[CODE] $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º º PPFScanner v1.0 (long Scan) º º Scanfile 4 º º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ @Mopao and AHT Scanstart: 16.12.2010 19:16 Microsoft Windows [Version 6.0.6002] Windows Vista (TM) Home Premium Servicepack: Service Pack 2 läuft auf 64-Bit Windows Boot: Normal boot Processor 1: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz Processor 1 Identifier: Intel64 Family 6 Model 15 Stepping 11 Processor 1 Vendor: GenuineIntel Speed of Processor 1: 2331MHZ Processor 2: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz Processor 2 Identifier: Intel64 Family 6 Model 15 Stepping 11 Processor 2 Vendor: GenuineIntel Speed of Processor 2: 2331MHZ PPFScan Version: 1.0.7.2 SeDebugPrivilege: 1 Call: 1 Threads: 1 -> 5868 UAC: aktiviert Admin: ja Mandatory Policy Level: $1 PPFScanner Ordner: C:\PPF\ User: Daniel ProgramData: C:\ProgramData Programfiles: C:\Program Files 32Bit-Programfiles: C:\Program Files (x86) CommonProgramFiles: C:\Program Files\Common Files 32Bit-CommonProgramFiles: C:\Program Files (x86)\Common Files Systemroot: C:\Windows Systemroot aus Registry: C:\Windows UserProfile: C:\Users\Daniel Temporary Files: C:\Users\Daniel\AppData\Local\Temp Applicationdata: C:\Users\Daniel\AppData\Roaming Local Applicationdata: C:\Users\Daniel\AppData\Local Common Applicationdata: C:\ProgramData Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Common Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Java Version: nicht installiert Internet Explorer Version: 8.0.6001.18975 [b]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%[/b] [b]Prozessliste[/b] PID Prozessname Session User Parent-PID Dateiname Dateibeschreibung Firmenname Kommandozeile ====== ======================== ========= ================ ============ =============================================================================== =================================================================== ============================== =================================================================================================================================================================================================== 0 [Nicht ermittelbar!] 0 0 4 System 0 0 488 smss.exe 0 SYSTEM 4 C:\Windows\System32\smss.exe Windows Session Manager Microsoft Corporation 556 csrss.exe 0 SYSTEM 544 C:\Windows\System32\csrss.exe Client-Server-Laufzeitprozess Microsoft Corporation 608 wininit.exe 0 SYSTEM 544 C:\Windows\System32\wininit.exe Windows-Startanwendung Microsoft Corporation 620 csrss.exe 1 SYSTEM 600 C:\Windows\System32\csrss.exe Client-Server-Laufzeitprozess Microsoft Corporation 668 winlogon.exe 1 SYSTEM 600 C:\Windows\System32\winlogon.exe Windows-Anmeldeanwendung Microsoft Corporation 696 services.exe 0 SYSTEM 608 C:\Windows\System32\services.exe Anwendung für Dienste und Controller Microsoft Corporation 708 lsass.exe 0 SYSTEM 608 C:\Windows\System32\lsass.exe Local Security Authority Process Microsoft Corporation 716 lsm.exe 0 SYSTEM 608 C:\Windows\System32\lsm.exe Lokaler Sitzungs-Manager-Dienst Microsoft Corporation 864 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 924 svchost.exe 0 NETZWERKDIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 960 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 328 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 372 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 432 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 712 audiodg.exe 0 328 C:\Windows\System32\audiodg.exe Windows Graphisolierung für Audiogeräte Microsoft Corporation 376 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 1032 SLsvc.exe 0 NETZWERKDIENST 696 C:\Windows\System32\SLsvc.exe Microsoft-Softwarelizenzierungsdienst Microsoft Corporation 1056 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 1228 svchost.exe 0 NETZWERKDIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 1308 ccSvcHst.exe 0 SYSTEM 696 C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe Symantec Service Framework Symantec Corporation "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon 1492 AppSvc32.exe 0 SYSTEM 696 C:\Program Files (x86)\Common Files\Symantec Shared\AppCore\AppSvc32.exe Symantec Application Core Service Symantec Corporation "C:\Program Files (x86)\Common Files\Symantec Shared\AppCore\AppSvc32.exe" 1580 dwm.exe 1 Daniel 372 C:\Windows\System32\dwm.exe Desktopfenster-Manager Microsoft Corporation 1628 explorer.exe 1 Daniel 1544 C:\Windows\explorer.exe Windows-Explorer Microsoft Corporation 1704 spoolsv.exe 0 SYSTEM 696 C:\Windows\System32\spoolsv.exe Spoolersubsystem-Anwendung Microsoft Corporation 1728 taskeng.exe 0 SYSTEM 432 C:\Windows\System32\taskeng.exe Aufgabenplanungsmodul Microsoft Corporation 1768 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 1824 taskeng.exe 1 Daniel 432 C:\Windows\System32\taskeng.exe Aufgabenplanungsmodul