[CODE] $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º º PPFScanner v1.0 (long Scan) º º Scanfile 5 º º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ @Mopao and AHT Scanstart: 16.12.2010 19:16 Microsoft Windows [Version 6.0.6002] Windows Vista (TM) Home Premium Servicepack: Service Pack 2 läuft auf 64-Bit Windows Boot: Normal boot Processor 1: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz Processor 1 Identifier: Intel64 Family 6 Model 15 Stepping 11 Processor 1 Vendor: GenuineIntel Speed of Processor 1: 2331MHZ Processor 2: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz Processor 2 Identifier: Intel64 Family 6 Model 15 Stepping 11 Processor 2 Vendor: GenuineIntel Speed of Processor 2: 2331MHZ PPFScan Version: 1.0.7.2 SeDebugPrivilege: 1 Call: 1 Threads: 1 -> 5868 UAC: aktiviert Admin: ja Mandatory Policy Level: $1 PPFScanner Ordner: C:\PPF\ User: Daniel ProgramData: C:\ProgramData Programfiles: C:\Program Files 32Bit-Programfiles: C:\Program Files (x86) CommonProgramFiles: C:\Program Files\Common Files 32Bit-CommonProgramFiles: C:\Program Files (x86)\Common Files Systemroot: C:\Windows Systemroot aus Registry: C:\Windows UserProfile: C:\Users\Daniel Temporary Files: C:\Users\Daniel\AppData\Local\Temp Applicationdata: C:\Users\Daniel\AppData\Roaming Local Applicationdata: C:\Users\Daniel\AppData\Local Common Applicationdata: C:\ProgramData Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Common Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Java Version: nicht installiert Internet Explorer Version: 8.0.6001.18975 [b]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%[/b] [b]Firewall Regeln (CurrentControlSet)[/b] [b][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules][/b] Schlüsselname (Regelname / GUID) Action Active Dir Protocol Profile RA4 RA6 App Name Desc EmbedCtxt Edge LPort Svc RPort ICMP6 LA6 ICMP4 LSM ============================================================================================================================== ======== ======== ===== ========== ========= ============= ============= ========================================================================== ======================================= =============================================== ================================================================================== ======= =========== ============= ======= ======= =========== ======= ====== WMP-In-UDP-x86 Allow FALSE In 17 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31023 @FirewallAPI.dll,-31006 @FirewallAPI.dll,-31002 FALSE WMP-Out-UDP-x86 Allow FALSE Out 17 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31024 @FirewallAPI.dll,-31010 @FirewallAPI.dll,-31002 FALSE WMP-Out-TCP-x86 Allow FALSE Out 6 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31025 @FirewallAPI.dll,-31014 @FirewallAPI.dll,-31002 FALSE WMPNSS-WMP-In-UDP-NoScope-x86 Allow FALSE In 17 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31323 @FirewallAPI.dll,-31296 @FirewallAPI.dll,-31252 FALSE WMPNSS-WMP-Out-UDP-NoScope-x86 Allow FALSE Out 17 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31324 @FirewallAPI.dll,-31300 @FirewallAPI.dll,-31252 FALSE WMPNSS-WMP-Out-TCP-NoScope-x86 Allow FALSE Out 6 Domain %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31325 @FirewallAPI.dll,-31304 @FirewallAPI.dll,-31252 FALSE WMPNSS-WMP-In-UDP-x86 Allow FALSE In 17 Private LocalSubnet LocalSubnet %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31323 @FirewallAPI.dll,-31296 @FirewallAPI.dll,-31252 FALSE WMPNSS-WMP-Out-UDP-x86 Allow FALSE Out 17 Private LocalSubnet LocalSubnet %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31324 @FirewallAPI.dll,-31300 @FirewallAPI.dll,-31252 FALSE WMPNSS-WMP-Out-TCP-x86 Allow