Support bei Auswertung DDS und Combofix

DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by Patric at 13:25:03 on 2012-03-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6143.3960 [GMT 1:00]
.
AV: COMODO Antivirus *Enabled/Updated* {A7500527-8708-6548-7035-7F679C5FCEA5}
SP: COMODO Defense+ *Enabled/Updated* {1C31E4C3-A132-6AC6-4A85-4415E7D88418}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {9F6B8402-CD67-6410-5B6A-D652628C89DE}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Logitech Maus RX 250\SetPoint.exe
C:\Program Files (x86)\Logitech Maus RX 250\x86\SetPoint32.exe
C:\Program Files (x86)\asus\VirtualCamera\VirCamWS.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Patric\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk.disabled
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk.disabled
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech Maus RX 250\SetPoint.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A}\359454D454E435 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A}\3656C6562627964797D277966696 : DhcpNameServer = 172.24.1.9
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A}\4656661657C647 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A}\74C6F62616C6355796475675962756C6563737 : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{7F34F862-3E66-4BD9-8CED-B71B46FFBF4A}\E4544574541425 : DhcpNameServer = 192.168.0.1
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
{53707962-6F74-2D53-2644-206D7942484F}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun-x64: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\jm53g717.default\
FF - prefs.js: browser.startup.homepage - www.web.de/fm
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R1 EIO64;EIO Driver;C:\Windows\system32\DRIVERS\EIO64.sys --> C:\Windows\system32\DRIVERS\EIO64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-10-19 14904]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-12-1 2253120]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-3 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 WBVGAservice;WB VGA Service;C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [2009-10-19 72248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-10-19 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-10-19 79360]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
S3 S332x64;SPRx3x USB SmartCard Reader;C:\Windows\system32\DRIVERS\S332x64.sys --> C:\Windows\system32\DRIVERS\S332x64.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S4 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
.
=============== Created Last 30 ================
.
2012-03-04 11:57:19	--------	d-----w-	C:\Users\Patric\AppData\Local\Diagnostics
2012-03-04 11:48:36	--------	d-sh--w-	C:\$RECYCLE.BIN
2012-03-04 09:51:39	98816	----a-w-	C:\Windows\sed.exe
2012-03-04 09:51:39	518144	----a-w-	C:\Windows\SWREG.exe
2012-03-04 09:51:39	256000	----a-w-	C:\Windows\PEV.exe
2012-03-04 09:51:39	208896	----a-w-	C:\Windows\MBR.exe
2012-03-04 09:51:28	--------	d-----w-	C:\C2ombo2F2ix12855C
2012-03-04 09:34:53	--------	d-----w-	C:\C2ombo2F2ix14561C
2012-03-04 09:33:57	--------	d-----w-	C:\C2ombo2F2ix
2012-03-04 08:33:53	388096	----a-r-	C:\Users\Patric\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-04 08:33:53	--------	d-----w-	C:\Program Files (x86)\Trend Micro
2012-03-04 01:20:13	414368	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-04 01:06:19	16200	----a-w-	C:\Windows\stinger.sys
2012-03-04 01:05:57	--------	d-----w-	C:\Program Files (x86)\stinger
2012-03-03 23:11:24	--------	d-----w-	C:\Program Files\CCleaner
2012-02-29 21:39:58	--------	d-sh--w-	C:\Windows\System32\%APPDATA%
2012-02-20 09:12:40	8602168	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6659D2B7-9326-4F49-892F-7C4071B54C1B}\mpengine.dll
2012-02-16 06:27:55	509952	----a-w-	C:\Windows\System32\ntshrui.dll
2012-02-16 06:27:55	442880	----a-w-	C:\Windows\SysWow64\ntshrui.dll
2012-02-16 06:27:53	515584	----a-w-	C:\Windows\System32\timedate.cpl
2012-02-16 06:27:53	478720	----a-w-	C:\Windows\SysWow64\timedate.cpl
2012-02-16 06:27:51	3145728	----a-w-	C:\Windows\System32\win32k.sys
2012-02-16 06:27:48	498688	----a-w-	C:\Windows\System32\drivers\afd.sys
2012-02-16 06:27:31	690688	----a-w-	C:\Windows\SysWow64\msvcrt.dll
2012-02-16 06:27:31	634880	----a-w-	C:\Windows\System32\msvcrt.dll
.
==================== Find3M  ====================
.
2012-03-04 08:02:46	45056	----a-w-	C:\Windows\System32\acovcnt.exe
2012-01-26 23:52:58	279656	------w-	C:\Windows\System32\MpSigStub.exe
2011-12-27 10:48:04	175616	----a-w-	C:\Windows\System32\msclmd.dll
2011-12-27 10:48:04	152576	----a-w-	C:\Windows\SysWow64\msclmd.dll
2011-12-14 20:35:25	215128	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2011-12-14 20:34:23	215128	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
2011-12-14 07:11:03	2308096	----a-w-	C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30	1390080	----a-w-	C:\Windows\System32\wininet.dll
2011-12-14 07:03:38	1493504	----a-w-	C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54	1798656	----a-w-	C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18	1127424	----a-w-	C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58	1427456	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2011-12-10 14:24:08	23152	----a-w-	C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 13:27:18,18 ===============