.
DDS (Ver_11-03-05.01) - NTFSx86  
Run by sebastian.rummel at 11:15:21,91 on 23.03.2011
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.841 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Windows\System32\TUProgSt.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\sebastian.rummel\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2857572
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:55717
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
uURLSearchHooks: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
uURLSearchHooks: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\tbElf_.dll
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
mURLSearchHooks: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
mURLSearchHooks: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\tbElf_.dll
BHO: XTTBPos00 Class: {055fd26d-3a88-4e15-963d-dc8493744b1d} - c:\progra~1\icqtoo~1\toolbaru.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\tbElf_.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
TB: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\program files\softonic-de3\tbsoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Elf 1.12 Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - c:\program files\elf_1.12\tbElf_.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [recinfo303] c:\recinfo\RecInfo.exe
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [Skytel] Skytel.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Free YouTube Download - c:\users\sebastian.rummel\appdata\roaming\dvdvideosoftiehelpers\youtubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: {F8370F34-C89D-40B6-BF8D-150A0436F1DC} = 192.168.200.1,192.168.200.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-12-22 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-12-22 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-12-22 61960]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-6-14 21504]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2009-7-18 222968]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-7-4 14336]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2007-12-6 46592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 SynasUSB;eLicenser;c:\windows\system32\drivers\synasusb.sys [2011-2-14 23696]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-03-22 10:01:38	5943120	----a-w-	c:\progra~2\microsoft\windows defender\definition updates\{d4af36d8-6b70-4b08-bc4a-c5d0c5dc5255}\mpengine.dll
2011-03-21 17:50:03	--------	d-sh--w-	C:\found.000
2011-03-18 21:20:33	389180	----a-w-	c:\windows\system32\UCS32P.DLL
2011-03-18 21:20:33	36864	----a-w-	c:\windows\system32\CNQU70.DLL
2011-03-18 21:20:33	339968	----a-w-	c:\windows\system32\N124UFW.dll
2011-03-18 21:19:48	--------	d--h--w-	C:\CanoScan
2011-03-18 09:58:18	--------	d-----w-	c:\program files\iPod(4)
2011-03-18 09:58:14	--------	d-----w-	c:\program files\iTunes(5)
2011-03-18 09:54:04	--------	d-----w-	c:\users\sebastian.rummel\{f641b240-2c0d-4d0e-b5e1-d4c1dd83dbd4}
2011-03-18 09:49:50	--------	d-----w-	c:\program files\Bonjour
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-03-18 09:47:40	159744	----a-w-	c:\program files\internet explorer\plugins\npqtplugin.dll
2011-03-10 09:14:03	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 09:14:02	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-10 09:14:02	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 09:14:02	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-10 09:14:01	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-03-10 09:14:01	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-02-25 07:38:59	145408	----a-w-	c:\windows\system32\WsmAuto.dll
2011-02-25 07:38:58	252416	----a-w-	c:\windows\system32\WSManMigrationPlugin.dll
2011-02-25 07:38:58	246272	----a-w-	c:\windows\system32\WSManHTTPConfig.exe
2011-02-25 07:38:58	241152	----a-w-	c:\windows\system32\winrscmd.dll
2011-02-25 07:38:58	214016	----a-w-	c:\windows\system32\WsmWmiPl.dll
2011-02-25 07:38:57	1181696	----a-w-	c:\windows\system32\WsmSvc.dll
.
==================== Find3M  ====================
.
2011-02-14 21:03:09	2892	----a-w-	c:\windows\system32\audcon.sys
2011-02-02 20:40:23	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-02-02 16:11:20	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-01-20 16:08:16	478720	----a-w-	c:\windows\system32\dxgi.dll
2011-01-20 16:08:06	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06	189952	----a-w-	c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06	1029120	----a-w-	c:\windows\system32\d3d10.dll
2011-01-20 16:07:58	37376	----a-w-	c:\windows\system32\cdd.dll
2011-01-20 16:07:42	258048	----a-w-	c:\windows\system32\winspool.drv
2011-01-20 16:07:16	586240	----a-w-	c:\windows\system32\stobject.dll
2011-01-20 16:06:38	2873344	----a-w-	c:\windows\system32\mf.dll
2011-01-20 16:06:35	26112	----a-w-	c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54	98816	----a-w-	c:\windows\system32\mfps.dll
2011-01-20 16:04:54	209920	----a-w-	c:\windows\system32\mfplat.dll
2011-01-20 14:28:38	1554432	----a-w-	c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50	876032	----a-w-	c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30	667648	----a-w-	c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25	847360	----a-w-	c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32	288768	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26	135680	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10	979456	----a-w-	c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39	357376	----a-w-	c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03	302592	----a-w-	c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03	261632	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34	486400	----a-w-	c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51	683008	----a-w-	c:\windows\system32\d2d1.dll
2011-01-20 13:44:05	1068544	----a-w-	c:\windows\system32\DWrite.dll
2011-01-20 13:44:03	797184	----a-w-	c:\windows\system32\FntCache.dll
2011-01-08 08:47:50	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-01-08 06:28:49	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-01-02 21:45:13	151552	------w-	c:\windows\system32\pxwma.dll
2010-12-31 13:57:01	2039808	----a-w-	c:\windows\system32\win32k.sys
2010-12-28 15:55:03	413696	----a-w-	c:\windows\system32\odbc32.dll
.
============= FINISH: 11:16:52,46 ===============