Programm Reste von GPX Konverter und Editor von der Seite Winload werden von Win Patrol gemeldet

ComboFix 11-07-20.02 - Robinson Crusoe 20.07.2011  13:29:25.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.3298 [GMT 2:00]
ausgeführt von:: c:\users\Robinson Crusoe\Desktop\ComboFix.exe
AV: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Internet Security 2011 10.51 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\winsys
c:\windows\SysWow64\winsys\msvcrt40.dll
c:\windows\winhelp.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-06-20 bis 2011-07-20  ))))))))))))))))))))))))))))))
.
.
2011-07-20 11:35 . 2011-07-20 11:35	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-20 11:27 . 2011-07-20 11:27	--------	d-----w-	C:\32788R22FWJFW
2011-07-19 10:01 . 2011-06-07 17:10	8873296	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{66458F70-A123-481C-BF20-84EB5CA72E67}\mpengine.dll
2011-07-18 07:50 . 2011-07-18 07:50	--------	d-----w-	C:\_OTL
2011-07-17 17:02 . 1998-06-23 23:00	137000	----a-w-	c:\windows\SysWow64\MSMAPI32.OCX
2011-07-17 17:02 . 1998-07-06 16:55	158208	----a-w-	c:\windows\SysWow64\MSCMCDE.DLL
2011-07-17 17:02 . 1998-07-06 16:55	64512	----a-w-	c:\windows\SysWow64\MSCC2DE.DLL
2011-07-17 17:02 . 1998-07-05 23:00	23552	----a-w-	c:\windows\SysWow64\MSMPIDE.DLL
2011-07-17 16:44 . 2011-07-17 16:44	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\DL
2011-07-17 16:44 . 2011-07-19 20:04	--------	d-----w-	c:\users\Robinson Crusoe\.Zettelkasten
2011-07-17 16:44 . 2011-02-06 17:00	4119497	----a-w-	c:\program files\Zettelkasten.exe
2011-07-17 16:36 . 2011-07-17 16:36	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\ThePluginSite
2011-07-17 16:36 . 2011-07-17 16:36	--------	d-----w-	c:\program files\ThePluginSite
2011-07-15 21:10 . 2011-07-15 21:10	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\de.txptr.googleplus
2011-07-15 21:10 . 2011-07-15 21:10	--------	d-----w-	c:\program files (x86)\Google+ RegHelper
2011-07-15 20:48 . 2011-07-15 20:48	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\Malwarebytes
2011-07-15 20:48 . 2011-07-06 17:52	41272	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-15 20:48 . 2011-07-15 20:48	--------	d-----w-	c:\programdata\Malwarebytes
2011-07-15 20:48 . 2011-07-06 17:52	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-07-15 20:48 . 2011-07-15 20:50	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-15 12:30 . 2011-07-15 12:30	--------	d-----w-	c:\program files\7-Zip
2011-07-14 17:29 . 2011-07-14 17:44	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Local\Conduit
2011-07-14 17:23 . 2011-07-14 17:23	--------	d-----w-	c:\users\Robinson Crusoe\.hgt
2011-07-13 23:31 . 2011-07-13 23:31	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\MusicIP
2011-07-13 23:31 . 2011-07-13 23:31	--------	d-----w-	c:\program files (x86)\MusicIP
2011-07-13 10:38 . 2011-07-13 10:38	--------	d-----w-	c:\program files\Common Files\Adobe
2011-07-13 10:10 . 2011-06-11 03:07	3137536	----a-w-	c:\windows\system32\win32k.sys
2011-07-11 21:48 . 2011-07-11 21:48	12800	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2011-07-10 09:11 . 2011-07-10 09:11	--------	d-----w-	c:\program files (x86)\Free Video Player
2011-07-10 09:11 . 2011-07-10 09:11	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Local\TempImg
2011-07-09 22:10 . 2011-07-09 22:10	285280	----a-w-	c:\windows\system32\drivers\afcdp.sys
2011-07-09 22:10 . 2011-07-09 22:10	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\3AA8AC40-9402-4DEA-99B8-ECF764E9A424
2011-07-09 22:10 . 2011-07-09 22:10	970336	----a-w-	c:\windows\system32\drivers\timntr.sys
2011-07-08 15:03 . 2011-07-08 15:03	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\Ashampoo
2011-07-08 15:02 . 2011-07-08 15:03	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Local\ashampoo
2011-07-08 15:02 . 2011-07-08 15:02	--------	d-----w-	c:\programdata\ashampoo
2011-06-26 09:03 . 2011-06-26 09:03	--------	d-----w-	c:\windows\system32\SPReview
2011-06-25 20:00 . 2011-06-25 20:00	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-23 21:21 . 2010-11-20 13:26	4120064	----a-w-	c:\windows\system32\mf.dll
2011-06-23 21:20 . 2010-11-20 13:27	1727488	----a-w-	c:\program files\Windows Photo Viewer\PhotoViewer.dll