FALSE Out 6 Private LocalSubnet LocalSubnet %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe @FirewallAPI.dll,-31325 @FirewallAPI.dll,-31304 @FirewallAPI.dll,-31252 FALSE {62AE614F-D782-412B-BF34-513E8C8D6DB9} Allow TRUE In 17 LocalSubnet LocalSubnet svchost.exe Windows Live Messenger (SSDP-In) @C:\Program Files (x86)\Windows Live\Messenger\msgslang.8.5.1302.1018.dll,-61143 FALSE 1900 ssdpsrv {6B0AEA48-53AA-4E49-A7A8-37B6D4D0FB31} Allow TRUE In C:\Program Files (x86)\Windows Live\Messenger\livecall.exe Windows Live Messenger (Phone) TRUE {5C0F82D7-6FAA-427F-8811-457D8E8D57BE} Allow TRUE In 17 LocalSubnet LocalSubnet svchost.exe Windows Live Messenger (SSDP-In) @C:\Program Files (x86)\Windows Live\Messenger\msgslang.8.5.1302.1018.dll,-61143 FALSE 1900 ssdpsrv {DDB63441-6048-43F8-AB04-BC0D8FE526F4} Allow TRUE In C:\Program Files (x86)\Windows Live\Messenger\livecall.exe Windows Live Messenger (Phone) TRUE {A671D1B6-53E0-4BD5-93AE-ED027BF5665F} Allow TRUE In 6 Public C:\Program Files (x86)\Bonjour\mDNSResponder.exe Bonjour FALSE {59D11054-DBAA-415F-9D3B-F9AE8D1E86BA} Allow TRUE In 17 Public C:\Program Files (x86)\Bonjour\mDNSResponder.exe Bonjour FALSE TCP Query User{AAB04A74-7172-4941-9399-2BAC1653BB71}C:\program files (x86)\icq6\icq.exe Allow TRUE In 6 Public C:\program files (x86)\icq6\icq.exe ICQ Library ICQ Library FALSE UDP Query User{54B59721-CD31-4D6C-ADD1-72B25F43EE4B}C:\program files (x86)\icq6\icq.exe Allow TRUE In 17 Public C:\program files (x86)\icq6\icq.exe ICQ Library ICQ Library FALSE {3C045FED-8D7A-4302-8E9B-A11494396E60} Allow TRUE In D:\Program Files\Skype\Phone\Skype.exe Skype FALSE {BC845EF6-E81E-43F6-B55D-B255856BF3C2} Allow TRUE In 6 Public C:\Program Files (x86)\Piolet\Piolet.exe Piolet FALSE {3546D5C0-BB75-4294-9186-A4442E09FCD8} Allow TRUE In 17 Public C:\Program Files (x86)\Piolet\Piolet.exe Piolet FALSE {F029F923-1C36-4962-B82A-0CDF0F0DE877} Allow TRUE In 6 Public C:\Program Files (x86)\DNA\btdna.exe DNA (TCP-In) Allow DNA network traffic with Edge Traversal TRUE {E0C68A41-50E3-4A00-9CA2-87408B1C3C69} Allow TRUE In 17 Public C:\Program Files (x86)\DNA\btdna.exe DNA (UDP-In) Allow DNA network traffic with Edge Traversal TRUE {46F0A012-AFF8-4A34-9242-326DC1A7BAFA} Allow TRUE In 17 LocalSubnet LocalSubnet svchost.exe Windows Live Messenger (SSDP-In) @C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200 FALSE 1900 ssdpsrv {333AE1AC-2530-4CFE-B997-D799C13A4C68} Allow TRUE In 6 Public C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Yahoo! Messenger FALSE {AC16C02F-63AC-405C-A01E-5D83DF99411D} Allow TRUE In 17 Public C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Yahoo! Messenger FALSE TCP Query User{3EFC0360-A3B4-4332-AA03-1DE4F6454CE6}C:\users\daniel\program files (x86)\dna\btdna.exe Allow TRUE In 6 Public C:\users\daniel\program files (x86)\dna\btdna.exe btdna.exe btdna.exe FALSE UDP Query User{B930C55F-D319-4F3A-8AFE-D28F3B8F0BE1}C:\users\daniel\program files (x86)\dna\btdna.exe Allow TRUE In 17 Public C:\users\daniel\program files (x86)\dna\btdna.exe btdna.exe btdna.exe FALSE TCP Query User{B07D9CCA-728F-4054-B3D8-B34F7DFF1DFE}C:\program files (x86)\xenu\xenu.exe Allow TRUE In 6 Public C:\program files (x86)\xenu\xenu.exe XENU XENU FALSE UDP Query User{808736AE-86F6-40C5-ABBA-267EAE970D58}C:\program files (x86)\xenu\xenu.exe Allow TRUE In 17 Public C:\program files (x86)\xenu\xenu.exe XENU XENU FALSE TCP Query User{E52BD7DC-110D-486A-B507-071152EB01B4}C:\program files (x86)\tvuplayer\tvuplayer.exe Allow TRUE In 6 Public C:\program files (x86)\tvuplayer\tvuplayer.exe TVUPlayer Component TVUPlayer Component FALSE UDP Query User{FC69E069-B206-4DAC-A749-6EA1370DED1E}C:\program files (x86)\tvuplayer\tvuplayer.exe Allow TRUE In 17 Public