Blick drauf setzen

Das Perd mit dem Virus · 15.08.2007, 15:56

Also nochmal sry dass ich gegen die Regel verstoßen habe.
Ich nutze Windows XP und dass Problem ist wenn ich was downloade und dass instaliere mach einfach neustart. Dass ist aber nicht immer so manchmal kann ich auch sachen Problemlos instalieren.
Also sollte ihr mal ein blick auf die Prozesse setzten.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:09, on 15.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\McAfee\MSK\MskAgent.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Programme\SiteAdvisor\6066\SiteAdv.exe
C:\Programme\Virtual CD v8\System\VC8Play.exe
C:\WINDOWS\system32\ppfsys.exe
C:\windows\hffext\hffsrv.exe
C:\Programme\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\BitTorrent\bittorrent.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\Programme\Virtual CD v8\System\VC8Tray.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
C:\Programme\Skype\Plugin Manager\SkypePM.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programme\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programme\McAfee\MSK\MskSrver.exe
C:\Programme\McAfee\MPS\mpsevh.exe
C:\Programme\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Virtual CD v8\System\VC8SecS.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\ISW\alice\signup\connctas.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Dokumente und Einstellungen\Pascal\Desktop\HiJackThis202.exe

Das Perd mit dem Virus · 15.08.2007, 15:59

So Rene-gad hat empfohlen die datein bei www.virustotal.com zu Prüfen und dann HJT-Log hir posten.

C:\WINDOWS\system32\ppfsys.exe
C:\windows\hffext\hffsrv.exe

Ich konnte die datei aber nicht finden.
Dann hat Rene-gad wieder was vorgeschlagen.
Dass hab ich dann auch gemacht aber wie soll ich bei den Suchergebnissen die Datei da nu hochladen?

Das Perd mit dem Virus · 15.08.2007, 16:07

So hab die Datei einfach von der Suche auf den detops kopiert und dann hogeladen hir dass ergebnis.
Von der Datei ppfsys.exe.

AhnLab-V3 2007.8.15.0 2007.08.14 -
AntiVir 7.4.1.62 2007.08.15 -
Authentium 4.93.8 2007.08.15 -
Avast 4.7.1029.0 2007.08.13 -
AVG 7.5.0.476 2007.08.14 -
BitDefender 7.2 2007.08.15 -
CAT-QuickHeal 9.00 2007.08.14 (Suspicious) - DNAScan
ClamAV 0.91 2007.08.15 -
DrWeb 4.33 2007.08.15 -
eSafe 7.0.15.0 2007.08.10 Suspicious Trojan/Worm
eTrust-Vet 31.1.5061 2007.08.15 -
Ewido 4.0 2007.08.15 -
FileAdvisor 1 2007.08.15 -
Fortinet 2.91.0.0 2007.08.15 -
F-Prot 4.3.2.48 2007.08.14 -
F-Secure 6.70.13030.0 2007.08.15 -
Ikarus T3.1.1.12 2007.08.15 -
Kaspersky 4.0.2.24 2007.08.15 -
McAfee 5097 2007.08.14 -
Microsoft 1.2704 2007.08.15 -
NOD32v2 2464 2007.08.15 -
Norman 5.80.02 2007.08.15 -
Panda 9.0.0.4 2007.08.14 -
Prevx1 V2 2007.08.15 -
Rising 19.36.22.00 2007.08.15 -
Sophos 4.20.0 2007.08.12 -
Sunbelt 2.2.907.0 2007.08.14 VIPRE.Suspicious
Symantec 10 2007.08.15 -
TheHacker 6.1.8.168 2007.08.14 -
VBA32 3.12.2.2 2007.08.14 -
VirusBuster 4.3.26:9 2007.08.15 -
Webwasher-Gateway 6.0.1 2007.08.15 -

Das Perd mit dem Virus · 15.08.2007, 16:51

So hir nur der Berich von der Datei hffsrv.exe.

Dass ist nich alles weil es bei TheHacker einfach ncht weiter ging.

Aber ich kenne es dass ist ein Pogramm wo mann ordner mit Passwort fesehen konnte am Bild von der exe sehen.

