can I ask you for some help? I have -don't know hoy - downloaded the babylon search tool, which seems to be a very unpleasant thing for many Internet-Users as I am, according to the many threads and questions I have found about it in the net. I deleted some obvious parts of this malware in my registry, but it has not been removed fully: When I open my IE, there is always automatically uploaded a specia babylon-site. Changes in the administration of add-ons didn-t help. Can you find something in my logs?
Thanks a lot!!
Phil
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Philipp at 9:43:21,02 on 05.05.2011
Internet Explorer: 8.0.6001.19048
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.41.1031.18.2971.1009 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\System32\svchost.exe -k Cognizance
c:\Program Files\Fingerprint Sensor\AtService.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\windows\system32\svchost.exe -k rpcss
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\SLsvc.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\windows\system32\AEADISRV.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\windows\system32\svchost.exe -k bthsvcs
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\regedit.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\windows\system32\conime.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Users\Philipp\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
uStart Page = https://webmail.uzh.ch/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Softonic Deutsch FF Toolbar: {9d81af43-de53-48d0-a199-42c2a226b24c} - c:\program files\softonic_deutsch_ff\tbSoft.dll
mURLSearchHooks: Softonic Deutsch FF Toolbar: {9d81af43-de53-48d0-a199-42c2a226b24c} - c:\program files\softonic_deutsch_ff\tbSoft.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - No File
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Softonic Deutsch FF Toolbar: {9d81af43-de53-48d0-a199-42c2a226b24c} - c:\program files\softonic_deutsch_ff\tbSoft.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL
BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Softonic Deutsch FF Toolbar: {9d81af43-de53-48d0-a199-42c2a226b24c} - c:\program files\softonic_deutsch_ff\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [CognizanceTS] rundll32.exe c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [SoundMAX] c:\program files\analog devices\soundmax\soundmax.exe /tray
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
StartupFolder: c:\users\philipp\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\philipp\appdata\roaming\dropbox\bin\Dropbox.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: &AOL Toolbar-Suche - c:\programdata\aol\ietoolbar\resources\de-ch\local\search.html
IE: An OneNote s&enden - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://idlmail08.lotus.uzh.ch/dwa85W.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: APSHook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
LSA: Notification Packages = scecli ASWLNPkg
.
============= SERVICES / DRIVERS ===============
.
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-6-6 51376]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-6-6 12928]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-6-6 12496]
R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-5-16 182576]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-10-13 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-10-13 269480]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-5-16 1176824]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-10-13 61960]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2008-6-10 18944]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-6-6 256512]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-4-8 24936]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2010-10-11 2058776]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-5-15 475520]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-8-21 193840]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-3-27 224384]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2006-12-20 47616]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-4-15 38224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-16 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-16 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-05-05 06:22:55 -------- d-----w- c:\users\philipp\appdata\local\{47544549-B458-4BCD-8DD6-89214304D5CF}
2011-05-04 18:22:01 -------- d-----w- c:\users\philipp\appdata\local\{2DD8E86C-0DDF-4F61-A6FA-5694D9F003D5}
2011-05-04 06:21:20 -------- d-----w- c:\users\philipp\appdata\local\{8F5A314E-2FF2-41AB-9A9F-14F8CA6F37A0}
2011-05-03 07:06:40 -------- d-----w- c:\users\philipp\appdata\local\{2BDD7B91-384E-443D-9752-8A871E420EF6}
2011-05-02 20:04:18 -------- d-----w- c:\program files\Basement Softworks
