Laptop spielt Musik selbständig ab

#0
15.07.2011, 00:18
Member

Beiträge: 63
#1 Weiß nicht genau was das Problem bei mir ist, also ob es nen Virus, Trojaner oder irgendeine Malware ist möchte das Problem jetzt aber gerne mal angehen.

Immer mal wieder (manchmal tagelang nicht, manchmal mehrfach am Tag) wird bei mir für circa 10-20 Sekunden eine Soundfile abgespielt. Habe erst gedacht es ist irgendwie eine Überlagerung mit einem Babyfon oder sowas da es sich nach einem bellenden Hund oder sowas in der Art angehört hatte. Da sich aber gestern/vorgestern/vor 3-4 Tagen der Sound geändert hat und jetzt immer ein Lied abgespielt wird kann es sowas nicht sein. Meine Vermutung geht jetzt eher dahin das es sich um den Sound von Youtube-Videos handelt. Das Hundebellen ist der berühmte sich erschrekende Panda und das Lied was ich höre scheint wohl auch von Youtube oder Co zu sein ("Skinheid in meinem Kopf" oder sowas in der Art). Das Problem generell besteht aber schon seit MONATEN.

Code

OTL logfile created on: 15.07.2011 00:12:40 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\TheIncredible\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,96 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,90% Memory free
3,92 Gb Paging File | 1,97 Gb Available in Paging File | 50,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 155,17 Gb Free Space | 61,36% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,52 Gb Free Space | 97,61% Space Free | Partition Type: NTFS

Computer Name: CHRIS | User Name: TheIncredible | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\TheIncredible\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\jeak.de\QIP 2010\qip.exe (QIP)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Spark\Spark.exe (Jive Software)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliPoint\dpupdchk.exe (Microsoft Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gomez\GomezPEER\bin\GomezPEER.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\XemiComputers\Active Desktop Calendar\ADC.exe (XemiComputers ltd.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Gomez\GomezPEER\jre\bin\java.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Programme\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc)
PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
PRC - C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Users\TheIncredible\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (npggsvc) -- C:\windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (funfrm) -- C:\windows\System32\drivers\funfrm.sys ()
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (ACPIVPC) -- C:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV - (wsvd) -- C:\Windows\System32\drivers\wsvd.sys (CyberLink)
DRV - (wdmirror) -- C:\Windows\System32\drivers\WDMirror.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\TheIncredible\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: escamod@gmx.net0002:2.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86.1
FF - prefs.js..extensions.enabledItems: die2nitemapupdater@rjdown.co.uk:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\TheIncredible\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.06.29 12:17:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.13 01:33:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.29 12:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.29 12:18:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.09 12:18:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.07.13 01:33:47 | 000,000,000 | ---D | M]

[2011.04.12 16:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Extensions
[2011.04.12 16:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.07.05 07:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions
[2011.06.01 17:35:06 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011.07.03 13:29:04 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\battlefieldheroespatcher@ea.com
[2011.06.25 22:25:29 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\battlefieldplay4free@ea.com
[2011.04.02 06:48:23 | 000,000,000 | ---D | M] ("Die2nite map tool updater") -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\die2nitemapupdater@rjdown.co.uk
[2010.11.20 12:22:09 | 000,000,000 | ---D | M] (Escamod) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\escamod@gmx.net0002
[2010.11.27 20:08:59 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\firefox@tvunetworks.com
[2010.10.23 16:48:33 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\vshare@toolbar
[2010.10.20 21:17:50 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\TheIncredible\AppData\Roaming\mozilla\Firefox\Profiles\hhdbst8g.default\extensions\youtube2mp3@mondayx.de
[2011.06.13 12:40:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.10.13 22:57:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.09 04:36:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.09 08:38:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.13 12:40:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2010.10.13 22:57:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.09 04:36:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.09 08:38:08 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.13 12:40:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\THEINCREDIBLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHDBST8G.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\THEINCREDIBLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHDBST8G.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011.06.24 12:14:21 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.12.27 12:33:56 | 000,000,065 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 209.59.135.116 www.playforyourclub.com
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} -  File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\TheIncredible\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Active Desktop Calendar] C:\Programme\XemiComputers\Active Desktop Calendar\ADC.exe (XemiComputers ltd.)
O4 - HKCU..\Run: [Infium]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTskMgr = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011.07.13 21:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.13 21:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jeak.de
[2011.07.13 21:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\jeak.de
[2011.07.13 10:19:19 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2011.07.13 10:19:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011.07.13 10:19:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 10:19:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 10:19:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 10:19:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 10:19:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 10:19:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 10:19:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 10:19:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 10:19:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 10:19:09 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011.07.13 01:34:44 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\AppData\Local\DDMSettings
[2011.07.13 01:33:33 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\AppData\Roaming\DivX
[2011.07.13 01:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.07.13 01:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011.07.13 01:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011.07.13 01:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.07.11 11:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011.07.05 12:58:57 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\Desktop\Moonflow
[2011.07.05 12:58:48 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\Desktop\AnimePRO
[2011.07.03 13:37:57 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\Documents\Battlefield Heroes
[2011.06.29 12:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011.06.29 04:52:50 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll
[2011.06.29 04:52:49 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll
[2011.06.29 04:52:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll
[2011.06.29 04:52:48 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll
[2011.06.29 04:52:48 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll
[2011.06.29 04:52:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll
[2011.06.20 23:18:30 | 000,000,000 | ---D | C] -- C:\Users\TheIncredible\AppData\Roaming\Spark
[2011.06.20 23:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spark
[2011.06.20 23:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spark
[2011.06.17 01:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2011.06.17 01:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011.07.14 14:37:59 | 000,138,264 | ---- | M] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2011.07.14 14:37:35 | 000,234,768 | ---- | M] () -- C:\windows\System32\PnkBstrB.xtr
[2011.07.14 03:17:52 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.14 03:17:52 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.13 21:42:17 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.07.13 21:33:45 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\QIP 2010 5768 Jeak-Edition.lnk
[2011.07.13 21:33:41 | 000,000,336 | ---- | M] () -- C:\windows\tasks\qipdater.exe.job
[2011.07.13 21:32:15 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011.07.13 21:30:46 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011.07.13 21:30:43 | 000,268,328 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.07.13 21:30:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.07.13 21:29:56 | 1579,626,496 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.13 16:52:14 | 000,234,768 | ---- | M] () -- C:\windows\System32\PnkBstrB.ex0
[2011.07.03 13:37:23 | 000,138,056 | ---- | M] () -- C:\Users\TheIncredible\AppData\Roaming\PnkBstrK.sys
[2011.06.29 12:17:39 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\windows\System32\rmoc3260.dll
[2011.06.29 12:17:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\windows\System32\pndx5016.dll
[2011.06.29 12:17:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\windows\System32\pndx5032.dll
[2011.06.29 12:17:19 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\windows\System32\pncrt.dll
[2011.06.29 11:36:43 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011.06.29 11:36:43 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011.06.20 23:18:21 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Spark.lnk
[2011.06.16 10:38:10 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.06.15 03:21:36 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011.06.15 03:21:36 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.06.15 03:21:36 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011.06.15 03:21:36 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011.07.13 21:42:17 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.07.13 21:33:45 | 000,000,986 | ---- | C] () -- C:\Users\Public\Desktop\QIP 2010 5768 Jeak-Edition.lnk
[2011.07.09 12:19:07 | 000,002,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2011.06.20 23:18:21 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Spark.lnk
[2011.05.13 18:31:36 | 000,138,264 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2011.05.13 18:31:29 | 000,138,056 | ---- | C] () -- C:\Users\TheIncredible\AppData\Roaming\PnkBstrK.sys
[2011.05.13 18:30:59 | 000,234,768 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2011.05.13 18:30:56 | 000,075,136 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2010.12.12 22:39:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.29 09:10:16 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2010.11.29 09:10:15 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2010.11.29 09:10:15 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2010.11.29 09:10:15 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2010.11.29 09:10:15 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2010.11.18 23:06:24 | 000,000,006 | ---- | C] () -- C:\Users\TheIncredible\AppData\Roaming\start
[2010.11.11 21:41:44 | 622,807,012 | ---- | C] () -- C:\Program Files\Flyff_Eu_De_Setup.exe
[2010.06.02 16:01:23 | 002,110,728 | ---- | C] () -- C:\windows\System32\Apblend.dll
[2010.06.02 16:01:23 | 001,410,312 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll
[2010.06.02 16:01:23 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll
[2010.06.02 16:01:23 | 000,660,744 | ---- | C] () -- C:\windows\System32\EncIcons.dll
[2010.06.02 16:01:23 | 000,513,288 | ---- | C] () -- C:\windows\System32\SimpleExt.dll
[2010.06.02 16:01:11 | 001,044,480 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll
[2010.06.02 16:00:39 | 000,054,800 | ---- | C] () -- C:\windows\System32\drivers\funfrm.sys
[2010.06.02 15:58:39 | 000,140,288 | ---- | C] () -- C:\windows\System32\igfxtvcx.dll
[2010.06.02 15:52:35 | 000,982,220 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010.06.02 15:52:34 | 000,439,300 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010.06.02 15:52:34 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2010.06.02 15:52:34 | 000,092,216 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010.05.01 14:43:59 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010.05.01 14:43:59 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010.05.01 14:43:59 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010.05.01 14:43:59 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 06:33:53 | 000,268,328 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011.06.15 10:59:34 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\.minecraft
[2011.04.28 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Audacity
[2010.12.31 01:54:56 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Big Fish Games
[2011.07.06 12:45:43 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\BitTorrent
[2010.11.06 19:09:03 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\DAEMON Tools Lite
[2010.12.16 05:07:22 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\elsterformular
[2010.10.19 09:35:42 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Friday's games
[2010.12.31 00:05:41 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\GOA
[2010.10.14 03:43:10 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Gomez
[2011.02.09 14:39:16 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Hotel-Manager
[2011.07.13 21:34:24 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\jeak.de
[2010.10.15 20:03:35 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Lenovo
[2010.10.24 18:48:20 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Merscom
[2010.10.26 18:03:39 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Oberon
[2010.10.19 03:56:03 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Peace Craft
[2010.11.18 21:47:30 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Princess Isabella
[2010.11.19 01:45:24 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Princess Isabella CE
[2010.10.14 16:45:42 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\QIP
[2010.11.05 11:30:00 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\RobinHoodDifference
[2010.11.13 23:08:05 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Sahmon Games
[2011.07.13 21:27:20 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\SoftGrid Client
[2011.06.28 02:51:31 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Spark
[2011.05.12 16:58:22 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\TeamViewer
[2011.04.12 16:23:14 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Thunderbird
[2010.10.19 14:03:13 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\TP
[2011.06.05 01:33:59 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\TS3Client
[2011.03.07 15:56:46 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.12.30 23:58:16 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\UClick
[2011.01.01 10:48:46 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Valuga Software
[2010.12.18 11:25:02 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Windows Live Writer
[2011.04.18 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\XemiComputers
[2010.10.25 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\YoudaGames
[2010.10.19 09:35:40 | 000,000,000 | ---D | M] -- C:\Users\TheIncredible\AppData\Roaming\Zylom
[2011.07.13 21:33:41 | 000,000,336 | ---- | M] () -- C:\windows\Tasks\qipdater.exe.job
[2010.12.19 18:09:42 | 000,032,626 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\TheIncredible\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????) -- C:\Users\TheIncredible\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\アリスソフト

