Trojaner-Board - 10 Viruse bei Avira in Quarantäne gefunden.

So hier Combofix:
Code:
ComboFix 13-01-16.01 - Win7 16.01.2013  18:55:10.3.2 - x86

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.2043.779 [GMT 1:00]

ausgeführt von:: c:\users\Win7\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\users\Win7\Desktop\CFScript.txt

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Win7\AppData\Roaming\Arvuqy

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-12-16 bis 2013-01-16  ))))))))))))))))))))))))))))))

.

.

2013-01-16 18:03 . 2013-01-16 18:03        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-01-16 18:03 . 2013-01-16 18:03        --------        d-----w-        c:\users\Acronis Agent User\AppData\Local\temp

2013-01-16 15:33 . 2013-01-16 18:06        --------        d-----w-        c:\users\Win7\AppData\Local\temp

2013-01-16 15:33 . 2013-01-16 17:52        60872        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C668D19-C6E6-4249-A27A-17158AC5355C}\offreg.dll

2013-01-15 13:43 . 2012-11-08 18:00        6812136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C668D19-C6E6-4249-A27A-17158AC5355C}\mpengine.dll

2013-01-09 11:13 . 2012-11-22 04:45        626688        ----a-w-        c:\windows\system32\usp10.dll

2013-01-09 11:13 . 2012-11-23 02:56        2345984        ----a-w-        c:\windows\system32\win32k.sys

2013-01-09 11:13 . 2012-11-09 04:43        492032        ----a-w-        c:\windows\system32\win32spl.dll

2013-01-09 11:13 . 2012-11-01 04:47        1389568        ----a-w-        c:\windows\system32\msxml6.dll

2013-01-07 19:51 . 2013-01-15 16:35        --------        d-----w-        c:\users\Win7\AppData\Roaming\.minecraft

2013-01-07 19:33 . 2013-01-07 19:34        --------        d-----w-        c:\users\Win7\AppData\Roaming\minecraft

2013-01-06 17:30 . 2013-01-06 17:30        --------        d-----w-        c:\program files\Common Files\Java

2013-01-06 17:29 . 2013-01-06 17:29        93640        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll

2013-01-04 18:49 . 2013-01-04 18:49        --------        d-----w-        c:\program files\Common Files\Skype

2013-01-04 18:49 . 2013-01-04 18:49        --------        d-----r-        c:\program files\Skype

2012-12-21 14:22 . 2012-12-16 14:13        295424        ----a-w-        c:\windows\system32\atmfd.dll

2012-12-21 14:22 . 2012-12-16 14:13        34304        ----a-w-        c:\windows\system32\atmlib.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-10 17:41 . 2012-04-28 20:56        74248        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-10 17:41 . 2012-04-28 20:56        697864        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2013-01-06 17:29 . 2012-05-08 06:28        859072        ----a-w-        c:\windows\system32\npdeployJava1.dll

2013-01-06 17:29 . 2012-05-08 06:11        779704        ----a-w-        c:\windows\system32\deployJava1.dll

2012-11-29 15:06 . 2012-12-08 13:41        31584        ----a-w-        c:\windows\system32\TURegOpt.exe

2012-11-29 15:06 . 2012-12-08 14:33        29536        ----a-w-        c:\windows\system32\uxtuneup.dll

2012-11-29 15:06 . 2012-12-08 13:41        21344        ----a-w-        c:\windows\system32\authuitu.dll

2012-11-21 22:38 . 2012-11-21 16:20        270240        ----a-w-        c:\windows\system32\PnkBstrB.exe

2012-11-21 22:32 . 2012-11-21 16:20        234768        ----a-w-        c:\windows\system32\PnkBstrB.ex0

2012-11-21 22:19 . 2012-11-21 16:33        234768        ----a-w-        c:\windows\system32\PnkBstrB.xtr

2012-11-21 17:35 . 2012-11-21 16:21        138264        ----a-w-        c:\windows\system32\drivers\PnkBstrK.sys