2011-05-02 19:43:32 -------- d-----w- c:\users\philipp\appdata\roaming\VUPlayer
2011-05-02 19:35:13 -------- d-----w- c:\program files\VUPlayer
2011-05-02 19:05:40 -------- d-----w- c:\users\philipp\appdata\local\{69EBFB71-93D8-4243-8F17-7D00231D65F4}
2011-05-02 07:01:43 -------- d-----w- c:\users\philipp\appdata\local\{B945BF65-3582-480D-92A0-40662E29B868}
2011-05-01 06:57:37 -------- d-----w- c:\users\philipp\appdata\local\{B4AA351B-457A-4521-818B-12983D2A43E5}
2011-04-29 05:32:11 -------- d-----w- c:\users\philipp\appdata\local\{4BE38730-5B12-496F-8721-F662F047A3C4}
2011-04-28 06:58:12 -------- d-----w- c:\users\philipp\appdata\local\{6C67ED5E-5C93-417E-AD86-07E62C3E6CAF}
2011-04-28 06:06:29 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-28 06:06:28 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-28 06:06:20 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 06:54:10 -------- d-----w- c:\users\philipp\appdata\local\{C9405EF2-960B-4343-8D1D-B7DA7574ADA4}
2011-04-26 05:54:14 -------- d-----w- c:\users\philipp\appdata\local\{691724A9-46B6-4AA1-A44A-EE3E8603529B}
2011-04-25 20:58:10 -------- d-----w- c:\users\philipp\appdata\local\{F94D741F-2F80-40B4-AB23-42E11869704A}
2011-04-25 08:17:36 -------- d-----w- c:\users\philipp\appdata\local\{167B242C-DA53-415D-B6F1-CA633D4691E1}
2011-04-23 12:08:54 -------- d-----w- c:\users\philipp\appdata\local\{718228F7-EBD4-42F5-B0F1-4DCE60EFE18C}
2011-04-22 06:18:12 -------- d-----w- c:\users\philipp\appdata\local\{7B47CB0D-C644-428B-B57E-212CF8364C37}
2011-04-21 10:04:46 -------- d-----w- c:\users\philipp\appdata\local\{BAA79C2A-FD8D-4506-82B2-3339DC27F777}
2011-04-21 04:58:27 -------- d-----w- c:\users\philipp\appdata\local\{484277F2-6E4F-4F93-BE7A-CEE60B507FF5}
2011-04-20 08:14:07 -------- d-----w- c:\users\philipp\appdata\local\{F7EA49DC-FEB3-445E-9E3E-6512DEBA421F}
2011-04-19 18:48:21 -------- d-----w- c:\users\philipp\appdata\local\{17372850-9965-4BB0-BF00-C3A55ED83CA9}
2011-04-19 16:19:58 -------- d-----w- c:\program files\Conduit
2011-04-19 16:19:53 -------- d-----w- c:\program files\ConduitEngine
2011-04-19 16:19:47 -------- d-----w- c:\program files\Softonic_Deutsch_FF
2011-04-19 16:18:58 -------- d-----w- c:\program files\FreeTime
2011-04-19 06:47:28 -------- d-----w- c:\users\philipp\appdata\local\{467E03FE-8C8C-42D6-95BC-DA5524BB3688}
2011-04-18 18:46:34 -------- d-----w- c:\users\philipp\appdata\local\{EFC00515-A64B-48A4-94DA-7C248996D634}
2011-04-18 15:44:20 -------- d-----r- c:\users\philipp\Dropbox
2011-04-18 15:40:11 -------- d-----w- c:\users\philipp\appdata\roaming\Dropbox
2011-04-18 06:45:52 -------- d-----w- c:\users\philipp\appdata\local\{51368706-8C34-4A13-9173-B962EEAEAC2D}
2011-04-18 06:05:07 -------- d-----w- c:\users\philipp\appdata\local\{A4853A6A-B741-4572-B3F2-4491191E319A}
2011-04-17 17:46:25 -------- d-----w- c:\users\philipp\appdata\local\{E9B8A4E4-036D-4516-BA4E-D33CB829AE6E}
2011-04-17 05:45:32 -------- d-----w- c:\users\philipp\appdata\local\{AE4B7CD4-3F2A-4ED3-BFC3-3A355DF80F92}
2011-04-16 18:31:11 -------- d-----w- c:\users\philipp\appdata\local\Google
2011-04-16 17:44:34 -------- d-----w- c:\users\philipp\appdata\local\{857F4AFA-4F3B-4B08-8DE7-37E77FC2AFD1}
2011-04-16 06:48:19 -------- d-----w- c:\program files\ESET
2011-04-16 05:43:38 -------- d-----w- c:\users\philipp\appdata\local\{2F425E78-6E4A-4DC1-ABCC-22C97186CA04}
2011-04-15 17:29:58 -------- d-----w- c:\users\philipp\appdata\local\{157643B3-B702-4C66-B789-5C0D20CE54AF}
2011-04-15 11:54:34 -------- d-----w- c:\users\philipp\appdata\roaming\Malwarebytes
2011-04-15 11:54:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-15 11:54:22 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-15 11:54:17 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-15 11:54:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-15 11:48:34 -------- d-----w- c:\windows\system32\appmgmt
2011-04-15 05:49:47 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 05:49:46 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-15 05:49:45 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-15 05:49:45 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-15 05:47:54 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 05:47:53 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 05:47:34 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-15 05:47:34 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-15 05:47:34 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-15 05:46:23 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-04-15 05:45:53 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-15 05:45:25 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-15 05:44:54 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-04-15 05:44:23 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-15 05:29:05 -------- d-----w- c:\users\philipp\appdata\local\{C5893BC2-97B8-4E37-A257-5CC5AA8C6723}