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 96 bytes -> C:\ProgramData\Temp:AAA14AF9
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:1D60AEC3
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:7EE43C06
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:E06AC882
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:E1069F99
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:926B6E7A
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:84499DA6
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9296EC11
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:41B89F80
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:A243178D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:195E9213
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:18BFD8F8
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:D05E7A8B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:8DCF53BE

< End of report >

Code

OTL Extras logfile created on: 15.07.2011 00:12:40 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\TheIncredible\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,96 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,90% Memory free
3,92 Gb Paging File | 1,97 Gb Available in Paging File | 50,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 155,17 Gb Free Space | 61,36% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,52 Gb Free Space | 97,61% Space Free | Partition Type: NTFS

Computer Name: CHRIS | User Name: TheIncredible | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AE11C9-3D87-4388-93EC-8DEA41096EDF}" = QIP 2010 5768 Jeak-Edition
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAEFE1C0-EB56-8963-9EC5-A0EB5FBA358D}" = TweetDeck
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Active Desktop Calendar_is1" = Active Desktop Calendar 7.94
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"Crazy TV_is1" = Crazy TV v1.3
"DivX Setup.divx.com" = DivX-Setup
"ElsterFormular für Privatanwender und Unternehmer 11.5.3.5585" = ElsterFormular für Privatanwender und Unternehmer
"GomezPEER" = GomezPEER
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Mozilla Thunderbird (5.0)" = Mozilla Thunderbird (5.0)
"Neffy" = Neffy 1,3,29,0
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PunkBusterSvc" = PunkBuster Services
"QIP 2010 5768 Jeak-Edition" = QIP 2010 5768 Jeak-Edition
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"Spark 2.6.0.12343" = Spark 2.6.0.12343
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TVWiz" = Intel(R) TV Wizard
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Veetle TV" = Veetle TV 0.9.18
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"766ff34e4c185f52" = 2mmBerechner
"CreepSmash.com" = CreepSmash.com
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 14.06.2011 18:50:22 | Computer Name = Chris | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
in Zeile 2.  Ungültige XML-Syntax.

Error - 15.06.2011 01:49:07 | Computer Name = Chris | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 15.06.2011 19:51:47 | Computer Name = Chris | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
in Zeile 2.  Ungültige XML-Syntax.

Error - 16.06.2011 15:55:01 | Computer Name = Chris | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BFP4f.exe, Version: 0.0.0.0, Zeitstempel:
0x4df88c52  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel:
0x4dace5b9  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0006ccd5  ID des fehlerhaften Prozesses:
0x10cc  Startzeit der fehlerhaften Anwendung: 0x01cc2c5b2bce8a51  Pfad der fehlerhaften
Anwendung: C:\Program Files\EA Games\Battlefield Play4Free\BFP4f.exe  Pfad des fehlerhaften
Moduls: C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
8508f9ab-9852-11e0-85b2-8e7ed00fbee0

Error - 16.06.2011 20:22:57 | Computer Name = Chris | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
in Zeile 2.  Ungültige XML-Syntax.

Error - 17.06.2011 18:32:18 | Computer Name = Chris | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
in Zeile 2.  Ungültige XML-Syntax.

Error - 18.06.2011 01:49:07 | Computer Name = Chris | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 18.06.2011 18:32:17 | Computer Name = Chris | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll"
in Zeile 2.  Ungültige XML-Syntax.

Error - 19.06.2011 05:24:44 | Computer Name = Chris | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 2.0.1.4120 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1db0    Startzeit:
01cc2e40e91eb74d    Endzeit: 3302    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
e22965f9-9a55-11e0-9ad5-88ae1d2a429b  

Error - 19.06.2011 05:31:30 | Computer Name = Chris | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 2.0.1.4120 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 27bc    Startzeit:
01cc2e62c0d0a4ce    Endzeit: 24    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
df1906d7-9a56-11e0-9ad5-88ae1d2a429b  

[ System Events ]
Error - 24.04.2011 08:35:05 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:39:41 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:40:48 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:42:41 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:45:47 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:46:10 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:47:54 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:49:25 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:52:22 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =

Error - 24.04.2011 08:53:55 | Computer Name = Chris | Source = ipnathlp | ID = 31004
Description =


< End of report >

Code

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-15 00:44:47
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\iaStor0 HITACHI_ rev.PB3Z
Running: qm3h606s.exe; Driver: C:\Users\THEINC~1\AppData\Local\Temp\kxldqpod.sys


---- System - GMER 1.0.15 ----

SSDT            8E868316                                                                                                            ZwCreateSection
SSDT            8E86831B                                                                                                            ZwSetContextThread
SSDT            8E8682B7                                                                                                            ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13C1                                                                                       82C88339 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              82CC1D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                                 82CC8EEC 4 Bytes  [16, 83, 86, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                                                 82CC928C 4 Bytes  [1B, 83, 86, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 166F                                                                                 82CC9364 4 Bytes  [B7, 82, 86, 8E]
?               System32\Drivers\spks.sys                                                                                           Das System kann den angegebenen Pfad nicht finden. !
.text           USBPORT.SYS!DllUnload                                                                                               8F95FDB9 5 Bytes  JMP 8663C4E0
.text           aat5o41t.SYS                                                                                                        9213A000 12 Bytes  [44, 88, C1, 82, EE, 86, C1, ...]
.text           aat5o41t.SYS                                                                                                        9213A00D 9 Bytes  [67, C1, 82, 48, 8B, C1, 82, ...] {ROL DWORD [BP+SI-0x74b8], 0xc1; ADD BYTE [EAX], 0x0}
.text           aat5o41t.SYS                                                                                                        9213A017 47 Bytes  [00, DE, F7, B8, 88, E6, F5, ...]
.text           aat5o41t.SYS                                                                                                        9213A047 122 Bytes  [82, 5E, B7, CC, 82, EE, 37, ...]
.text           aat5o41t.SYS                                                                                                        9213A0C3 8 Bytes  [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text           ...                                                                                                                