2011-06-23 21:19 . 2010-11-20 13:32	2217856	----a-w-	c:\windows\system32\bootres.dll
2011-06-23 21:18 . 2010-11-20 13:26	121344	----a-w-	c:\windows\system32\fphc.dll
2011-06-23 21:17 . 2010-11-20 13:00	2560	----a-w-	c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2011-06-23 21:17 . 2010-11-20 13:07	2560	----a-w-	c:\windows\system32\drivers\de-DE\disk.sys.mui
2011-06-23 21:17 . 2010-11-20 13:12	7168	----a-w-	c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2011-06-23 21:17 . 2010-11-20 13:00	4608	----a-w-	c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2011-06-23 21:17 . 2010-11-20 12:21	189952	----a-w-	c:\windows\SysWow64\wdscore.dll
2011-06-23 21:17 . 2010-11-20 12:17	209920	----a-w-	c:\windows\SysWow64\PkgMgr.exe
2011-06-23 21:17 . 2010-11-20 12:18	323072	----a-w-	c:\windows\SysWow64\drvstore.dll
2011-06-23 21:17 . 2010-11-20 12:18	257024	----a-w-	c:\windows\SysWow64\dpx.dll
2011-06-23 21:17 . 2010-11-20 12:21	363008	----a-w-	c:\windows\SysWow64\wbemcomn.dll
2011-06-23 21:17 . 2010-11-20 12:19	606208	----a-w-	c:\windows\SysWow64\wbem\fastprox.dll
2011-06-23 21:14 . 2010-11-20 13:27	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2011-06-23 21:14 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2011-06-23 21:14 . 2010-11-20 13:27	1225216	----a-w-	c:\windows\system32\wbem\wbemcore.dll
2011-06-23 21:14 . 2010-11-20 13:27	933376	----a-w-	c:\windows\system32\SmiEngine.dll
2011-06-23 21:14 . 2010-11-20 13:25	199168	----a-w-	c:\windows\system32\PkgMgr.exe
2011-06-23 21:13 . 2010-11-20 13:26	422912	----a-w-	c:\windows\system32\drvstore.dll
2011-06-23 21:13 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2011-06-23 14:00 . 2011-06-23 14:00	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 14:00 . 2011-06-23 14:00	1998168	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-23 07:00 . 2011-07-10 08:57	--------	d-----w-	c:\users\Robinson Crusoe\AppData\Roaming\vlc
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-09 22:10 . 2011-03-16 23:53	1263200	----a-w-	c:\windows\system32\drivers\tdrpm273.sys
2011-06-26 09:08 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-06-26 09:08 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-06-16 21:15 . 2011-05-16 01:17	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-05 16:44 . 2011-06-05 16:44	48	----a-w-	c:\users\Robinson Crusoe\AppData\Roaming\tigersetting.dll
2011-06-03 05:57 . 2011-07-13 10:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-05-28 22:21 . 2011-03-17 00:04	42664	----a-w-	c:\windows\SysWow64\drivers\fsbts.sys
2011-05-28 22:15 . 2011-03-17 00:04	46664	----a-w-	c:\windows\system32\drivers\fses.sys
2011-05-28 22:14 . 2011-03-17 00:04	95784	----a-w-	c:\windows\system32\drivers\fsdfw.sys
2011-05-28 03:30 . 2011-06-16 21:23	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-05-28 02:53 . 2011-06-16 21:23	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-05-24 17:14 . 2011-03-16 23:41	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-05-11 19:30 . 2011-03-16 23:53	277088	----a-w-	c:\windows\system32\drivers\snapman.sys
2011-05-04 02:52 . 2011-03-17 00:58	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-05-03 05:29 . 2011-06-16 21:23	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-16 21:23	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-16 21:23	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-16 21:23	410112	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-16 21:23	168448	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:40 . 2011-06-16 21:24	158208	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 02:39 . 2011-06-16 21:24	289280	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:39 . 2011-06-16 21:24	128000	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-04-25 05:33 . 2011-06-16 21:24	1923968	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:34 . 2011-06-16 21:24	499200	----a-w-	c:\windows\system32\drivers\afd.sys
2011-04-22 22:15 . 2011-05-25 14:39	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-22 22:08 . 2011-06-16 21:23	1188864	----a-w-	c:\windows\system32\wininet.dll
2011-04-22 19:10 . 2011-06-16 21:23	981504	----a-w-	c:\windows\SysWow64\wininet.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{37748DAC-9B45-45B8-BAE1-1AC58495E02B}"