2011-04-14 16:50:02 -------- d-----w- c:\users\philipp\appdata\local\{50E88A48-374B-470D-894D-0F62C17008CD}
2011-04-13 07:21:46 -------- d-----w- c:\users\philipp\appdata\local\{FC5B780D-B553-4A6F-B29B-3D5F0A3419DA}
2011-04-12 18:06:08 -------- d-----w- c:\users\philipp\appdata\local\{913323F5-165E-411E-8AA9-9FB9B8D2FBFB}
2011-04-12 06:05:27 -------- d-----w- c:\users\philipp\appdata\local\{D7F9417C-DB89-4A50-8454-7F71880A6DB2}
2011-04-11 18:04:29 -------- d-----w- c:\users\philipp\appdata\local\{C22DED24-3565-43A4-9C5D-17E75C806F28}
2011-04-11 06:03:43 -------- d-----w- c:\users\philipp\appdata\local\{A2E89A8F-DBC2-4C4E-B4FD-2064100E6D45}
2011-04-10 10:20:54 -------- d-----w- c:\users\philipp\appdata\local\{F3DDA1BA-7E6B-4F56-8F1B-CEDB24588BE0}
2011-04-09 22:19:58 -------- d-----w- c:\users\philipp\appdata\local\{6A8D8B09-F78B-4272-8991-169AFACA7893}
2011-04-09 04:37:45 -------- d-----w- c:\users\philipp\appdata\local\{51EAA2C8-38C0-48AC-AFD6-2F43C199C229}
2011-04-08 04:36:00 -------- d-----w- c:\users\philipp\appdata\local\{07A081DC-E858-4F55-86F1-FD805D490715}
2011-04-07 16:30:28 -------- d-----w- c:\users\philipp\appdata\local\{874ABAE4-5AD9-42A3-ACC2-941E182E4870}
2011-04-07 04:29:47 -------- d-----w- c:\users\philipp\appdata\local\{E2245E91-D8CE-4171-9A80-4B807F9FDEFB}
2011-04-06 09:29:15 -------- d-----w- c:\users\philipp\appdata\local\{B8DC3EF3-6BB7-477C-A635-A54D3DBCFB53}
2011-04-05 20:32:15 -------- d-----w- c:\users\philipp\appdata\local\{5DDE32D8-8DD5-46FA-B40E-5A8D611D6F96}
.
==================== Find3M ====================
.
2011-04-04 19:10:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-22 14:13:01 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33:12 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:33:09 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 06:21:28 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 06:17:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 06:16:53 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 06:16:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-02-22 06:16:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-02-22 05:20:39 385024 ----a-w- c:\windows\system32\html.iec
2011-02-22 04:43:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-02-22 04:42:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 9:46:28,93 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 11.10.2010 23:37:22
System Uptime: 05.05.2011 08:51:13 (1 hours ago)
.
Motherboard: Hewlett-Packard | | 30DB
Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz | Intel(R) Genuine processor | 800/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 61,597 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1,344 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 1 GiB total, 0,972 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
7-Zip 4.65
ActivClient 6.1 x86
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.0.1) - Deutsch
Agere Systems HDA Modem
AOL Toolbar 5.0
AudioCon
AuthenTec Fingerprint System
Avira AntiVir Personal - Free Antivirus
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon iP4800 series Benutzerregistrierung
Canon iP4800 series Printer Driver
Canon My Printer
Canon Solution Menu EX
capella 7
CD-LabelPrint
Conduit Engine
Credential Manager for HP ProtectTools
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
DivX-Setup
Drive Encryption for HP ProtectTools
Dropbox
ESET Online Scanner v3
ESU for Microsoft Vista SP1
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP 3D DriveGuard
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP JavaCard for HP ProtectTools
HP ProtectTools Security Manager
HP ProtectTools Security Manager Suite
HP Quick Launch Buttons 6.40 E1
HP QuickLook 2
HP Software Setup 5.00.A.7
HP Update
HP User Guides 0098
HP Wallpaper
HP Webcam
HP Webcam Application
HP Wireless Assistant
HPNetworkAssistant
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Interface
Intel® Active-Management-Technologie
Intel® Matrix Storage Manager
IrfanView (remove only)
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Office Access MUI (German) 2010
Microsoft Office Communicator 2007
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works 2003-Setup-Start
Microsoft Works 7.0
Microsoft Works Suite-Add-Ins für Microsoft Word
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PDFCreator
Presto! BizCard 5
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Excel 2010 (KB2466146)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Segoe UI
Softonic Deutsch FF Toolbar
SoundMAX
Synaptics Pointing Device Driver
Update für Microsoft Outlook Social Connector (KB2441641)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
VC80CRTRedist - 8.0.50727.4053
Vista Default Settings
VLC media player 1.1.4
VUPlayer
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Works Suite-Betriebssystem-Pack
.
==== End Of File ===========================