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[3212] ntdll.dll!LdrLoadDll                                             77D022B8 5 Bytes  JMP 010E1410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text           C:\Program Files\Real\RealPlayer\update\realsched.exe[4932] kernel32.dll!SetUnhandledExceptionFilter                77E3F4FB 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[5816] USER32.dll!SetWindowLongA                               76B68BA3 5 Bytes  JMP 5EA4EDA6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[5816] USER32.dll!SetWindowLongW                               76B74449 5 Bytes  JMP 5EA4ED38 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[5816] USER32.dll!GetWindowInfo                                76B74B5E 5 Bytes  JMP 5E865451 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[5816] USER32.dll!TrackPopupMenu                               76B82228 5 Bytes  JMP 5E865A99 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              84E381F8
Device          \Driver\volmgr \Device\VolMgrControl                                                                                84E341F8
Device          \Driver\usbuhci \Device\USBPDO-0                                                                                    84E2B500
Device          \Driver\NetBT \Device\NetBT_Tcpip_{05BD45D4-E5D1-4FD0-99C2-ED6C6EA13E81}                                            869821F8
Device          \Driver\usbuhci \Device\USBPDO-1                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBPDO-2                                                                                    84E2B500
Device          \Driver\sptd \Device\985968330                                                                                      spks.sys
Device          \Driver\usbehci \Device\USBPDO-3                                                                                    86A1B500
Device          \Driver\usbuhci \Device\USBPDO-4                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBPDO-5                                                                                    84E2B500
Device          \Driver\NetBT \Device\NetBT_Tcpip_{8AC10D96-6C44-4A42-AA74-78103A3C31D0}                                            869821F8
Device          \Driver\usbuhci \Device\USBPDO-6                                                                                    84E2B500
Device          \Driver\volmgr \Device\HarddiskVolume1                                                                              84E341F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\usbehci \Device\USBPDO-7                                                                                    86A1B500
Device          \Driver\PCI_PNP8327 \Device\00000058                                                                                spks.sys
Device          \Driver\volmgr \Device\HarddiskVolume2                                                                              84E341F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\NetBT \Device\NetBT_Tcpip_{1DF61C56-90FE-4DDD-AAD2-48F95A79CF26}                                            869821F8
Device          \Driver\cdrom \Device\CdRom0                                                                                        868EC1F8
Device          \Driver\iaStor \Device\Ide\iaStor0                                                                                  [88CB9360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-0                                                                       [88CB9360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-1                                                                       [88CB9360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\cdrom \Device\CdRom1                                                                                        868EC1F8
Device          \Driver\volmgr \Device\HarddiskVolume4                                                                              84E341F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             869821F8
Device          \Driver\ACPI_HAL \Device\0000004e                                                                                   halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\usbuhci \Device\USBFDO-0                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBFDO-1                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBFDO-2                                                                                    84E2B500
Device          \Driver\usbehci \Device\USBFDO-3                                                                                    86A1B500
Device          \Driver\usbuhci \Device\USBFDO-4                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBFDO-5                                                                                    84E2B500
Device          \Driver\usbuhci \Device\USBFDO-6                                                                                    84E2B500
Device          \Driver\usbehci \Device\USBFDO-7                                                                                    86A1B500
Device          \Driver\aat5o41t \Device\Scsi\aat5o41t1Port1Path0Target0Lun0                                                        86A61500
Device          \Driver\aat5o41t \Device\Scsi\aat5o41t1                                                                             86A61500

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88                                        
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x84 0xF7 0x64 0x7B ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                          
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x14 0xE1 0x84 0xC7 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x80 0xEB 0x31 0xE4 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)                    
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x84 0xF7 0x64 0x7B ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)      
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x14 0xE1 0x84 0xC7 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x80 0xEB 0x31 0xE4 ...

---- Disk sectors - GMER 1.0.15 ----

Disk            \Device\Harddisk0\DR0                                                                                               MBR read error
Disk            \Device\Harddisk0\DR0                                                                                               MBR BIOS signature not found 0

---- EOF - GMER 1.0.15 ----
Dieser Beitrag wurde am 15.07.2011 um 01:15 Uhr von TheIncredible editiert.
Seitenanfang Seitenende
15.07.2011, 00:22
Moderator

Beiträge: 5694
#2 Hallo und herzlich Willkommen auf Protecus.de

Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte:

• Halte Dich an die Anweisungen des jeweiligen Helfers.
• Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an.
• Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden.
• Bitte arbeite jeden Schritt der Reihe nach ab.
• Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben.


• Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt.
• Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist.
• Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden.
• Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden.
• Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird.
• Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert.
• Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät.
• In letzter Instanz ist dann immer der User welcher entscheidet.


Vista und Win7 User:

Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen.

Schritt 1

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Lade ComboFix von einem der unten aufgeführten Links herunter. Du musst diese umbenennen, bevor Du es auf den Desktop speicherst. Speichere ComboFix auf deinen Desktop.

BleepingComputer
ForoSpyware**NB: Es ist wichtig, das ComboFix.exe auf dem Desktop gespeichert wird**




• Deaktivere Deine Anti-Virus- und Anti-Spyware-Programme. Normalerweise kannst Du dies über einen Rechtsklick auf das Systemtray-Icon tun. Die Programme könnten sonst eventuell unsere Programme bei deren Arbeit stören.
• Doppel-klicke auf ComboFix.exe und folge den Aufforderungen.
• Wenn ComboFix fertig ist, wird es ein Log für dich erstellen.
• Bitte poste mir den Inhalt von C:\ComboFix.txt hier in de Thread.
Seitenanfang Seitenende
15.07.2011, 01:13
Member

Themenstarter

Beiträge: 63
#3 Das Programm hat mir leider wohl meinen GomezPEER gelöscht...bitte um Erlaubniss das wieder installieren zu dürfen ;)

