Trojaner-Board - TR/Monder.bbwm und TR/Vundo.Gen im System32 Ordner

Hallo,
iche habe seit gestern das Problem das mein AntVir immer wieder den TR/Monder.bbwm und den TR/Vundo.Gen erkennt aber nicht löchen oder sonst eine Aktion durchführen kann. Die Dateien befinden sich immer im System32 Ordener und heißen ubvjssna.dll oder awtqoNHa.dll.

Durchgeführte Programme anch Anleitung:
Vundofix -> kein Erfolg, nichtmal erkannt
VirtumundoBeGone -> Kein Erfolg, nach Neustart wieder da (Log angehängt)
CCleaner -> alles nach Anleitung gelöscht
Anti-Malware -> alles nach Anleitung gemacht (Virus scheint gelöscht zu sein)
HijackThis -> nach Anleitung durchlaufen lassen (Log angehängt)

Virus wird nicht mehr erkannt, ist der denn jetzt wirklich vernichtet und gibt es noch andere Viren auf meinem System. Könnt ihr da mal schauen?!

VirtumundoBeGone Log:

[02/22/2009, 14:12:20] - VirtumundoBeGone v1.5 ( "C:\Dokumente und Einstellungen\Spezi\Desktop\VirtumundoBeGone.exe" )
[02/22/2009, 14:12:31] - Detected System Information:
[02/22/2009, 14:12:31] - Windows Version: 5.1.2600, Service Pack 2
[02/22/2009, 14:12:31] - Current Username: Spezi (Admin)
[02/22/2009, 14:12:31] - Windows is in NORMAL mode.
[02/22/2009, 14:12:31] - Searching for Browser Helper Objects:
[02/22/2009, 14:12:31] - BHO 1: {055FD26D-3A88-4e15-963D-DC8493744B1D} (XTTBPos00 Class)
[02/22/2009, 14:12:31] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader)
[02/22/2009, 14:12:31] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/22/2009, 14:12:31] - BHO 4: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} ()
[02/22/2009, 14:12:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:31] - Checking for HKLM\...\Winlogon\Notify\fccaYPfg
[02/22/2009, 14:12:31] - Found: HKLM\...\Winlogon\Notify\fccaYPfg - This is probably Virtumundo.
[02/22/2009, 14:12:31] - Assigning {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} MSEvents Object
[02/22/2009, 14:12:31] - BHO list has been changed! Starting over...
[02/22/2009, 14:12:31] - BHO 1: {055FD26D-3A88-4e15-963D-DC8493744B1D} (XTTBPos00 Class)
[02/22/2009, 14:12:31] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader)
[02/22/2009, 14:12:31] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/22/2009, 14:12:31] - BHO 4: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} (MSEvents Object)
[02/22/2009, 14:12:31] - ALERT: Found MSEvents Object!
[02/22/2009, 14:12:31] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/22/2009, 14:12:31] - BHO 6: {96EBC9C5-E726-4CE0-B3B6-D0FF65D4B5FA} ()
[02/22/2009, 14:12:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:31] - Checking for HKLM\...\Winlogon\Notify\ljJCvUKB
[02/22/2009, 14:12:31] - Key not found: HKLM\...\Winlogon\Notify\ljJCvUKB, continuing.
[02/22/2009, 14:12:31] - BHO 7: {cb287b37-cd29-45dc-b85b-8d6ff14b9f91} ()
[02/22/2009, 14:12:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:31] - No filename found. Continuing.
[02/22/2009, 14:12:31] - BHO 8: {DD0FECFB-87F3-4CAC-AC03-F5F97941EFA3} ()
[02/22/2009, 14:12:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:31] - Checking for HKLM\...\Winlogon\Notify\awtqoNHa
[02/22/2009, 14:12:31] - Key not found: HKLM\...\Winlogon\Notify\awtqoNHa, continuing.
[02/22/2009, 14:12:31] - BHO 9: {DEE208DE-6B84-4F8E-B679-F502BFB5E446} ()
[02/22/2009, 14:12:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:31] - Checking for HKLM\...\Winlogon\Notify\cbXNHARJ
[02/22/2009, 14:12:31] - Key not found: HKLM\...\Winlogon\Notify\cbXNHARJ, continuing.
[02/22/2009, 14:12:31] - Finished Searching Browser Helper Objects
[02/22/2009, 14:12:31] - *** Detected MSEvents Object
[02/22/2009, 14:12:31] - Trying to remove MSEvents Object...
[02/22/2009, 14:12:32] - Terminating Process: IEXPLORE.EXE
[02/22/2009, 14:12:32] - Terminating Process: RUNDLL32.EXE
[02/22/2009, 14:12:32] - Disabling Automatic Shell Restart
[02/22/2009, 14:12:32] - Terminating Process: EXPLORER.EXE
[02/22/2009, 14:12:32] - Suspending the NT Session Manager System Service
[02/22/2009, 14:12:32] - Terminating Windows NT Logon/Logoff Manager
[02/22/2009, 14:12:33] - Re-enabling Automatic Shell Restart
[02/22/2009, 14:12:33] - File to disable: C:\WINDOWS\system32\fccaYPfg.dll
[02/22/2009, 14:12:33] - Renaming C:\WINDOWS\system32\fccaYPfg.dll -> C:\WINDOWS\system32\fccaYPfg.dll.vir
[02/22/2009, 14:12:33] - File successfully renamed!
[02/22/2009, 14:12:33] - Removing HKLM\...\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[02/22/2009, 14:12:33] - Removing HKCR\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[02/22/2009, 14:12:33] - Adding Kill Bit for ActiveX for GUID: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[02/22/2009, 14:12:33] - Deleting ATLEvents/MSEvents Registry entries
[02/22/2009, 14:12:33] - Removing HKLM\...\Winlogon\Notify\fccaYPfg
[02/22/2009, 14:12:33] - Searching for Browser Helper Objects:
[02/22/2009, 14:12:33] - BHO 1: {055FD26D-3A88-4e15-963D-DC8493744B1D} (XTTBPos00 Class)
[02/22/2009, 14:12:33] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader)
[02/22/2009, 14:12:33] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/22/2009, 14:12:33] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/22/2009, 14:12:33] - BHO 5: {96EBC9C5-E726-4CE0-B3B6-D0FF65D4B5FA} ()
[02/22/2009, 14:12:33] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:33] - Checking for HKLM\...\Winlogon\Notify\ljJCvUKB
[02/22/2009, 14:12:33] - Key not found: HKLM\...\Winlogon\Notify\ljJCvUKB, continuing.
[02/22/2009, 14:12:33] - BHO 6: {cb287b37-cd29-45dc-b85b-8d6ff14b9f91} ()
[02/22/2009, 14:12:33] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:33] - No filename found. Continuing.
[02/22/2009, 14:12:33] - BHO 7: {DD0FECFB-87F3-4CAC-AC03-F5F97941EFA3} ()
[02/22/2009, 14:12:33] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:33] - Checking for HKLM\...\Winlogon\Notify\awtqoNHa
[02/22/2009, 14:12:33] - Key not found: HKLM\...\Winlogon\Notify\awtqoNHa, continuing.
[02/22/2009, 14:12:33] - BHO 8: {DEE208DE-6B84-4F8E-B679-F502BFB5E446} ()
[02/22/2009, 14:12:33] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/22/2009, 14:12:33] - Checking for HKLM\...\Winlogon\Notify\cbXNHARJ
[02/22/2009, 14:12:33] - Key not found: HKLM\...\Winlogon\Notify\cbXNHARJ, continuing.
[02/22/2009, 14:12:33] - Finished Searching Browser Helper Objects
[02/22/2009, 14:12:33] - Finishing up...
[02/22/2009, 14:12:33] - A restart is needed.
[02/22/2009, 14:12:42] - Attempting to Restart via STOP error (Blue Screen!)

HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:06, on 22.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\NetMeter\NetMeter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
C:\WINDOWS\System32\svchost.exe
c:\programme\avira\antivir personaledition classic\avcenter.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
I:\PhoneConnectorVMC.exe
C:\Programme\vodafone\vmclite\vmc.exe
E:\-=ProgZ=-\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ht**tp://www.myfanbase.de/index.php?mid=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ht**tp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ht**tp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ht**tp://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {96EBC9C5-E726-4CE0-B3B6-D0FF65D4B5FA} - (no file)
O2 - BHO: CodecPlugin Class - {cb287b37-cd29-45dc-b85b-8d6ff14b9f91} - (no file)
O2 - BHO: (no name) - {DEE208DE-6B84-4F8E-B679-F502BFB5E446} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [C:\Programme\NetMeter\NetMeter.exe] C:\Programme\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://E:\-=ProgZ=-\LeechGet 2007\\Wizard.html
O8 - Extra context menu item: Mit LeechGet herunterladen - file://E:\-=ProgZ=-\LeechGet 2007\\AddUrl.html
O8 - Extra context menu item: Mit LeechGet parsen - file://E:\-=ProgZ=-\LeechGet 2007\\Parser.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\-=ProgZ=-\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\-=ProgZ=-\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\-=ProgZ=-\ICQ\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\-=ProgZ=-\ICQ\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O16 - DPF: {06293FDE-E099-48D1-BAF7-7ED9DFFB5513} (o2c - simple online objectcreation) - ht**tp://www.o2c.de/download/O2CAreas.CAB
O16 - DPF: {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///E:/-=ProgZ=-/autocad02/InstFred.ocx
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - ht**tp://www3.snapfish.de/SnapfishActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - ht**tp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235256942906
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - ht**tp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1235257628297
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - ht**tp://www.navigram.com/engine/v911/Navigram.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday-Steuerung) - file:///E:/-=ProgZ=-/autocad02/AcDcToday.ocx
O16 - DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} (O2C-Player - area constructor view (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayerac.cab
O16 - DPF: {98474E4F-5229-4CAC-9E28-6D52D992268D} (AS_AR_Control Light Control) - ht**tp://kpscdhaendler.ar-live.de/afc-frontend/main/Setup_AFC_ONLINE_2_7_0_3_STANDARD.cab
O16 - DPF: {AE563724-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///E:/-=ProgZ=-/autocad02/InstBanr.ocx
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (mb Software AG)) - ht**tp://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - ht**tp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview-Steuerung) - file:///E:/-=ProgZ=-/autocad02/AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B970805-F873-407E-8723-746AEF4ECB6D}: NameServer = 139.7.30.125 139.7.30.126
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O21 - SSODL: vadokmxt - {9D42038A-D583-4EEC-AA9D-8E063D666538} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ABBYY FineReader 9.0-Lizenzierungsdienst (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Programme\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Programme\Sceneo\AbsolutTV\Services\PVR\PVRService.exe

--
End of file - 10444 bytes

Danke schonmal im Voraus!!