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Canary
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Cape_Verde
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faeroe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faroe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Madeira
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Reykjavik
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\South_Georgia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\St_Helena
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Atlantic\Stanley
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Adelaide
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Brisbane
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Broken_Hill
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Currie
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Darwin
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Eucla
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Hobart
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Lindeman
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Lord_Howe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Melbourne
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Perth
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Australia\Sydney
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\CET
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\CST6CDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\EET
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\EST
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\EST5EDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-1
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-10
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-11
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-12
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-13
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-14
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-2
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-3
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-4
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-5
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-6
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-7
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-8
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-9
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+1
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+10
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+11
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+12
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+2
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+3
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+4
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+5
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+6
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+7
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+8
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+9
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\UCT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Etc\UTC
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Amsterdam
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Andorra
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Athens
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Belgrade
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Berlin
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Brussels
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Bucharest
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Budapest
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Chisinau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Copenhagen
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Dublin
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Gibraltar
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Helsinki
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Istanbul
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Kaliningrad
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Kiev
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Lisbon
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\London
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Luxembourg
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Madrid
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Malta
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Minsk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Monaco
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Moscow
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Oslo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Paris
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Prague
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Riga
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Rome
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Samara
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Simferopol
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Sofia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Stockholm
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Tallinn
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Tirane
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Uzhgorod
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Vaduz
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Vienna
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Vilnius
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Volgograd
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Warsaw
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Zaporozhye
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Europe\Zurich
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\GMT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\HST
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Antananarivo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Chagos
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Christmas
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Cocos
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Comoro
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Kerguelen
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Mahe
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Maldives
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Mauritius
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Mayotte
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Indian\Reunion
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\MET
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\MST
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\MST7MDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Apia
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Auckland
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Chatham
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Easter
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Efate
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Enderbury
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Fakaofo
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Fiji
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Funafuti
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Galapagos
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Gambier
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Guadalcanal
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Guam
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Honolulu
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Johnston
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Kiritimati
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Kosrae
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Kwajalein
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Majuro
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Marquesas
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Midway
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Nauru
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Niue
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Norfolk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Noumea
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Pago_Pago
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Palau
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Pitcairn
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Ponape
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Port_Moresby
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Rarotonga
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Saipan
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Tahiti
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Tarawa
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Tongatapu
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Truk
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Wake
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\Pacific\Wallis
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\PST8PDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4ADT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6CDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5EDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\HST10
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7MDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8PDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9YDT
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\WET
c:\program files (x86)\Gomez\GomezPEER\jre\lib\zi\ZoneInfoMappings
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_de.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_es.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_fr.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_it.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_ja.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_ko.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_sv.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_zh_CN.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\LICENSE_zh_TW.rtf
c:\program files (x86)\Gomez\GomezPEER\jre\README.txt
c:\program files (x86)\Gomez\GomezPEER\jre\THIRDPARTYLICENSEREADME.txt
c:\program files (x86)\Gomez\GomezPEER\jre\Welcome.html
c:\program files (x86)\Gomez\GomezPEER\mname.ini
c:\program files (x86)\Gomez\GomezPEER\par2.exe
c:\program files (x86)\Gomez\GomezPEER\peer.log
c:\program files (x86)\Gomez\GomezPEER\ReadMe.txt
c:\program files (x86)\Gomez\GomezPEER\tools\bind\bind.zip
c:\program files (x86)\Gomez\GomezPEER\tools\bind\COPYRIGHT
c:\program files (x86)\Gomez\GomezPEER\tools\bind\dig.exe
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libbind9.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libdns.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libeay32.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libisc.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libisccc.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libisccfg.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\liblwres.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libxml2.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\libxml2.dll.2.config
c:\program files (x86)\Gomez\GomezPEER\tools\bind\Microsoft.VC80.CRT.manifest
c:\program files (x86)\Gomez\GomezPEER\tools\bind\msvcm80.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\msvcp80.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\msvcr80.dll
c:\program files (x86)\Gomez\GomezPEER\tools\bind\nslookup.exe
c:\program files (x86)\Gomez\GomezPEER\uninstall.exe
c:\program files (x86)\Gomez\GomezPEER\upatelog.txt
c:\users\Seemöse\AppData\Roaming\aicon
c:\users\Seemöse\AppData\Roaming\aicon\aicon.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-03-08 bis 2011-04-08  ))))))))))))))))))))))))))))))
.
.
2011-04-08 17:46 . 2011-04-08 17:46    --------    d-----w-    c:\users\Default\AppData\Local\temp
2011-04-08 15:23 . 2011-03-15 05:17    8424784    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{69F3B5C7-868B-497A-B693-20EC3E1D74D6}\mpengine.dll
2011-04-06 15:31 . 2011-04-06 15:38    --------    d-----w-    C:\Hotspot Shield
2011-04-04 17:09 . 2011-04-04 17:09    89088    ----a-w-    c:\windows\system32\mbr.exe
2011-04-03 20:29 . 2011-04-03 20:35    --------    d-----w-    c:\programdata\Solidshield
2011-03-28 20:51 . 2011-03-28 20:51    260580    ----a-w-    c:\windows\SysWow64\temp.bin
2011-03-20 15:52 . 2011-03-20 15:52    --------    d-----w-    c:\users\Seemöse\AppData\Roaming\.minecraft_xray
2011-03-13 10:59 . 2011-03-13 11:00    --------    d-----w-    c:\program files (x86)\Chicken Invaders 2
2011-03-13 10:59 . 2011-03-13 10:59    --------    d-----w-    c:\program files (x86)\ReflexiveArcade
2011-03-12 11:28 . 2011-03-12 11:28    103864    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 06:37 . 2011-03-09 16:19    1135104    ----a-w-    c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 16:19    1540608    ----a-w-    c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 16:19    902656    ----a-w-    c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 16:19    1074176    ----a-w-    c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 16:19    739840    ----a-w-    c:\windows\SysWow64\d2d1.dll
2011-02-02 17:11 . 2010-02-03 00:29    270720    ------w-    c:\windows\system32\MpSigStub.exe
2011-01-26 06:53 . 2011-02-09 20:58    982912    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 20:58    265088    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 20:58    144384    ----a-w-    c:\windows\system32\cdd.dll
2011-01-13 08:47 . 2010-10-15 19:54    38848    ----a-w-    c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-04-18 18:41    188216    ----a-w-    c:\windows\SysWow64\aswBoot.exe
2011-01-13 08:47 . 2011-01-17 13:34    237168    ----a-w-    c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-04-18 18:55    273488    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-04-18 18:55    51792    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-04-18 18:55    29264    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-04-18 18:55    62032    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-04-18 18:55    20560    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2011-01-09 20:04 . 2009-08-18 11:49    564632    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-01-09 20:03 . 2009-08-18 10:24    17816    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-02-03 16:21 . 2008-07-17 23:15    696320    ----a-w-    c:\program files (x86)\MySig.exe
2008-08-14 18:43 . 2006-03-29 04:29    57344    ----a-w-    c:\program files (x86)\MySigUpdater.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga\NagaTray.exe" [2010-05-11 810880]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
.
c:\users\Seem”se\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MySig.lnk - c:\program files (x86)\MySig.exe [2008-7-18 696320]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GomezPEER.lnk - c:\program files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 bulkadi;Razer Megalodon DFU;c:\windows\system32\DRIVERS\bulkrazer_x64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2010-11-22 718072]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Naga Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai    REG_MULTI_SZ       Akamai
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files (x86)\PokerStars.NET\PokerStarsUpdate.exe
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: {47371702-EA7E-4107-9B3E-283C85E42FA4} = 192.168.1.1
FF - ProfilePath - c:\users\Seemöse\AppData\Roaming\Mozilla\Firefox\Profiles\tyiq53hx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - Ext: VMLoad: {464F169E-ACE1-4C5F-A778-A433A3DABBAE} - c:\program files (x86)\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org
FF - Ext: ChromaTabs Plus: {1cff04ef-0c75-4621-ba2a-2efb77346996} - %profile%\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: E4ZUNE | ORBIT DOWNLOADER FIX: orbitdownloaderfix@e4zune.com.ar - %profile%\extensions\orbitdownloaderfix@e4zune.com.ar
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: SearchStatus: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} - %profile%\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
AddRemove-GomezPEER - c:\program files (x86)\Gomez\GomezPEER\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Steamless Team Fortress 2 Pack - e:\games\Tf2\uninstall.exe
AddRemove-Skat-Online V8 - c:\windows\system32\javaws.exe
AddRemove-World of Logs Client - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2251693949-541432071-3765271522-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:18,08,86,22,13,df,cd,11,29,3d,b1,d5,ce,af,64,71,f4,c8,25,f7,ae,da,4c,
   06,47,4a,23,cf,98,44,80,32,c8,8d,1e,f1,f1,9f,2b,75,9b,1c,f4,c0,23,83,78,15,\
"??"=hex:01,28,71,09,da,c7,50,72,c7,c8,36,4e,ce,2a,ef,c4
.
[HKEY_USERS\S-1-5-21-2251693949-541432071-3765271522-1000\Software\SecuROM\License information*]
"datasecu"=hex:02,10,84,f5,38,ef,72,48,45,9c,0c,54,9a,f1,99,61,d9,ab,b9,50,96,
   9c,bc,f0,0e,6b,20,1d,50,82,ea,11,93,0b,cd,06,0c,40,23,24,0a,6e,cc,40,4d,d3,\
"rkeysecu"=hex:e3,28,a8,2d,c0,17,92,8e,83,5a,64,87,8b,a6,90,12
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-04-08  19:57:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-04-08 17:57
.
Vor Suchlauf: 13 Verzeichnis(se), 11.909.505.024 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 11.852.201.984 Bytes frei
.
- - End Of File - - 6D6E19330BEB5A620DEBEACF1BB9064C