ComboFix 11-07-14.05 - TheIncredible 15.07.2011 0:50.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2009.893 [GMT 2:00]
ausgeführt von:: c:\users\TheIncredible\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Gomez\GomezPEER\agents\agents.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\image\gozilla.zip
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\.autoreg
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\AccessibleMarshal.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\application.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\blocklist.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\browserconfig.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutCertError.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutPrivateBrowsing.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRights.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRobots.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutSessionRestore.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\browserdirprovider.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\brwsrcmp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedConverter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedProcessor.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedWriter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\flashplayer.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\fuelApplication.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\gomezplugin.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\jsconsole-clhandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\NetworkGeolocationProvider.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsAddonRepository.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBadCertHandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBlocklistService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserContentHandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserGlue.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentDispatchChooser.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentPrefService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDefaultCLH.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDownloadManagerUI.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsExtensionManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHandlerService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHelperAppDlg.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLivemarkService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginInfo.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManagerPrompter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsMicrosummaryService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesDBFlush.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesTransactionsService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPostUpdateWin.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPrivateBrowsingService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsProxyAutoConfig.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSafebrowsingApplication.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchSuggestions.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStartup.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStore.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSetDefaultBrowser.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSidebar.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTaggingService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTryToClose.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUpdateService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierLib.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierListManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsURLFormatter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsWebHandlerApp.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\pluginGlue.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-Legacy.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-mozStorage.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\txEXSLTRegExFunctions.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\WebContentConverter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter-override.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\platform.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\prefcalls.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\channel-prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-branding.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-l10n.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\reporter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\bookmarks.html
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userChrome-example.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userContent-example.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\localstore.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\mimeTypes.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.aff
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.dic
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome\xhtmlmp.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-logging.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-multipartmixed-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\defaults\preferences\xhtmlmp.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\readme.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome\wmlbrowser.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\components\wml-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\defaults\preferences\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome\gomezagent.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-alogger-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-cache-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-filter-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-prompt-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-psrbuilder-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-scoe-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-stats-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-utility-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-visualresult-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\browser-monitor-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\gsl-converter-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\http-event-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\IPageSpeedGomezData.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\IPageSpeedRules.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIFxAgent.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\pagespeed.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-executor.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-server-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\zconsole-server-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\config\loggerConfig.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\beautify.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\gsl2shim.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\io.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\json2.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\psrtest.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\utils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\version.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\zipit.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\awaitfile.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-launch.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision-sa.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gozilla.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\all.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\security-prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\xpinstall.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\js3250.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\LICENSE
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\debug.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\distribution.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadLastDir.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\ISO8601DateUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\Microformats.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\openLocationLastURL.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\PlacesDBUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\PluralForm.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\SpatialNavigation.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\utils.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\WindowDraggingUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\XPCOMUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\mozcrt19.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nspr4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nss3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssckbi.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssutil3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\platform.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plc4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plds4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgfp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgslp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgswf32.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npnul32.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\NPSWF32.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\README.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\removed-files
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\arrow.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\arrowd.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\broken-image.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetalias.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetData.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\contenteditable.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\designmode.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\mathml.dtd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\xhtml11.dtd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\EditorOverride.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Latin1.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Special.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Symbols.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\htmlEntityVersions.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\mathml20.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\transliterate.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfont.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontStandardSymbolsL.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXNonUnicode.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXSize1.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSymbol.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontUnicode.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\forms.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\grabber.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\hiddenWindow.html
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\html.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\html\folder.png
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\langGroups.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\language.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\loading-image.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\mathml.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\quirk.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\svg.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\ua.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\viewsource.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\wincharset.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\amazondotcom.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\answers.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\creativecommons.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\eBay.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\google.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\wikipedia.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\yahoo.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\smime3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\sqlite3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\ssl3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0\ScriptCache\sizzle20090425wrb
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\bookmarkbackups\bookmarks-2011-04-25.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_001_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_002_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_003_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_MAP_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cert8.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compatibility.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compreg.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\content-prefs.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cookies.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\downloads.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.cache
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\formhistory.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\key3.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\localstore.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\mimeTypes.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\OfflineCache\index.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\permissions.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite-journal
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\profile.done
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\secmod.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\signons.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\webappsstore.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XPC.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\xpti.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XUL.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\agt-0-ga.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-21-41-30_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-21-50-53_SEB-Bank_DE_LMHP-FF-Banking-DE_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-21-55-19_IMG_Bench_LLNW_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-21-55-39_news-global-HBB_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-20-19_Dooyoo_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-45-23_Wikileaks_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-50-26_Simpleupload_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-51-8_www.skyrama.com_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-55-41_IMG_Bench_LLNW_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-55-59_Clouds_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-22-56-17_Retailer_Startpage_Last_Mile_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-0-40_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-10-23_Apple_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-10-57_Last_Mile_Test_1_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-15-45_FOX-MYDATE-GHP_LMILE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-16-4_Friendscout_DE_Checkbox_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-25-28_Apple_Home_Page_from_eEU_-_FF_Agent_-_LM_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-13-23-30-10_Consors_Info_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-0-11-10_Neu.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-0-15-35_Netzwertig_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-0-40-14_Flirtcafe_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-10-13_Neue_Leben_SP_HPLM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-10-32_CNN_page_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-10-55_Zalando_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-11-19_Vodafone_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-11-44_Plus_Startseite_LM_SP_V1_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-12-6_Clouds_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-16-28_SkyGo_geoblocking.zip_SOLM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-16-49_Toyota_DE_LMHP-FF-Automotive-DE_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-17-8_Neu.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-21-32_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-5-14_Ticketonline.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-51-2_Netzwertig_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-1-55-30_Friendscout24.