Trojaner-Board - Metropolitan Police Virus

ComboFix 11-06-19.0r1 - Dan 20.06.2011 17:41:21.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.2046.859 [GMT 2:00]
ausgeführt von:: c:\users\Dan\AppData\Roaming\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 48 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dan\AppData\Local\TempDIR
c:\users\Dan\AppData\Local\TempDIR\SecureW2_TTLS_333.exe
c:\users\Dan\avira_antivir_personal_de.exe
c:\users\Dan\Desktop\Internet Explorer.lnk
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-05-20 bis 2011-06-20 ))))))))))))))))))))))))))))))
.
.
2011-06-20 23:43 . 2011-06-20 18:04 -------- d-----w- C:\_OTL
2011-06-20 18:11 . 2011-06-20 18:11 -------- d-----w- c:\users\Dan\AppData\Roaming\Malwarebytes
2011-06-20 18:10 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-20 18:10 . 2011-06-20 18:10 -------- d-----w- c:\programdata\Malwarebytes
2011-06-20 18:09 . 2011-06-20 18:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-20 18:09 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-20 18:00 . 2011-06-20 18:00 -------- d-----w- c:\program files\7-Zip
2011-06-20 16:12 . 2011-06-20 16:13 -------- d-----w- c:\users\Dan\AppData\Local\temp
2011-06-20 16:12 . 2011-06-20 16:12 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2011-06-20 16:12 . 2011-06-20 16:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-20 01:00 . 2011-06-20 01:00 -------- d-----w- C:\e34848f071a71b4a23bede81
2011-06-17 07:14 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F792352E-5C6A-44E7-B690-456F34550C4A}\mpengine.dll
2011-06-16 16:54 . 2011-06-16 16:54 -------- d-----w- c:\program files\JoWood
2011-06-16 10:47 . 2011-04-30 06:09 758784 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-06-16 10:47 . 2011-04-29 12:49 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 10:47 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 10:47 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 10:47 . 2011-05-02 12:00 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-26 15:32 . 2011-05-26 15:32 1138440 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-20 17:46 . 2007-12-13 19:39 45056 ----a-w- c:\windows\system32\acovcnt.exe
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-13 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-12 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-06-26 778240]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2007-11-19 33136]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2007-11-19 37232]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-11-17 827904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"SDTray"="c:\program files\Spyware Doctor\SDTrayApp.exe" [2007-10-02 1065288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - c:\program files\Google\Google Updater\GoogleUpdater.exe [2007-12-13 124400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-26 19:50 149040 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-03-26 19:42 1057328 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-26 20:12 161328 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-12-13 21:02 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2007-09-26 17:05 734264 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\svcntaux.exe [2007-10-02 742216]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-16 721904]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-08-16 592120]
S2 wDokan;wDokan;c:\windows\system32\drivers\wdokan.sys [2010-05-20 72056]
S2 wDokanMounter;wDokanMounter;c:\program files\Wuala Dokan\mounter.exe [2010-05-20 11776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1552744653-1091913076-34951874-1000Core.job
- c:\users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-22 15:41]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1552744653-1091913076-34951874-1000UA.job
- c:\users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-22 15:41]
.
2011-06-20 c:\windows\Tasks\User_Feed_Synchronization-{39CDB611-D864-426A-A978-52E99E1ECD71}.job
- c:\windows\system32\msfeedssync.exe [2011-06-16 04:32]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
TCP: DhcpNameServer = 194.8.194.60 192.168.2.1
FF - ProfilePath - c:\users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\57dl0v3k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fhl%3Dde%26ui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1 &ltmpl=googlemail&hl=de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-erlkflnpf - c:\users\Dan\AppData\Roaming\zpmqxk.dll
MSConfigStartUp-Veoh - c:\program files\Veoh Networks\Veoh\VeohClient.exe
AddRemove-Amazon MP3 Downloader - c:\program files\Amazon\MP3 Downloader\Uninstall.exe
AddRemove-CloneDVD2 - c:\program files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe
AddRemove-Gothic 3 Community Patch_is1 - d:\spiele\Gothik 3\Community Patch Uninstall\unins000.exe
AddRemove-Mediscript-CD GK1 - c:\progra~1\GK1neu\UNWISE.EXE
AddRemove-MPE - c:\program files\MyPhoneExplorer\uninstall.exe
AddRemove-Sacred_is1 - d:\spiele\Sacred\unins000.exe
AddRemove-Sam and Max - Season One - c:\progra~1\JoWood\SAMAND~1\unwise.exe
AddRemove-SopCast - c:\program files\SopCast\uninst.exe
AddRemove-TV Player - c:\program files\Veetle\VLC\uninstall.exe
AddRemove-TVAnts 1.0 - c:\progra~1\TVAnts\UNWISE.EXE
AddRemove-WinRAR archiver - c:\programme\WinRAR\uninstall.exe
AddRemove-{A2F166A0-F031-4E27-A057-C69733219434}_is1 - c:\onlinegames\Runes of Magic\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-06-20 18:12
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{4b8b3bbf-7107-455d-a956-688770c4174e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11020054
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{52653b22-3d52-4987-a360-225107ab45ad}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:110018f3
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{5745891d-657d-44e6-abf3-c2c7f8581d94}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:08001e8c
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{c991291e-5b9a-4cd0-8873-ee154e7d7e45}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c0018f3
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ddded343-ddf4-4cc6-9570-7a65c8a8f3a2}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0d0015af
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-20 18:25:46
ComboFix-quarantined-files.txt 2011-06-20 16:25
.
Vor Suchlauf: 7.930.232.832 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 20.193.816.576 Bytes frei
.
- - End Of File - - 8A59C70B3DBEDD73FF893F7BFD607C6F