2012-11-21 17:28 . 2012-11-21 16:21        138056        ----a-w-        c:\users\Win7\AppData\Roaming\PnkBstrK.sys

2012-11-21 16:20 . 2012-11-21 16:20        75136        ----a-w-        c:\windows\system32\PnkBstrA.exe

2012-11-09 04:42 . 2012-12-13 12:29        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-11-02 05:11 . 2012-12-13 12:30        376832        ----a-w-        c:\windows\system32\dpnet.dll

2012-11-21 13:45 . 2012-05-08 05:45        261600        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

2011-05-09 08:49        176936        ----a-w-        c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\Win7\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-03 138096]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17878704]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]

"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]

2011-12-16 15:52        403616        ----a-w-        c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]

2012-10-09 09:53        4441920        ----a-w-        c:\users\Win7\AppData\Local\Akamai\netsession_win.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-08-27 20:32        59280        ----a-w-        c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]

2012-04-24 17:57        2783040        ----a-w-        c:\program files\CCleaner\CCleaner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr]

2012-10-16 08:31        168264        ----a-w-        c:\users\Win7\AppData\Roaming\DataMgr\datamgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2012-03-08 16:50        4280184        ----a-w-        c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]

2012-11-25 00:45        3093624        ----a-w-        c:\program files\Pando Networks\Media Booster\PMB.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Protector]

2009-07-14 01:14        141824        ----a-w-        c:\windows\System32\wscript.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TU]

2012-10-28 08:54        133536        ----a-w-        c:\users\Win7\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Imizadluo"=c:\users\Win7\AppData\Roaming\Arvuqy\keac.exe

"IExplorer Util"=c:\users\Win7\AppData\Roaming\ie_util.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

.

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]

S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]

S2 AcronisAgent;Acronis Remote Agent Service;c:\program files\Common Files\Acronis\Agent\agent.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]

S2 DMS;Acronis Disk Management Service;c:\program files\Acronis\DiskDirectorAdvanced\mms.exe [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]

S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]

S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]

S3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup        REG_MULTI_SZ           GPSvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

UxTuneUp

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-01-14 14:45        1606760        ----a-w-        c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe

.

Inhalt des "geplante Tasks" Ordners

.

2013-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:41]

.

2013-01-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1702810392-1778331535-792018659-1000Core.job

- c:\users\Win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 21:46]

.

2013-01-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1702810392-1778331535-792018659-1000UA.job

- c:\users\Win7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 21:46]

.

2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-21 13:32]

.

2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-21 13:32]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848&SSPV=IEOB18

uInternet Settings,ProxyOverride = <local>

IE: Free YouTube to MP3 Converter - c:\users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\ku1pvkdl.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q=

FF - prefs.js: browser.search.selectedEngine - FBDownloader Search

FF - prefs.js: browser.startup.homepage - hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=

FF - ExtSQL: 2012-12-08 14:39; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files\Common Files\DVDVideoSoft\plugins\ff

FF - ExtSQL: 2012-12-08 14:40; {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}; c:\users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\ku1pvkdl.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b46f210e000000000000001f16c630b4&q=

FF - user.js: extensions.BabylonToolbar.id - b46f210e000000000000001f16c630b4

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15665

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.814:44

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1702810392-1778331535-792018659-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1702810392-1778331535-792018659-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\system32\atieclxx.exe

c:\program files\Common Files\Acronis\Schedule2\schedul2.exe

c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\system32\taskhost.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\conhost.exe

c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe

c:\windows\system32\conhost.exe

c:\program files\TeamViewer\Version8\TeamViewer.exe

c:\program files\OpenOffice.org 3\program\soffice.exe

c:\program files\OpenOffice.org 3\program\soffice.bin

c:\program files\TeamViewer\Version8\tv_w32.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-01-16  19:10:25 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-01-16 18:10

ComboFix2.txt  2013-01-16 15:33

.

Vor Suchlauf: 13 Verzeichnis(se), 179.153.121.280 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 178.659.803.136 Bytes frei

.

- - End Of File - - 5A96E624075C9C44F74D1FAF353EFE30
MfG
walid