[HKEY_CLASSES_ROOT\CLSID\{37748DAC-9B45-45B8-BAE1-1AC58495E02B}]
2010-12-23 10:48	155416	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-12-23 10:48	155416	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2011-05-28 201384]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2011-05-28 1655464]
"TrayServer"="c:\progra~2\MAGIX\VIDEO_~1\TrayServer.exe" [2008-08-07 90112]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-06-27 5587672]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-05-10 2570688]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\users\Robinson Crusoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Wuala.lnk - c:\users\Robinson Crusoe\AppData\Roaming\Wuala\Wuala_old.exe [2010-12-15 428736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AbAlarm.lnk - c:\program files (x86)\AbAlarm\AbAlarm.exe [2011-3-19 1133056]
AcronisÿTrueÿImageÿHome.lnk - c:\program files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe [2011-6-28 4298080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"WinPatrol"=c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-19 136176]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-19 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 OV550I;OVT Scanner;c:\windows\system32\Drivers\ov550ivx.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2011-05-28 41896]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [2011-05-28 27304]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-05-28 61960]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-05-28 15016]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-09 3246040]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2011-01-12 1403200]
S2 wDokan;wDokan;c:\windows\system32\drivers\wdokan.sys [x]
S2 wDokanMounter;wDokanMounter;c:\program files (x86)\Wuala Dokan\mounter.exe [2010-08-11 11776]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-24 11856]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-19 02:12]
.
2011-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-19 02:12]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2011-05-04 08:12	592384	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2011-05-04 08:12	592384	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2011-05-04 08:12	592384	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2011-05-04 08:12	592384	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{37748DAC-9B45-45B8-BAE1-1AC58495E02B}"
[HKEY_CLASSES_ROOT\CLSID\{37748DAC-9B45-45B8-BAE1-1AC58495E02B}]
2010-12-23 10:48	188696	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-12-23 10:48	188696	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2011-05-15 325512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1840720]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-01 391232]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 291872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://www.bigseekpro.com/audiograbber/{0961DA6A-7365-4361-BB03-1421E19F3156}
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Alles mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Auswahl mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Free YouTube Download - c:\users\Robinson Crusoe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Robinson Crusoe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Videos mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
LSP: c:\program files (x86)\F-Secure\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Robinson Crusoe\AppData\Roaming\Mozilla\Firefox\Profiles\hdqpx08v.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.sueddeutsche.de/|hxxp://www.fr-online.de/home/-/1472778/1472778/-/index.html|hxxp://www.taz.de/|hxxp://www.chip.de/|hxxp://www.spektrum.de/
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/index.htm?SearchMashine=true&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
BHO-{1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-07-20  13:37:58
ComboFix-quarantined-files.txt  2011-07-20 11:37
.
Vor Suchlauf: 14 Verzeichnis(se), 17.404.313.600 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 17.099.771.904 Bytes frei
.
- - End Of File - - 50C9B1380811770B9D5BEDEC70EFD85B