C:\program files (x86)\tvuplayer\tvuplayer.exe TVUPlayer Component TVUPlayer Component FALSE TCP Query User{74CF45DB-5961-43A3-93CE-1E20093F8B18}C:\program files (x86)\sopcast\adv\sopadver.exe Allow TRUE In 6 Public C:\program files (x86)\sopcast\adv\sopadver.exe SopCast Adver SopCast Adver FALSE UDP Query User{7E48EB6F-C048-4BA4-90C3-66E3E5E106E9}C:\program files (x86)\sopcast\adv\sopadver.exe Allow TRUE In 17 Public C:\program files (x86)\sopcast\adv\sopadver.exe SopCast Adver SopCast Adver FALSE TCP Query User{E1797B48-24C7-438C-8C18-D5EB85102838}C:\program files (x86)\sopcast\sopcast.exe Allow TRUE In 6 Public C:\program files (x86)\sopcast\sopcast.exe SopCast Main Application SopCast Main Application FALSE UDP Query User{58865B2E-E5C0-4AC2-B050-E64F91F29961}C:\program files (x86)\sopcast\sopcast.exe Allow TRUE In 17 Public C:\program files (x86)\sopcast\sopcast.exe SopCast Main Application SopCast Main Application FALSE TCP Query User{34A2085D-087A-40D9-8170-445E8831FD3F}C:\program files (x86)\icq6.5\icq.exe Allow TRUE In 6 Public C:\program files (x86)\icq6.5\icq.exe ICQ ICQ FALSE UDP Query User{FC2520F8-7F58-49D7-85FE-B0F7B47AC212}C:\program files (x86)\icq6.5\icq.exe Allow TRUE In 17 Public C:\program files (x86)\icq6.5\icq.exe ICQ ICQ FALSE TCP Query User{FFE1D046-25E1-4465-92C7-4C2BFB87EFA8}E:\xampp\xampp\apache\bin\httpd.exe Allow TRUE In 6 Public E:\xampp\xampp\apache\bin\httpd.exe Apache HTTP Server Apache HTTP Server FALSE UDP Query User{B6746DED-4F9F-4970-9062-7D5D0CD078E3}E:\xampp\xampp\apache\bin\httpd.exe Allow TRUE In 17 Public E:\xampp\xampp\apache\bin\httpd.exe Apache HTTP Server Apache HTTP Server FALSE TCP Query User{399A83C8-440E-487E-986F-06A004B4CD83}E:\xampp\xampp\mysql\bin\mysqld.exe Allow TRUE In 6 Public E:\xampp\xampp\mysql\bin\mysqld.exe The MySQL Server The MySQL Server FALSE UDP Query User{20DD14EC-EAAF-4A79-83F3-63003E4768CA}E:\xampp\xampp\mysql\bin\mysqld.exe Allow TRUE In 17 Public E:\xampp\xampp\mysql\bin\mysqld.exe The MySQL Server The MySQL Server FALSE {21900AC3-7ED2-43C2-B3B8-E21CF2D184C4} Allow TRUE In 6 Public C:\Program Files (x86)\Winamp Remote\bin\Orb.exe Orb FALSE {A90424D7-730B-4820-99C8-E313102849B6} Allow TRUE In 17 Public C:\Program Files (x86)\Winamp Remote\bin\Orb.exe Orb FALSE {5E118D76-09F8-4986-8B2D-E6FB8429224F} Allow TRUE In 6 Public C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe OrbTray FALSE {092CF8E7-3EBB-4DB4-A37F-4B3F6A5F9A1F} Allow TRUE In 17 Public C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe OrbTray FALSE {7F92570F-22D3-466B-A987-B36709AE9DCB} Allow TRUE In 6 Public C:\Program Files (x86)\Winamp Remote\bin\OrbIR.exe OrbIR FALSE {03E44DF3-7C6B-4ECE-88F2-5020B86F6D1F} Allow TRUE In 17 Public C:\Program Files (x86)\Winamp Remote\bin\OrbIR.exe OrbIR FALSE {FA61DA20-920E-4870-B703-296654BB9086} Allow TRUE In 6 Public C:\Program Files (x86)\Winamp Remote\bin\OrbStreamerClient.exe Orb Stream Client FALSE {1B4AA302-7D79-4349-8AFB-F2B5B45E23C9} Allow TRUE In 17 Public C:\Program Files (x86)\Winamp Remote\bin\OrbStreamerClient.exe Orb Stream Client FALSE TCP Query User{5D0F44B7-EB6F-433C-855C-BBF50F00B8B9}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe Allow TRUE In 6 Public C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe Camfrog Client Module Camfrog Client Module FALSE UDP Query User{D0B2C6FF-1367-4C06-831E-5187730A74F9}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe Allow TRUE In 17 Public C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe Camfrog Client Module Camfrog Client Module FALSE {3503CB84-96CC-49B6-95DE-CD348A194CAF} Allow TRUE In 6 Public C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe Teamviewer Remote Control Application FALSE {43F176D7-A810-4FB8-8A1C-0D137DEB4FF3} Allow