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-10-16-0_Tmobile_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-10-20-26_Emerson_Emea_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-10-55-57_Baur_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-10-56-36_www.adhoc-international.com_LM_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-11-30-54_DEVK_DE_LMHP-FF-Insurance-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-11-35-22_Megaupload_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-12-20-21_Vodafone_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-12-20-47_FP-global-HBB_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-12-41-19_Last_Mile_-_Large_Object_-_Akamai_-_NA_-_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-12-50-12_RJW_-_NHL_Home_Page_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-12-50-35_Plus_Startseite_LM_SP_V1_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-15-15_Apple_Home_Page_from_eEU_-_FF_Agent_-_LM_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-20-42_Windowslive_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-21-3_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-26-58_Ali3.adf.ly_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-35-27_Uploaded.to_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-40-18_Hotel_DE_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-40-55_Handelsblatt_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-45-26_Akamai_SPLM_Germany_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-45-45_Last_Mile_Test_1_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-50-29_LM_Suchestrecke_171110_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-51-16_Batch_Borderless_Cdnetworks_FF_Test_1_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-13-55-52_Region_Berlin_DE_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-25-50_ymd-GLM-FF-Global-HBB-D5_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-26-30_ymd-GLM-FF-Global-HBB-D0_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-26-50_ymd-GLM-FF-Global-HBB-D8_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-26-9_ymd-GLM-FF-Global-HBB-D2_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-27-27_ymd-GLM-FF-Global-HBB-D6_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-27-45_ymd-GLM-FF-Global-HBB-D7_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-27-9_ymd-GLM-FF-Global-HBB-D9_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-28-4_ymd-GLM-FF-Global-HBB-D4_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-40-51_Apple_Home_Page_from_eEU_-_FF_Agent_-_LM_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-41-26_O2_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-14-46-3_Netbooknews_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-25-21_PeterHahn2LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-25-55_CNN_page_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-30-35_Barmer_GEK_DE_LMHP-FF-Insurance-DE_-_FF__agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-30-59_Gerry_Weber_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-31-21_Rapidshare_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-35-47_Region_Berlin_DE_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-15-36-10_DI_Unternehmer_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-1-6_Deichmann_DE_LMHP-FF-Retail-DE_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-30-12_Citroen_DE_LMHP-FF-Automotive-DE_-_FF_Ag_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-30-34_Sportscheck_transaction_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-35-19_Germany_CDNetworks_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-35-40_Hornbach_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-40-33_heine.de_Last_Mile_Messungen_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-41-2_Basic_Thinking_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-41-36_LIDL-Shop_DE_LMHP-FF-Retail-DE_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-41-59_Sparkasse_Koelnbonn_DE_LMHP-FF-Banking-D_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-46-24_Germany_LimeLight_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-5-32_O2_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-50-51_YCS-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-16-51-10_DKB_DE_LMHP-FF-Banking-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-17-16-0_Demo_Daily_Load_Last_Mile_-_FF_Agent_-_F_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-18-30-20_Apple_Home_Page_from_eEU_-_FF_Agent_-_LM_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-18-30-43_Germany_Cotendo_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-20-18_Ikea_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-25-22_Vodafone_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-26-10_Berliner-Sparkasse_DE_LMHP-FF-Banking-DE_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-30-37_Sportscheck_Startseite_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-31-0_Google_Watch_Blog_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-31-23_Finance_Scout_24_DE_LMHP-FF-Insurance-DE_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-35-47_Billiger_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-36-9_Germany_Level3_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-40-33_ERGO_Direkt_DE_LMHP-FF-Insurance-DE_-_FF_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-45-14_Vodafone_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-19-45-40_Nobu_Prod_Single_URL_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-2-36-54_DI_Unternehmer_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-2-45-39_Billiger_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-10-20_MyToys_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-35-16_Eventim_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-35-40_Perf_Page2_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-40-23_Mercateo_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-40-47_Toyota_DE_LMHP-FF-Automotive-DE_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-20-41-12_Thomas_Hutter_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-11-15_Simpleupload_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-15-44_Homepage-Germany_-_FF_Agent_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-20-25_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-25-42_Hamburger_Sparkasse_Ag_DE_LMHP-FF-Bankin_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-26-4_LM_Service_Mein_Koto_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-31-19_Saab_DE_LMHP-FF-Automotive-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-21-36-13_Ciao_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-22-26-6_Lexmark_Last_Mile_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-22-30-37_Friendscout24.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-22-5-29_Baur_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-22-55-18_sports-global-HBB_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-40-19_Telefonica_youtube_trends_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-45-16_Germany_Akamai_LastMile_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-45-56_Basic_Thinking_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-50-25_Sparda_DE_LMHP-FF-Banking-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-51-24_Netzwertig_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-23-51-3_KSK_Koeln_DE_LMHP-FF-Banking-DE_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-3-10-17_Akamai_SPLM_Germany_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-3-31-2_Simpleupload_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-3-35-44_Perf_Page3_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-10-31_Polish_Benchmarks_FF_mswia.gov.pl_-_FF_A_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-11-4_Nobu_Prod_Single_URL_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-15-31_Plus_Reisen_startseite_LM_SP_v1_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-20-28_Lexmark_Last_Mile_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-20-57_Infotech_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-25-26_heine.de_Last_Mile_Messungen_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-5-34_Berliner_Volksbank_DE_LMHP-FF-Banking-DE_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-50-43_KSK_Koeln_DE_LMHP-FF-Banking-DE_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-4-6-7_Opel_DE_LMHP-FF-Automotive-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-15-18_Last_Mile_-_Small_Object_-_Akamai_-_FF_A_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-15-35_Last_Mile_-_Small_Object_-_Level3_-_FF_A_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-15-53_Last_Mile_-_Small_Object_-_Limelight_-_F_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-16-9_Last_Mile_-_Small_Object_-_CloudFront_-__agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-20-31_Cooper_Lighting_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-25-15_Share-online.biz_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-25-34_Sportscorner24_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-35-49_Amazon_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-36-10_Apple_Test_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-40-33_Plus_Reisen_startseite_LM_SP_v1_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-40-53_Simpleupload_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-41-11_t3n_News_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-5-56-11_Ford_CMax_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-0-40_Netload.in_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-1-15_Yancor_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-10-28_O2_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-31-3_Netload.in_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-35-29_Perf_Page1_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-40-14_Hotel_DE_SP_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-40-38_Mitsubishi_DE_LMHP-FF-Automotive-DE_-_FF_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-41-0_Web.de_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-45-25_www.secret.de_TX_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-46-13_Schwab_DE_LMHP-FF-Retail-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-5-40_Delta_Index_Home_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-50-37_Sportscorner24_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-6-6-1_Tmobile_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-0-37_Streaming-OFF-HomePage1-Firefox_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-0-59_Streaming-ON-HomePage1-Firefox_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-1-21_HalmarkHomePage-LM-Firefox_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-10-51_Tmobile_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-11-15_Load_Plus_Shopping_-_FF_Agent_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-15-54_Polish_Benchmarks_LM_FF_TELCO_Dialog_-_F_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-20-26_www.secret.de_TX_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-5-48_Techniker_Krankenkasse_DE_LMHP-FF-Insura_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-50-26_CapGemini_-_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-7-6-9_KSK_Koeln_DE_LMHP-FF-Banking-DE_-_FF_Age_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-8-15-16_YCS-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-8-15-34_URL-HostingLinBench2-LM_GD_Ded_-_FF_Agen_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-8-40-18_citroenflash1_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-8-40-44_ERGO_DE_LMHP-FF-Insurance-DE_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-9-30-40_Eplus_GER_Home_LM_-_FF_Agent_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\txn-gn-2011-7-14-9-55-23_Demo_Daily_Load_Last_Mile_-_FF_Agent_-_F_agt-0.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\uninstall\helper.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\update.locale
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\updater.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\updater.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\version.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\bookmarkbackups\bookmarks-2011-04-25.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_001_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_002_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_003_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\Cache\_CACHE_MAP_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\cert8.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\compatibility.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\compreg.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\content-prefs.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\cookies.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\downloads.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.cache
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\extensions.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\formhistory.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\key3.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\localstore.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\mimeTypes.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\OfflineCache\index.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\permissions.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\places.sqlite-journal
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\places.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\pluginreg.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\profile.done
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\search.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\search.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\secmod.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\signons.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\urlclassifier3.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\webappsstore.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\XPC.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\xpti.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\work\work_pool\FF35\agt_0\XUL.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\xpcom.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\xul.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\zlib1.dll
c:\program files\Gomez\GomezPEER\bin\GomezPEER.exe
c:\program files\Gomez\GomezPEER\cache\helper\databank.003.js
c:\program files\Gomez\GomezPEER\cache\helper\GomezGlobalFunctions.008.js
c:\program files\Gomez\GomezPEER\cache\helper\static_helpers.003.js
c:\program files\Gomez\GomezPEER\cache\helper\url_helpers.003.js
c:\program files\Gomez\GomezPEER\cache\params.xml
c:\program files\Gomez\GomezPEER\cache\Respawn.class
c:\program files\Gomez\GomezPEER\country_list.txt
c:\program files\Gomez\GomezPEER\decode.exe
c:\program files\Gomez\GomezPEER\dll.log
c:\program files\Gomez\GomezPEER\getclean.exe
c:\program files\Gomez\GomezPEER\gomez.dat
c:\program files\Gomez\GomezPEER\gomez.dat.backup1
c:\program files\Gomez\GomezPEER\gomez.dat.backup2
c:\program files\Gomez\GomezPEER\gomez.dat.backup3
c:\program files\Gomez\GomezPEER\javparms.dat
c:\program files\Gomez\GomezPEER\jre\bin\attach.dll
c:\program files\Gomez\GomezPEER\jre\bin\awt.dll
c:\program files\Gomez\GomezPEER\jre\bin\axbridge.dll
c:\program files\Gomez\GomezPEER\jre\bin\client\classes.jsa
c:\program files\Gomez\GomezPEER\jre\bin\client\jvm.dll
c:\program files\Gomez\GomezPEER\jre\bin\client\Xusage.txt
c:\program files\Gomez\GomezPEER\jre\bin\cmm.dll
c:\program files\Gomez\GomezPEER\jre\bin\comfyj.lic
c:\program files\Gomez\GomezPEER\jre\bin\dcpr.dll
c:\program files\Gomez\GomezPEER\jre\bin\deploy.dll
c:\program files\Gomez\GomezPEER\jre\bin\dt_shmem.dll
c:\program files\Gomez\GomezPEER\jre\bin\dt_socket.dll
c:\program files\Gomez\GomezPEER\jre\bin\eula.dll
c:\program files\Gomez\GomezPEER\jre\bin\fontmanager.dll
c:\program files\Gomez\GomezPEER\jre\bin\hpi.dll
c:\program files\Gomez\GomezPEER\jre\bin\hprof.dll
c:\program files\Gomez\GomezPEER\jre\bin\ICE_JNIRegistry.dll
c:\program files\Gomez\GomezPEER\jre\bin\instrument.dll
c:\program files\Gomez\GomezPEER\jre\bin\ioser12.dll
c:\program files\Gomez\GomezPEER\jre\bin\j2pcsc.dll
c:\program files\Gomez\GomezPEER\jre\bin\j2pkcs11.dll
c:\program files\Gomez\GomezPEER\jre\bin\jaas_nt.dll
c:\program files\Gomez\GomezPEER\jre\bin\java-rmi.exe
c:\program files\Gomez\GomezPEER\jre\bin\java.dll
c:\program files\Gomez\GomezPEER\jre\bin\java.exe
c:\program files\Gomez\GomezPEER\jre\bin\java_crw_demo.dll
c:\program files\Gomez\GomezPEER\jre\bin\javacpl.cpl
c:\program files\Gomez\GomezPEER\jre\bin\javacpl.exe
c:\program files\Gomez\GomezPEER\jre\bin\javaw.exe
c:\program files\Gomez\GomezPEER\jre\bin\javaws.exe
c:\program files\Gomez\GomezPEER\jre\bin\jawt.dll
c:\program files\Gomez\GomezPEER\jre\bin\JdbcOdbc.dll
c:\program files\Gomez\GomezPEER\jre\bin\jdwp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jexplorer.lic
c:\program files\Gomez\GomezPEER\jre\bin\jli.dll
c:\program files\Gomez\GomezPEER\jre\bin\jniwrap.dll
c:\program files\Gomez\GomezPEER\jre\bin\jniwrap.lic
c:\program files\Gomez\GomezPEER\jre\bin\jpeg.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpicom.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpiexp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpinscp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpioji.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpishare.dll
c:\program files\Gomez\GomezPEER\jre\bin\jsound.dll
c:\program files\Gomez\GomezPEER\jre\bin\jsoundds.dll
c:\program files\Gomez\GomezPEER\jre\bin\jucheck.exe
c:\program files\Gomez\GomezPEER\jre\bin\jureg.exe
c:\program files\Gomez\GomezPEER\jre\bin\jusched.exe
c:\program files\Gomez\GomezPEER\jre\bin\keytool.exe
c:\program files\Gomez\GomezPEER\jre\bin\kinit.exe
c:\program files\Gomez\GomezPEER\jre\bin\klist.exe
c:\program files\Gomez\GomezPEER\jre\bin\ktab.exe
c:\program files\Gomez\GomezPEER\jre\bin\management.dll
c:\program files\Gomez\GomezPEER\jre\bin\Microsoft.VC80.CRT.manifest
c:\program files\Gomez\GomezPEER\jre\bin\msvcm80.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcp80.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcr71.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcr80.dll
c:\program files\Gomez\GomezPEER\jre\bin\net.dll
c:\program files\Gomez\GomezPEER\jre\bin\nio.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava11.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava12.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava13.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava14.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava32.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjpi160.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjpi160_03.dll
c:\program files\Gomez\GomezPEER\jre\bin\npoji610.dll
c:\program files\Gomez\GomezPEER\jre\bin\npt.dll
c:\program files\Gomez\GomezPEER\jre\bin\orbd.exe
c:\program files\Gomez\GomezPEER\jre\bin\pack200.exe
c:\program files\Gomez\GomezPEER\jre\bin\policytool.exe
c:\program files\Gomez\GomezPEER\jre\bin\porivonet.dll
c:\program files\Gomez\GomezPEER\jre\bin\PorivoProcess.dll
c:\program files\Gomez\GomezPEER\jre\bin\regutils.dll
c:\program files\Gomez\GomezPEER\jre\bin\rmi.dll
c:\program files\Gomez\GomezPEER\jre\bin\rmid.exe
c:\program files\Gomez\GomezPEER\jre\bin\rmiregistry.exe
c:\program files\Gomez\GomezPEER\jre\bin\server\jvm.dll
c:\program files\Gomez\GomezPEER\jre\bin\server\Xusage.txt
c:\program files\Gomez\GomezPEER\jre\bin\servertool.exe
c:\program files\Gomez\GomezPEER\jre\bin\splashscreen.dll
c:\program files\Gomez\GomezPEER\jre\bin\ssv.dll
c:\program files\Gomez\GomezPEER\jre\bin\sunmscapi.dll
c:\program files\Gomez\GomezPEER\jre\bin\SystemInfo.dll
c:\program files\Gomez\GomezPEER\jre\bin\tnameserv.exe
c:\program files\Gomez\GomezPEER\jre\bin\unicows.dll
c:\program files\Gomez\GomezPEER\jre\bin\unpack.dll
c:\program files\Gomez\GomezPEER\jre\bin\unpack200.exe
c:\program files\Gomez\GomezPEER\jre\bin\verify.dll
c:\program files\Gomez\GomezPEER\jre\bin\w2k_lsa_auth.dll
c:\program files\Gomez\GomezPEER\jre\bin\WinTimer.dll
c:\program files\Gomez\GomezPEER\jre\bin\wsdetect.dll
c:\program files\Gomez\GomezPEER\jre\bin\zip.dll
c:\program files\Gomez\GomezPEER\jre\COPYRIGHT
c:\program files\Gomez\GomezPEER\jre\lib\audio\soundbank.gm
c:\program files\Gomez\GomezPEER\jre\lib\calendars.properties
c:\program files\Gomez\GomezPEER\jre\lib\charsets.jar
c:\program files\Gomez\GomezPEER\jre\lib\classlist
c:\program files\Gomez\GomezPEER\jre\lib\cmm\CIEXYZ.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\GRAY.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\LINEAR_RGB.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\PYCC.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\sRGB.pf
c:\program files\Gomez\GomezPEER\jre\lib\content-types.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy.jar
c:\program files\Gomez\GomezPEER\jre\lib\deploy\ffjcext.zip
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_de.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_es.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_fr.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_it.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_ja.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_ko.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_sv.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_CN.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_HK.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_TW.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\splash.jpg
