Trojaner-Board - Facebook-Virus!

NAch dem GMER erst hängengeblieben ist zeigte es eine Meldung an, vonwegen

Code:

Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt. Für diesen Fehler wurde ein Protokoll erstellt.

BCCode : 100000d1     BCP1 : 0000000C     BCP2 : 00000007     BCP3 : 00000001

BCP4 : BA7125F7     OSVer : 5_1_2600     SP : 3_0     Product : 256_1

(oder so)

OSAM:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 12:48:45 on 08.10.2011
 

OS: Windows XP Professional Service Pack 3 (Build 2600)

Default Browser: Google Inc. Google Chrome 14.0.835.202
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Common]

-----( %SystemRoot%\Tasks )-----

"AppleSoftwareUpdate.job" - "Apple Inc." - I:\Programme\Apple Software Update\SoftwareUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-329068152-2147236587-839522115-500Core.job" - "Google Inc." - I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-329068152-2147236587-839522115-500UA.job" - "Google Inc." - I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

"FacebookUpdateTaskUserS-1-5-21-329068152-2147236587-839522115-500Core.job" - "Facebook Inc." - I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe

"FacebookUpdateTaskUserS-1-5-21-329068152-2147236587-839522115-500UA.job" - "Facebook Inc." - I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe

"1-Klick-Wartung.job" - "TuneUp Software GmbH" - I:\Programme\TuneUpUtilities2006\SystemOptimizer.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"ac3filter.cpl" - ? - I:\WINDOWS\system32\ac3filter.cpl

"DivXControlPanelApplet.cpl" - "DivX, Inc." - I:\WINDOWS\system32\DivXControlPanelApplet.cpl

"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - I:\WINDOWS\system32\FlashPlayerCPLApp.cpl

"infocardcpl.cpl" - "Microsoft Corporation" - I:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - I:\WINDOWS\system32\javacpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Avira AntiVir Personal" - "Avira GmbH" - I:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"Nero BurnRights" - "Nero AG" - I:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl

"QuickTime" - "Apple Inc." - I:\Programme\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"%USB\vid_054c&pid_0155.DeviceDesc%" (ovt519) - "OmniVision Technologies, Inc." - I:\WINDOWS\System32\Drivers\ov519vid.sys

"Acronis Snapshots Manager" (snapman) - "Acronis" - I:\WINDOWS\System32\DRIVERS\snapman.sys

"Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - I:\WINDOWS\System32\DRIVERS\timntr.sys

"Acronis True Image FS Filter" (tifsfilter) - "Acronis" - I:\WINDOWS\System32\DRIVERS\tifsfilt.sys

"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - I:\WINDOWS\System32\Drivers\usbaapl.sys

"ASAPIW2K" (ASAPIW2K) - "VOB Computersysteme GmbH" - I:\WINDOWS\system32\Drivers\asapiW2k.sys

"ati2mtag" (ati2mtag) - "ATI Technologies Inc." - I:\WINDOWS\System32\DRIVERS\ati2mtag.sys

"avgio" (avgio) - "Avira GmbH" - I:\Programme\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - I:\WINDOWS\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - I:\WINDOWS\System32\DRIVERS\avipbb.sys

"BIOS" (BIOS) - "BIOSTAR Group" - I:\WINDOWS\system32\drivers\BIOS.sys

"catchme" (catchme) - ? - I:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys  (File not found)

"Changer" (Changer) - ? - I:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"ElbyCDFL" (ElbyCDFL) - "SlySoft, Inc." - I:\WINDOWS\System32\Drivers\ElbyCDFL.sys

"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - I:\WINDOWS\System32\Drivers\ElbyCDIO.sys

"ElbyDelay" (ElbyDelay) - "Elaborate Bytes AG" - I:\WINDOWS\System32\Drivers\ElbyDelay.sys

"i2omgmt" (i2omgmt) - ? - I:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"lbrtfdc" (lbrtfdc) - ? - I:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"mchInjDrv" (mchInjDrv) - ? - I:\WINDOWS\TEMP\mc21.tmp  (File not found)

"Padus ASPI Shell" (pfc) - "Padus, Inc." - I:\WINDOWS\System32\drivers\pfc.sys

"PCIDump" (PCIDump) - ? - I:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PCLEPCI" (PCLEPCI) - "Pinnacle Systems GmbH" - I:\WINDOWS\system32\drivers\pclepci.sys

"PDCOMP" (PDCOMP) - ? - I:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - I:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - I:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - I:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"Pinnacle Marvin Bus" (MarvinBus) - "Pinnacle Systems GmbH" - I:\WINDOWS\System32\DRIVERS\MarvinBus.sys

"PxHelp20" (PxHelp20) - "Sonic Solutions" - I:\WINDOWS\System32\Drivers\PxHelp20.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - I:\WINDOWS\System32\DRIVERS\ssmdrv.sys

"WDICA" (WDICA) - ? - I:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - I:\WINDOWS\system32\Rundll32.exe I:\WINDOWS\system32\mscories.dll,Install

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - I:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - I:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - I:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - I:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - I:\WINDOWS\system32\mscoree.dll

{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - I:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - I:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL

{12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - I:\WINDOWS\system32\msvidctl.dll

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll

{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - I:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - I:\WINDOWS\system32\msvidctl.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - I:\Programme\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll

{C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - I:\Programme\Acronis\TrueImageHome\tishell.dll

{C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - I:\Programme\Acronis\TrueImageHome\tishell.dll

{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\VISSHE.DLL

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\VISSHE.DLL

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - I:\Programme\iTunes\iTunesMiniPlayer.dll

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll

{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - I:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll

{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\ONFILTER.DLL

{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - I:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - I:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - I:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - I:\Programme\Avira\AntiVir Desktop\shlext.dll

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - I:\WINDOWS\system32\dfshim.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - I:\WINDOWS\system32\dfshim.dll

{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - I:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll

{79BC0345-1015-11D2-A299-006008312725} "Studio.Project" - ? - I:\Programme\Pinnacle\Studio 10\programs\BlueShellExt.dll  (File found, but it contains no detailed information)

{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} "TuneUp Shredder Shell Context Menu Extension" - ? -   (File not found | COM-object registry key not found)

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - I:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - I:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----

{872b5b88-9db5-4310-bdd0-ac189557e5f5} "{872b5b88-9db5-4310-bdd0-ac189557e5f5}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----

{182EC0BE-5110-49C8-A062-BEB1D02A220B} "Adobe PDF" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\ONBttnIE.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - I:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - I:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - I:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{0FB6A909-6086-458F-BD92-1F8EE10042A0} "AC-Pro" - "SimplyGen" - I:\Programme\AutocompletePro\AutocompletePro.dll

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "AcroIEHlprObj Class" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

{AE7CD045-E861-484f-8273-0445EE161910} "AcroIEToolbarHelper Class" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - I:\Programme\DivX\DivX Plus Web Player\npdivx32.dll

{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - I:\Programme\DivX\DivX Plus Web Player\npdivx32.dll

{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} "EpsonToolBandKicker Class" - "SEIKO EPSON CORPORATION" - I:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

{21A88CB9-84D2-4020-A2D1-B25A21034884} "HistoryTriggerBHO Class" - "LG Electronics" - I:\Programme\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - I:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - I:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
 

[LSA Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----

"Authentication packages" - "Acronis" - I:\WINDOWS\system32\relog_ap.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"Adobe Acrobat Speed Launcher.lnk" - "Adobe Systems Incorporated" - I:\Programme\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe  (Shortcut exists | File exists)

"desktop.ini" - ? - I:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - I:\Programme\Microsoft Office\Office14\ONENOTEM.EXE  (Shortcut exists | File exists)

"desktop.ini" - ? - I:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "I:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"

"Facebook Update" - "Facebook Inc." - "I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

"Google Update" - "Google Inc." - "I:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c

"Skype" - "Skype Technologies S.A." - "I:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Acrobat Assistant 7.0" - "Adobe Systems Inc." - "I:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

"Acronis Scheduler2 Service" - "Acronis" - "I:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"

"AcronisTimounterMonitor" - "Acronis" - I:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe

"AppleSyncNotifier" - "Apple Inc." - I:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe

"ATICCC" - ? - "I:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"  (File found, but it contains no detailed information)

"avgnt" - "Avira GmbH" - "I:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

"DivX Download Manager" - "DivX, LLC" - "I:\Programme\DivX\DivX Plus Web Player\DDmService.exe" start

"DivXUpdate" - ? - "I:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

"Intel Display Control" - ? - I:\WINDOWS\system32\igfxcm32.exe  (File not found)

"iTunesHelper" - "Apple Inc." - "I:\Programme\iTunes\iTunesHelper.exe"

"NeroFilterCheck" - "Nero AG" - I:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

"PinnacleDriverCheck" - ? - I:\WINDOWS\system32\\PSDrvCheck.exe

"QuickTime Task" - "Apple Inc." - "I:\Programme\QuickTime\QTTask.exe" -atboottime

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "I:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

"TrueImageMonitor.exe" - "Acronis" - I:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Adobe PDF Port" - "Adobe Systems Incorporated." - I:\WINDOWS\system32\AdobePDF.dll

"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - I:\WINDOWS\system32\mdimon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - I:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

"Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - I:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - I:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

"Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - I:\WINDOWS\system32\Ati2evxx.exe

"ATI Smart" (ATI Smart) - ? - I:\WINDOWS\system32\ati2sgag.exe

"Automatic Updates" (wuauserv) - ? - C:\WINDOWS\system32\wuauserv.dll  (File not found)

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - I:\Programme\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - I:\Programme\Avira\AntiVir Desktop\sched.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - I:\Programme\Bonjour\mDNSResponder.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - I:\Programme\iPod\bin\iPodService.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - I:\Programme\Java\jre6\bin\jqs.exe

"LG SCSI command service" (LGScsiCommandService) - ? - I:\WINDOWS\system32\LGScsiCommandService.exe

"Office  Source Engine" (ose) - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - I:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

"TuneUp WinStyler Theme Service" (TUWinStylerThemeSvc) - "TuneUp Software GmbH" - I:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"AtiExtEvent" - "ATI Technologies Inc." - I:\WINDOWS\system32\Ati2evxx.dll
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - I:\Programme\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===
 

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

aswMBR.exe ging bis jetzt nicht, kam irgendwann ein blauer Screen mit ner Fehlermeldung.
Ich werds gleich nochmal probieren!