TRUE In 17 Public C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe Teamviewer Remote Control Application FALSE TCP Query User{7EC74BD2-645C-4E18-9D64-046167D57FF7}C:\program files (x86)\google\google earth\plugin\geplugin.exe Allow TRUE In 6 Public C:\program files (x86)\google\google earth\plugin\geplugin.exe Google Earth Google Earth FALSE UDP Query User{1B81240E-086E-4FE6-B776-535C6644D5AE}C:\program files (x86)\google\google earth\plugin\geplugin.exe Allow TRUE In 17 Public C:\program files (x86)\google\google earth\plugin\geplugin.exe Google Earth Google Earth FALSE TCP Query User{754EF751-47F1-4210-A579-99D68C4B8105}C:\program files (x86)\google\google earth\client\googleearth.exe Allow TRUE In 6 Public C:\program files (x86)\google\google earth\client\googleearth.exe Google Earth Google Earth FALSE UDP Query User{70F080FD-D8BA-4177-BB94-D6C460FEACDD}C:\program files (x86)\google\google earth\client\googleearth.exe Allow TRUE In 17 Public C:\program files (x86)\google\google earth\client\googleearth.exe Google Earth Google Earth FALSE TCP Query User{15AC7EC3-53DA-49F2-B709-4B473E31F5A8}C:\program files (x86)\mozilla firefox\firefox.exe Allow TRUE In 6 Public C:\program files (x86)\mozilla firefox\firefox.exe Firefox Firefox FALSE UDP Query User{039B62CE-0A8D-4270-9B6C-EFC3A76FA0CB}C:\program files (x86)\mozilla firefox\firefox.exe Allow TRUE In 17 Public C:\program files (x86)\mozilla firefox\firefox.exe Firefox Firefox FALSE {A916A0A9-C980-4100-A0C9-C83B4BA6CBA0} Allow TRUE In 6 Domain C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {107722C8-48EE-4236-8555-9A35B98A2969} Allow TRUE In 17 Domain C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {B797691B-53CC-4AE6-8451-363211C63900} Allow TRUE In 6 Private C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {BB25D615-0743-4FA2-B26F-51FD61D821BD} Allow TRUE In 17 Private C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {D3661E49-C464-4DA1-97D7-5812C416B66B} Allow TRUE In 6 Public C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {384FCF16-0570-4A5D-B8A7-AEEF6BA2F2F3} Allow TRUE In 17 Public C:\Program Files (x86)\ICQ7.2\ICQ.exe ICQ7.2 FALSE {D1BBB229-DB61-4D7F-AC8B-1C5E3318256A} Allow TRUE In 6 Domain C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE {87DD1A68-46AB-4E6A-8C4C-F9223EFFB902} Allow TRUE In 17 Domain C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE {D39C4F4B-C419-468A-B97E-9AC59628EF77} Allow TRUE In 6 Private C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE {F5E6FFAD-4BC6-44E2-B02E-991822A08887} Allow TRUE In 17 Private C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE {90641A12-3DD7-4A4D-ACB4-C606518CFD70} Allow TRUE In 6 Public C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE {D7EBAA65-1C43-402D-9DCF-D050A6156AAF} Allow TRUE In 17 Public C:\Program Files (x86)\ICQ7.2\aolload.exe aolload.exe FALSE [b]Firewall 'eingeschränkte Dienste' (CurrentControlSet)[/b] [b][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System][/b] Schlüsselname (Regelname / GUID) Action Active Dir Protocol Profile RA4 RA6 App Name Desc EmbedCtxt Edge LPort Svc RPort ICMP6 LA6 ICMP4 LSM ================================== ======== ======== ===== ========== ========= ============= ============= ========================================================================== =================================================== ================================================== ================================================================================== ======= =========== ================================ ======= ======= =========== ======= ====== [b]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%[/b] ***** Ende des Scans 16.12.2010 um 21:30 *** [/CODE]