AhnLab-V3 2007.8.15.0 2007.08.14 -
AntiVir 7.4.1.62 2007.08.15 -
Authentium 4.93.8 2007.08.15 -
Avast 4.7.1029.0 2007.08.13 -
AVG 7.5.0.476 2007.08.14 -
BitDefender 7.2 2007.08.15 -
CAT-QuickHeal 9.00 2007.08.14 -
ClamAV 0.91 2007.08.15 -
DrWeb 4.33 2007.08.15 -
eSafe 7.0.15.0 2007.08.10 -
eTrust-Vet 31.1.5061 2007.08.15 -
Ewido 4.0 2007.08.15 -
FileAdvisor 1 2007.08.15 -
Fortinet 2.91.0.0 2007.08.15 -
F-Prot 4.3.2.48 2007.08.14 -
F-Secure 6.70.13030.0 2007.08.15 -
Ikarus T3.1.1.12 2007.08.15 -
Kaspersky 4.0.2.24 2007.08.15 -
McAfee 5097 2007.08.14 -
Microsoft 1.2704 2007.08.15 -
NOD32v2 2464 2007.08.15 -
Norman 5.80.02 2007.08.15 -
Panda 9.0.0.4 2007.08.14 Suspicious file
Prevx1 V2 2007.08.15 -
Rising 19.36.22.00 2007.08.15 -
Sophos 4.20.0 2007.08.12 -
Sunbelt 2.2.907.0 2007.08.14 -
Symantec 10 2007.08.15 -
TheHacker 6.1.8.168 2007.08.14 -

BataAlexander · 15.08.2007, 17:10

OT:

Zitat:

Dann hat Rene-gad wieder was vorgeschlagen.

:aplaus:

Unabhänig von den Virustotal Logs ist Dein HijackThis Logfile sehr unvollständig. Gab es beim ausführen Probleme?
Hier noch mal eine bebilderte Anleitung zum nachlesen.

Bata

Das Perd mit dem Virus · 15.08.2007, 17:36

So ist der aber richtig.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:20, on 15.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\McAfee\MSK\MskAgent.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Programme\SiteAdvisor\6066\SiteAdv.exe
C:\Programme\Virtual CD v8\System\VC8Play.exe
C:\WINDOWS\system32\ppfsys.exe
C:\windows\hffext\hffsrv.exe
C:\Programme\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\BitTorrent\bittorrent.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\Programme\Virtual CD v8\System\VC8Tray.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programme\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programme\McAfee\MSK\MskSrver.exe
C:\Programme\McAfee\MPS\mpsevh.exe
C:\Programme\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Virtual CD v8\System\VC8SecS.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\MSN Messenger\usnsvc.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Game Cam v1.4\GameCam.exe
C:\WINDOWS\ISW\alice\signup\connctas.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Dokumente und Einstellungen\Pascal\Desktop\HiJackThis202.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.treiber.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programme\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\programme\mcafee\virusscan\scriptcl.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programme\SiteAdvisor\6066\SiteAdv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MskAgentexe] C:\Programme\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Ulead Photo Express 5 SE Calendar Checker] C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programme\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [VC8Player] C:\Programme\Virtual CD v8\System\VC8Play.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [System: PPFSYS.EXE Don`t remove it!] ppfsys.exe
O4 - HKLM\..\Run: [hffsrv] c:\windows\hffext\hffsrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2346CCE-F250-4B72-9D6D-2E7D26C1BAAE}: NameServer = 213.191.74.18 213.191.92.86
O18 - Protocol: bw+0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw+0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw-0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw-0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw00 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw00s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw10 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw10s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw20 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw20s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw30 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw30s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw40 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw40s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw50 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw50s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw60 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw60s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw70 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw70s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw80 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw80s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw90 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bw90s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwa0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwa0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwb0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwb0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwc0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwc0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwd0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwd0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwe0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwe0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwf0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwf0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwg0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwh0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwh0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwi0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwi0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwj0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwj0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwk0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwk0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwl0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwl0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwm0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwm0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwn0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwn0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwo0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwo0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwp0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwp0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwq0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwq0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwr0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwr0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bws0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bws0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwt0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwt0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwu0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwu0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwv0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwv0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bww0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bww0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwx0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwx0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwy0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwy0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwz0 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: bwz0s - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: offline-8876480 - {D85AF060-4670-4EC0-8CC6-77D8EBA2F1FF} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0034391187186331) (0034391187186331mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\003439~1.EXE
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\GEMEIN~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programme\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programme\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Programme\SiteAdvisor\6066\SAService.exe
O23 - Service: Virtual CD v8 Management Service (VC8SecS) - H+H Software GmbH - C:\Programme\Virtual CD v8\System\VC8SecS.exe

--
End of file - 18908 bytes

Blick drauf setzen

Log-Analyse und Auswertung: Blick drauf setzen