Beruflich Dokumente
Kultur Dokumente
1 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.759.485 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix3.24.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-
B128-1A293FD8233D}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
/wow section - STAGE 33
/wow section - STAGE 34
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2010-03-24 14:34
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1177238915-1844237615-1417001333-500\Software\Microsoft\Int
ernet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,6e,b1,a3,02,1a,a6,4d,96,cc,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,75,a1,c4,a2,bd,1a,b6,4d,b2,8a,e1,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\cscui.dll
.
Completion time: 2010-03-24 14:38:25
ComboFix-quarantined-files.txt 2010-03-24 18:38
Pre-Run: 22,239,014,912 bytes free
Post-Run: 25,403,498,496 bytes free
- - End Of File - - 10260FFCBDBBC48277245382EB78DCE8