c:\program files\Gomez\GomezPEER\jre\lib\endorsed\xalan.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\commons-codec.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\commons-lang.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\css.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\dnsjava.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\dnsns.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\gomez-webcore.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\HeartBeatProject.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jdom.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\JNIRegistry.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jniwrap.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\js.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jstools.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\Kernel.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\localedata.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\log4j.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\meta-index
c:\program files\Gomez\GomezPEER\jre\lib\ext\nekohtml.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\oro.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\peergui.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\PeerReviewProject.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\poi.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-agent.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-lib.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-modules.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-utils.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunjce_provider.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunmscapi.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunpkcs11.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\winpack.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\xerces.jar
c:\program files\Gomez\GomezPEER\jre\lib\flavormap.properties
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.98.bfc
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.98.properties.src
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.bfc
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.properties.src
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiItalic.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightItalic.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaSansDemiBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaSansRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\i386\jvm.cfg
c:\program files\Gomez\GomezPEER\jre\lib\im\indicim.jar
c:\program files\Gomez\GomezPEER\jre\lib\im\thaiim.jar
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\cursors.properties
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\invalid32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\javaws.jar
c:\program files\Gomez\GomezPEER\jre\lib\jce.jar
c:\program files\Gomez\GomezPEER\jre\lib\jsse.jar
c:\program files\Gomez\GomezPEER\jre\lib\jvm.hprof.txt
c:\program files\Gomez\GomezPEER\jre\lib\logging.properties
c:\program files\Gomez\GomezPEER\jre\lib\management-agent.jar
c:\program files\Gomez\GomezPEER\jre\lib\management\jmxremote.access
c:\program files\Gomez\GomezPEER\jre\lib\management\jmxremote.password.template
c:\program files\Gomez\GomezPEER\jre\lib\management\management.properties
c:\program files\Gomez\GomezPEER\jre\lib\management\snmp.acl.template
c:\program files\Gomez\GomezPEER\jre\lib\meta-index
c:\program files\Gomez\GomezPEER\jre\lib\net.properties
c:\program files\Gomez\GomezPEER\jre\lib\plugin.jar
c:\program files\Gomez\GomezPEER\jre\lib\psfont.properties.ja
c:\program files\Gomez\GomezPEER\jre\lib\psfontj2d.properties
c:\program files\Gomez\GomezPEER\jre\lib\resources.jar
c:\program files\Gomez\GomezPEER\jre\lib\rt.jar
c:\program files\Gomez\GomezPEER\jre\lib\security\cacerts
c:\program files\Gomez\GomezPEER\jre\lib\security\gsr.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\java.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\java.security
c:\program files\Gomez\GomezPEER\jre\lib\security\javaws.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\local_policy.jar
c:\program files\Gomez\GomezPEER\jre\lib\security\US_export_policy.jar
c:\program files\Gomez\GomezPEER\jre\lib\sound.properties
c:\program files\Gomez\GomezPEER\jre\lib\tzmappings
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Abidjan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Accra
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Addis_Ababa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Algiers
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Asmara
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Asmera
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bamako
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bangui
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Banjul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bissau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Blantyre
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Brazzaville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bujumbura
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Cairo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Casablanca
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ceuta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Conakry
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Dakar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Dar_es_Salaam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Djibouti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Douala
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\El_Aaiun
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Freetown
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Gaborone
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Harare
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Johannesburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kampala
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Khartoum
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kigali
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kinshasa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Libreville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Luanda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lubumbashi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lusaka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Malabo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Maputo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Maseru
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Mbabane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Mogadishu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Monrovia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Nairobi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ndjamena
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Niamey
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Nouakchott
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ouagadougou
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Porto-Novo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Sao_Tome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Tripoli
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Tunis
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Windhoek
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Adak
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Anchorage
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Anguilla
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Antigua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Araguaina
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Buenos_Aires
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Catamarca
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Cordoba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Jujuy
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\La_Rioja
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Mendoza
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Rio_Gallegos
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\San_Juan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Tucuman
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Ushuaia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Aruba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Asuncion
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Atikokan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Bahia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Barbados
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Belem
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Belize
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Blanc-Sablon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Boa_Vista
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Bogota
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Boise
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cambridge_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Campo_Grande
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cancun
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Caracas
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cayenne
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cayman
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Chicago
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Chihuahua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Costa_Rica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cuiaba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Curacao
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Danmarkshavn
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dawson
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dawson_Creek
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Denver
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Detroit
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dominica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Edmonton
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Eirunepe
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\El_Salvador
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Fortaleza
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Glace_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Godthab
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Goose_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Grand_Turk
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Grenada
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guadeloupe
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guatemala
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guayaquil
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guyana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Halifax
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Havana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Hermosillo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Indianapolis
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Knox
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Marengo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Petersburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Tell_City
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vevay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vincennes
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Winamac
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Inuvik
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Iqaluit
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Jamaica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Juneau
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Louisville
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Monticello
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\La_Paz
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Lima
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Los_Angeles
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Maceio
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Managua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Manaus
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Martinique
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Mazatlan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Menominee
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Merida
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Mexico_City
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Miquelon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Moncton
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Monterrey
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montevideo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montreal
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montserrat
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nassau
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\New_York
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nipigon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nome
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Noronha
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\Center
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\New_Salem
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Panama
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Pangnirtung
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Paramaribo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Phoenix
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Port-au-Prince
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Port_of_Spain
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Porto_Velho
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Puerto_Rico
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rainy_River
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rankin_Inlet
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Recife
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Regina
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Resolute
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rio_Branco
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Santiago
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Santo_Domingo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Sao_Paulo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Scoresbysund
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Johns
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Kitts
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Lucia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Thomas
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Vincent
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Swift_Current
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tegucigalpa
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Thule
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Thunder_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tijuana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Toronto
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tortola
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Vancouver
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Whitehorse
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Winnipeg
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Yakutat
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Yellowknife
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Casey
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Davis
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\DumontDUrville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Mawson
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\McMurdo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Palmer
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Rothera
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Syowa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Vostok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aden
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Almaty
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Amman
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Anadyr
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtobe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Ashgabat
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Baghdad
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bahrain
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Baku
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bangkok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Beirut
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bishkek
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Brunei
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Calcutta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Choibalsan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Chongqing
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Colombo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Damascus
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dhaka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dili
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dubai
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dushanbe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Gaza
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Harbin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Hong_Kong
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Hovd
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Irkutsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jakarta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jayapura
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jerusalem
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kabul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kamchatka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Karachi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kashgar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Katmandu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Krasnoyarsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuala_Lumpur
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuching
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuwait
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Macau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Magadan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Makassar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Manila
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Muscat
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Nicosia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Novosibirsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Omsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Oral
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Phnom_Penh
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Pontianak
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Pyongyang
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Qatar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Qyzylorda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Rangoon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh87
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh88
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh89