#10 Und wie läufts?

#11 hmm... naja bis jetzt kam die meldung von avast nicht wieder... war der trojaner jetzt in gomez drin? O_o

dachte die sind seriös

#12 Malwarebytes Anti-Malware

Lade MBAM herunter, installiere es und wähle bei Reiter:

-> “Update“> “Suche nach Aktualisierungen“
-> “Einstellungen“> “Beende Internet Explorer während des Löschvorgangs“
-> “Scanner”> "Quickscan durchfuehren".

Wenn am Ende Infizierungen gefunden werden, diese anhaken und entfernen lassen. Starte dein Rechner neu

#13 Der Suchlauf wurde erfolgreich abgeschlossen. Es wurden keine infizierten Objekte gefunden.

Hier die Logdatei dazu:

Code

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6320

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

09.04.2011 22:21:09
mbam-log-2011-04-09 (22-21-09).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 174157
Laufzeit: 2 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

#14 Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.• Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
• Speichere es auf Deinem Desktop.
• Doppelklick auf OTL.exe um das Programm auszuführen.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Klicke auf den Button "Bereinigung"
• OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

#15 okay mache ich nachher, heißt das, mein PC ist jetzt wieder sauber?

edit: ok ich die programme sind jetzt alle wieder weg. ist mein PC denn jetzt clean? ;D