Microsoft Corporation 1148 MSASCui.exe 1 Daniel 1628 C:\Program Files\Windows Defender\MSASCui.exe Windows Defender User Interface Microsoft Corporation 1200 RAVCpl64.exe 1 Daniel 1628 C:\Windows\RAVCpl64.exe HD Audio Control Panel Realtek Semiconductor 1480 rundll32.exe 1 Daniel 1628 C:\Windows\System32\rundll32.exe Windows-Hostprozess (Rundll32) Microsoft Corporation 1452 Monitor.exe 1 Daniel 1628 C:\Windows\PixArt\Pac207\Monitor.exe Registry Monitor PixArt Imaging Incorporation "C:\Windows\PixArt\Pac207\Monitor.exe" 1840 rundll32.exe 1 Daniel 1248 C:\Windows\System32\rundll32.exe Windows-Hostprozess (Rundll32) Microsoft Corporation 756 sidebar.exe 1 Daniel 1628 C:\Program Files\Windows Sidebar\sidebar.exe Windows-Sidebar Microsoft Corporation 2128 btdna.exe 1 Daniel 1628 C:\Users\Daniel\Program Files (x86)\DNA\btdna.exe DNA BitTorrent, Inc. "C:\Users\Daniel\Program Files (x86)\DNA\btdna.exe" 2208 hpqtra08.exe 1 Daniel 1628 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe HP Digital Imaging Monitor Hewlett-Packard Co. "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" 2216 SetPoint.exe 1 Daniel 1628 C:\Program Files\Logitech\SetPoint\SetPoint.exe Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. 2336 GoogleCrashHandler.exe 1 Daniel 2168 C:\Users\Daniel\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe Google Installer Google Inc. "C:\Users\Daniel\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe" /crashhandler 2344 ccApp.exe 1 Daniel 2180 C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe Symantec User Session Symantec Corporation "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" 2384 hpwuSchd2.exe 1 Daniel 2180 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe Hewlett-Packard Product Assistant Hewlett-Packard Co. "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" 2416 winampa.exe 1 Daniel 2180 C:\Program Files (x86)\Winamp\winampa.exe Winamp Agent Nullsoft, Inc. "C:\Program Files (x86)\Winamp\winampa.exe" 2664 sidebar.exe 1 Daniel 756 C:\Program Files\Windows Sidebar\sidebar.exe Windows-Sidebar Microsoft Corporation 2868 SSScheduler.exe 1 Daniel 1628 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe McAfee Security Scanner Scheduler McAfee, Inc. "C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe" 2984 SDTrayApp.exe 1 Daniel 2180 C:\Program Files (x86)\Spyware Doctor\SDTrayApp.exe PC Tools Tray Application PC Tools "C:\Program Files (x86)\Spyware Doctor\SDTrayApp.exe" 2992 tsnp2std.exe 1 Daniel 2180 C:\Windows\tsnp2std.exe tsnp2std Microsoft "C:\Windows\tsnp2std.exe" 3048 SetPoint32.exe 1 Daniel 2216 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe "C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe" 1920 AluSchedulerSvc.exe 0 SYSTEM 696 C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe Automatic LiveUpdate Scheduler Service Symantec Corporation "C:\Program Files (x86)\Symantec\LiveUpdate\ALUSchedulerSvc.exe" 1464 SearchSettings.exe 1 Daniel 2180 C:\Program Files (x86)\Search Settings\SearchSettings.exe Search Settings application Vendio Services, Inc. "C:\Program Files (x86)\Search Settings\SearchSettings.exe" 1172 jusched.exe 1 Daniel 2180 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Java(TM) Update Scheduler Sun Microsystems, Inc. "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 624 mDNSResponder.exe 0 SYSTEM 696 C:\Program Files (x86)\Bonjour\mDNSResponder.exe Bonjour Service Apple Inc. "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" 1012 ccSvcHst.exe 0 SYSTEM 696 C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe Symantec Service Framework Symantec Corporation "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon 2324 Snagit32.exe 1 Daniel 1628 C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe Snagit TechSmith Corporation "C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe" 2368 DivXUpdate.exe 1 Daniel 2180 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe DivX Update "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW 2036 TscHelp.exe 1 Daniel 2324 C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe TechSmith HTML Help Helper TechSmith Corporation "C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe" 3120 svchost.exe 0 SYSTEM 696 C:\Windows\SysWOW64\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt 3144 ICQ Service.exe 0 SYSTEM 696 C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ICQIEUpdater Module "C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe" 3188 NBService.exe 0 SYSTEM 696 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe Nero BackItUp Nero AG "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe" 3208 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 3284 IoctlSvc.exe 0 SYSTEM 696 C:\Windows\SysWOW64\IoctlSvc.exe PLFlash DeviceIoControl Service Prolific Technology Inc. C:\Windows\SysWOW64\IoctlSvc.exe 3312 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 