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Saigon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Sakhalin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Samarkand
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Seoul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Shanghai
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Singapore
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Taipei
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tashkent
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tbilisi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tehran
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Thimphu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tokyo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Ulaanbaatar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Urumqi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Vientiane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Vladivostok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yakutsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yekaterinburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yerevan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Azores
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Bermuda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Canary
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Cape_Verde
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faeroe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faroe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Madeira
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Reykjavik
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\South_Georgia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\St_Helena
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Stanley
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Adelaide
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Brisbane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Broken_Hill
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Currie
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Darwin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Eucla
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Hobart
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Lindeman
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Lord_Howe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Melbourne
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Perth
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Sydney
c:\program files\Gomez\GomezPEER\jre\lib\zi\CET
c:\program files\Gomez\GomezPEER\jre\lib\zi\CST6CDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\EET
c:\program files\Gomez\GomezPEER\jre\lib\zi\EST
c:\program files\Gomez\GomezPEER\jre\lib\zi\EST5EDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-1
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-10
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-11
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-12
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-13
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-14
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-2
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-3
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-4
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-5
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-6
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-7
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-8
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-9
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+1
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+10
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+11
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+12
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+2
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+3
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+4
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+5
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+6
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+7
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+8
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+9
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\UCT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\UTC
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Amsterdam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Andorra
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Athens
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Belgrade
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Berlin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Brussels
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Bucharest
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Budapest
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Chisinau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Copenhagen
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Dublin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Gibraltar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Helsinki
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Istanbul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Kaliningrad
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Kiev
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Lisbon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\London
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Luxembourg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Madrid
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Malta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Minsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Monaco
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Moscow
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Oslo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Paris
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Prague
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Riga
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Rome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Samara
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Simferopol
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Sofia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Stockholm
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Tallinn
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Tirane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Uzhgorod
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vaduz
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vienna
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vilnius
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Volgograd
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Warsaw
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Zaporozhye
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Zurich
c:\program files\Gomez\GomezPEER\jre\lib\zi\GMT
c:\program files\Gomez\GomezPEER\jre\lib\zi\HST
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Antananarivo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Chagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Christmas
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Cocos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Comoro
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Kerguelen
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mahe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Maldives
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mauritius
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mayotte
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Reunion
c:\program files\Gomez\GomezPEER\jre\lib\zi\MET
c:\program files\Gomez\GomezPEER\jre\lib\zi\MST
c:\program files\Gomez\GomezPEER\jre\lib\zi\MST7MDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Apia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Auckland
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Chatham
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Easter
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Efate
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Enderbury
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Fakaofo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Fiji
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Funafuti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Galapagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Gambier
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Guadalcanal
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Guam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Honolulu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Johnston
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kiritimati
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kosrae
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kwajalein
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Majuro
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Marquesas
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Midway
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Nauru
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Niue
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Norfolk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Noumea
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Pago_Pago
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Palau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Pitcairn
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Ponape
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Port_Moresby
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Rarotonga
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Saipan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tahiti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tarawa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tongatapu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Truk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Wake
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Wallis
c:\program files\Gomez\GomezPEER\jre\lib\zi\PST8PDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4ADT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6CDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5EDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\HST10
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7MDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8PDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9YDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\WET
c:\program files\Gomez\GomezPEER\jre\lib\zi\ZoneInfoMappings
c:\program files\Gomez\GomezPEER\jre\LICENSE
c:\program files\Gomez\GomezPEER\jre\LICENSE.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_de.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_es.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_fr.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_it.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_ja.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_ko.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_sv.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_zh_CN.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_zh_TW.rtf
c:\program files\Gomez\GomezPEER\jre\README.txt
c:\program files\Gomez\GomezPEER\jre\THIRDPARTYLICENSEREADME.txt
c:\program files\Gomez\GomezPEER\jre\Welcome.html
c:\program files\Gomez\GomezPEER\mname.ini
c:\program files\Gomez\GomezPEER\par2.exe
c:\program files\Gomez\GomezPEER\peer.log
c:\program files\Gomez\GomezPEER\ReadMe.txt
c:\program files\Gomez\GomezPEER\tools\bind\bind.zip
c:\program files\Gomez\GomezPEER\tools\bind\COPYRIGHT
c:\program files\Gomez\GomezPEER\tools\bind\dig.exe
c:\program files\Gomez\GomezPEER\tools\bind\libbind9.dll
c:\program files\Gomez\GomezPEER\tools\bind\libdns.dll
c:\program files\Gomez\GomezPEER\tools\bind\libeay32.dll
c:\program files\Gomez\GomezPEER\tools\bind\libisc.dll
c:\program files\Gomez\GomezPEER\tools\bind\libisccc.dll
c:\program files\Gomez\GomezPEER\tools\bind\libisccfg.dll
c:\program files\Gomez\GomezPEER\tools\bind\liblwres.dll
c:\program files\Gomez\GomezPEER\tools\bind\libxml2.dll
c:\program files\Gomez\GomezPEER\tools\bind\libxml2.dll.2.config
c:\program files\Gomez\GomezPEER\tools\bind\Microsoft.VC80.CRT.manifest
c:\program files\Gomez\GomezPEER\tools\bind\msvcm80.dll
c:\program files\Gomez\GomezPEER\tools\bind\msvcp80.dll
c:\program files\Gomez\GomezPEER\tools\bind\msvcr80.dll
c:\program files\Gomez\GomezPEER\tools\bind\nslookup.exe
c:\program files\Gomez\GomezPEER\uninstall.exe
c:\program files\Gomez\GomezPEER\upatelog.txt
c:\users\TheIncredible\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ThinkPoint.lnk
c:\program files\Gomez . . . . Nicht in der Lage zu löschen
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-06-14 bis 2011-07-14 ))))))))))))))))))))))))))))))
.
.
2011-07-14 23:00 . 2011-07-14 23:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-07-14 23:00 . 2011-07-14 23:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-14 22:48 . 2011-07-14 22:48 -------- d-----w- C:\32788R22FWJFW
2011-07-13 19:33 . 2011-07-13 19:33 -------- d-----w- c:\program files\jeak.de
2011-07-12 23:34 . 2011-07-12 23:34 -------- dc----w- c:\users\TheIncredible\AppData\Local\DDMSettings
2011-07-12 23:33 . 2011-07-13 19:19 -------- d-----w- c:\users\TheIncredible\AppData\Roaming\DivX
2011-07-12 23:32 . 2011-07-12 23:33 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-07-12 23:31 . 2011-07-12 23:33 -------- d-----w- c:\program files\DivX
2011-07-12 23:31 . 2011-07-12 23:33 -------- d-----w- c:\programdata\DivX
2011-07-12 12:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7E0CBED-5E68-44C5-87D5-4E72D950C51A}\mpengine.dll
2011-07-11 09:43 . 2011-07-11 09:43 -------- d-----w- c:\program files\Apple Software Update
2011-06-29 10:17 . 2011-06-29 10:17 -------- d-----w- c:\program files\Common Files\xing shared
2011-06-29 02:52 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 02:52 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 02:52 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 02:52 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 02:52 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 02:52 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 02:52 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 02:52 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 02:52 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 02:52 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-24 10:14 . 2011-06-24 10:14 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-24 10:14 . 2011-06-24 10:14 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-20 21:18 . 2011-06-28 00:51 -------- d-----w- c:\users\TheIncredible\AppData\Roaming\Spark
2011-06-20 21:17 . 2011-06-20 21:18 -------- d-----w- c:\program files\Spark
2011-06-16 23:46 . 2011-06-16 23:46 -------- d-----w- c:\program files\Microsoft IntelliPoint
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-14 12:37 . 2011-05-13 16:31 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-14 12:37 . 2011-05-13 16:34 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-14 12:37 . 2011-05-13 16:30 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-13 19:32 . 2011-05-19 14:51 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 14:52 . 2011-05-13 16:30 234768 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 11:37 . 2011-05-13 16:31 138056 ----a-w- c:\users\TheIncredible\AppData\Roaming\PnkBstrK.sys
2011-07-03 11:36 . 2011-05-13 16:30 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-29 10:17 . 2010-06-02 14:02 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-06-29 10:17 . 2009-07-14 14:27 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-06-29 09:36 . 2010-10-15 18:22 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-29 09:36 . 2010-10-15 18:22 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-14 04:09 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-24 17:14 . 2010-10-15 18:45 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 02:52 . 2010-10-13 20:57 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-14 21:13 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-14 21:14 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-14 21:14 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-14 21:14 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-14 21:11 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-14 21:11 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-14 21:11 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-14 21:14 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-14 21:14 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-22 19:14 . 2011-05-25 00:09 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-11-11 19:47 . 2010-11-11 19:41 622807012 ----a-w- c:\program files\Flyff_Eu_De_Setup.exe
2011-06-24 10:14 . 2011-04-30 03:55 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2010-12-15 7099904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 150552]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-29 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-09-29 5064560]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-06-29 273544]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GomezPEER.lnk - c:\program files\Gomez\GomezPEER\bin\GomezPEER.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTskMgr"= 0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-06-17 3890920]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys [2010-03-31 379904]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\test\ECECECEC\WinRing0.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-06 691696]
S1 funfrm;funfrm; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-23 483688]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-04-12 45464]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-23 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-23 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-23 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-23 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-23 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
Inhalt des "geplante Tasks" Ordners
.
2011-07-14 c:\windows\Tasks\qipdater.exe.job
- c:\program files\jeak.de\QIP 2010\qipdater.exe [2011-07-01 13:34]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
TCP: DhcpNameServer = 192.168.178.1
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\TheIncredible\AppData\Roaming\Mozilla\Firefox\Profiles\hhdbst8g.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Infium - c:\program files\QIP 2010\qip.exe
SafeBoot-Wdf01000.sys
AddRemove-GomezPEER - c:\program files\Gomez\GomezPEER\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3888)
c:\program files\XemiComputers\Active Desktop Calendar\MouseHook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Conexant\SAII\SmartAudio.exe
c:\program files\Microsoft IntelliPoint\dpupdchk.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-07-15 01:08:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-07-14 23:08
ComboFix2.txt 2010-11-29 07:19
.
Vor Suchlauf: 10 Verzeichnis(se), 166.466.179.072 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 167.287.779.328 Bytes frei
.
- - End Of File - - 0671F177ED1C978D0FB16F1744298BBB
Seitenanfang Seitenende
15.07.2011, 12:28
Member