3324 svchost.exe 0 NETZWERKDIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 3336 svcntaux.exe 0 SYSTEM 696 C:\Program Files (x86)\Spyware Doctor\svcntaux.exe PC Tools Auxiliary Service PC Tools "C:\Program Files (x86)\Spyware Doctor\svcntaux.exe" 3384 swdsvc.exe 0 SYSTEM 696 C:\Program Files (x86)\Spyware Doctor\swdsvc.exe Spyware Doctor Service PC Tools "C:\Program Files (x86)\Spyware Doctor\swdsvc.exe" 3464 svchost.exe 0 LOKALER DIENST 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 3484 TeamViewer_Service.exe 0 SYSTEM 696 C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe TeamViewer Service TeamViewer GmbH "C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe" -service 3520 svchost.exe 0 SYSTEM 696 C:\Windows\System32\svchost.exe Hostprozess für Windows-Dienste Microsoft Corporation 3572 SearchIndexer.exe 0 SYSTEM 696 C:\Windows\System32\SearchIndexer.exe Microsoft Windows Search-Indexerstellung Microsoft Corporation 3604 YahooAUService.exe 0 SYSTEM 696 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe AutoUpater Service Module Yahoo! Inc. "C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe" 3924 KHALMNPR.exe 1 Daniel 2216 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe Logitech KHAL Main Process Logitech, Inc. 4160 WmiPrvSE.exe 0 SYSTEM 864 C:\Windows\System32\wbem\WmiPrvSE.exe WMI Provider Host Microsoft Corporation 4384 SnagPriv.exe 1 Daniel 2324 C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe Snagit RPC Helper TechSmith Corporation "C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe" 4564 WinMail.exe 1 Daniel 1628 C:\Program Files\Windows Mail\WinMail.exe Windows Mail Microsoft Corporation 4888 hpqste08.exe 1 Daniel 2208 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe HP CUE Status Root Hewlett-Packard Co. "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Officejet 7200 series#1213812260" -Startup 4976 symlcsvc.exe 0 SYSTEM 696 C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe "C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" 4420 hpqbam08.exe 1 Daniel 864 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe HP CUE Alert Popup Window Objects Hewlett-Packard Co. "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding 4300 SnagitEditor.exe 1 Daniel 2324 C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe Snagit Editor TechSmith Corporation "C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe" /X 2804 splwow64.exe 1 Daniel 4300 C:\Windows\splwow64.exe Thunking Spooler APIS from 32 to 64 Process Microsoft Corporation 1076 unsecapp.exe 1 Daniel 864 C:\Windows\System32\wbem\unsecapp.exe Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation 4972 wuauclt.exe 1 Daniel 432 C:\Windows\System32\wuauclt.exe Windows Update Microsoft Corporation 3216 firefox.exe 1 Daniel 1628 C:\Program Files (x86)\Mozilla Firefox\firefox.exe Firefox Mozilla Corporation "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 2748 plugin-container.exe 1 Daniel 3216 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Plugin Container for Firefox Mozilla Corporation "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3216.9c03120.822169950 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" 3216 plugin \\.\pipe\gecko-crash-server-pipe.3216 5980 PPFScan.exe 1 Daniel 1628 C:\PPF\PPFScan.exe Systemscan von Mopao und AHT _ "C:\PPF\PPFScan.exe" [b]Versteckte Prozesse[/b] PID:5600 Dateiname: C:\Program Files (x86)\McAfee Security Scan\2.0.181\mcuicnt.exe Status: Zombie Holder-PID: 2868 PID:3396 Dateiname: C:\Program Files (x86)\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SSAutoRN.exe Status: Zombie Holder-PID: 1012 PID:4348 Dateiname: C:\Program Files (x86)\Spyware Doctor\Update.exe Status: Zombie Holder-PID: 3384 PID:7068 Dateiname: C:\Program Files (x86)\Spyware Doctor\Update.exe Status: Zombie Holder-PID: 3384 PID:3264 Dateiname: C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe Status: Zombie Holder-PID: 4564 PID:2580 Dateiname: C:\Windows\servicing\TrustedInstaller.exe Status: Zombie Holder-PID: (PID Test) PID:3264 Dateiname: C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe Status: Zombie Holder-PID: (PID Test) PID:3396 Dateiname: C:\Program Files (x86)\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SSAutoRN.exe Status: Zombie Holder-PID: (PID Test) PID:4348 Dateiname: C:\Program Files (x86)\Spyware Doctor\Update.exe Status: Zombie Holder-PID: (PID Test) PID:4520 Dateiname: C:\Users\Daniel\AppData\Local\Temp\symlcsv1.exe Status: Zombie Holder-PID: (PID Test) PID:5600 Dateiname: C:\Program Files (x86)\McAfee Security Scan\2.0.181\mcuicnt.exe Status: Zombie Holder-PID: (PID Test) PID:7068 Dateiname: C:\Program Files (x86)\Spyware Doctor\Update.exe Status: Zombie Holder-PID: (PID Test) [b]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%[/b] ***** Ende des Scans 16.12.2010 um 21:35 *** [/CODE]