Beiträge: 34
#4 lAs das GomezPEER lieber weg. Absoluter schrott, ist ja wie bei SETI. DIe Leute haben durch diese Programm zugriff auf deinen PC, kann gut sein, das die das missbraucht haben.
sptd.sys kommt mir leicht spanisch vor, ist keine Windowssystemdatei & ist etwas unüblich keinen Namen anzugeben. Warum sind beim IE Russische Suchen als startseite?

(C:\Users\TheIncredible\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????) -- C:\Users\TheIncredible\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\アリスソフト

Was ist das für Datei?
Warum ist IE noch auf Version 8, 9 müsste es schon geben.
Bist du immer als Admin eingeloggt?
Adobe Reader 9? Es gibt schon 10, hätte sich gelohnt zu aktuallisieren.



Ich empfehle: neuaufsetzten, diesmal an den Leitfaden der PC-Sicherheit halten
(http://forum.chip.de/viren-trojaner-wuermer/leitfaden-pc-sicherheit-968736.html)
Als Admin ins Internet gehen ist schon tötlich, wenn man dann seine Software auch nicht aktualisiertt muss sowas rauskommen
Seitenanfang Seitenende
15.07.2011, 12:32
Member

Themenstarter

Beiträge: 63
#5 Russische Suche: Habe wohl bei der Installation von QIP nicht aufgepasst und vergessen das Häckchen wegzumachen....Standardsuche ist Google, aber hinterlässt wohl Spuren ;)
IE ist deinstalliert bzw deaktiviert (ganz los wird man den ja ohne weiteres nicht) und nur Firefox wird verwendet.
Die Datei kenne ich auch nicht.
Ja bin immer als Admin eingeloggt werde mir auch kein Extrakonto machen sorry
Adobe Reader wird wohl aktualisiert wenn ich ihn das nächste mal starte...
Seitenanfang Seitenende
15.07.2011, 13:14
Member

Beiträge: 34
#6 IE wird von vielen Programmkomponenten verwendet! Aktuallisiern musst du ihn auch wenn du ihn nur passiv nutzt.

Bei deiner einstellung würde ich dir niemals einen PC in die Hand drücken. Du schädigst durch einen infizierten Rechner nicht nur dich, sondern auch andere. Neu aufsetzte ist empfehlenswert, damit du ersteinmal sicheres System hast. Aber auf mich musst du ja nicht hören
Seitenanfang Seitenende
15.07.2011, 13:20
Member

Themenstarter

Beiträge: 63
#7 jap ist deine Meinung
wenn man es ganz kleinlich sieht darf man garkeinen Instantmessanger benutzen, auch IRC ist gefährlich....und Windows benutzen sowieso.

Aber jetzt bitte zurück zum Thema.
Seitenanfang Seitenende
15.07.2011, 13:43
Member

Beiträge: 34
#8 Ich habe dir erklärt was zu tuhen ist, das musst du nur umsetzten
Seitenanfang Seitenende
15.07.2011, 13:44
Member

Themenstarter

Beiträge: 63
#9 bitte hier zum 2. Mal meine Bitte nicht weiter Off-Topic zu antworten sonst sieht das noch so aus als würde mir geholfen werden...thx
Seitenanfang Seitenende
15.07.2011, 15:54
Member

Beiträge: 34
#10 BITTE WAS? Ich probiere dir hier zu helfen. Das ist kein OffTopic (Ich moderiere selbst in einem Forum, also werde ich ja wissen was OT ist und was nicht)

Das neuaufsetzten sollte ja kein problem für dich sein, du hast ja sicher ein Backup
Seitenanfang Seitenende
15.07.2011, 15:55
Member

Themenstarter

Beiträge: 63
#11 ist es normal das du mittendrin die Arbeit von Swisstreasure übernimmst?
Seitenanfang Seitenende
15.07.2011, 16:09
Member

Beiträge: 34
#12 Da ich jetzt kein TOFU machen will, lies seinen Text nocheinmal. Er sagt einfach die Standard & das du CF durchlaufen lassen sollst. Ich habe seine arbeit weitergeführt. Ist ja dein PC, infecte weiter Leute und freue dich. Er hat an keiner Stelle gesagt, das er sich allein um dein Problem kümmert. Ouh man, du verstehst das Prinzip eines Forums nicht.
Seitenanfang Seitenende
15.07.2011, 17:49
Member
Avatar Gool

Beiträge: 4730
#13 Auch wenn ich von GomezPEER abraten würde, sehe ich soweit keine Infektion.

Ich schätze, es ist irgendeine Werbung die von irgendeinem der installierten Programme abgespielt wird. Die Frage ist also, welches der Programme hast Du schon so lange, dass es damit in Zusammenhang stehen könnte? Passiert es nur, wenn Du nen Browser geöffnet hast, oder auch dann, wenn gar kein Programmfenster geöffnet ist?

@SYN
Die sptd.sys ist eine legitime Datei
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
15.07.2011, 18:25
Member

Beiträge: 34
#14 @Gool
Hm, hab dadrüber nix gefunden.

Abert inwiefern sollte das ein programm machen.
Seitenanfang Seitenende
15.07.2011, 18:30
Member

Themenstarter

Beiträge: 63
#15 Hab schon nen bisschen rumprobiert.
Das geht auch los wenn der Browser geschlossen ist und ich garnicht am PC sitze.
Auch ein trennen der Internetverbindung (LAN und WLAN) brachte keinen Erfolg.
Ebenso ein Ausschalten aller Instantmessanger und Co.

Evtl hängt es mit meinem Firefox zusammen und ist halt kein Virus/Trojaner/Malware.
Habe manchmal das Problem das ich trotz Adblock Plus Popupfenster habe (gewollte und ungewollte). Diese sehe ich nach dem Schliessen erst wieder, wenn ich Firefox schliesse und dann wieder neu starte (wo ja dann versucht wird die letzte Sitzung wieder herzustellen)....evtl ist eines dieser für mich unsichtbaren Popupfenster dafür verantwortlich. Welcher Bereich hier im Forum wäre dann für dieses Problem der beste Ansprechpartner?
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: