Log Hijack:
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 21:04:51, on 2008-03-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\Smtray.exe
K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
K:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
E:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
K:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
E:\WINDOWS\system32\wuauclt.exe
K:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
E:\WINDOWS\system32\zshp2600.exe
K:\narzedzia\hijackthis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - E:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - k:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - K:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - K:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [AVP] "K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] K:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = K:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - K:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Dodaj do blokowanych banerów - K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O20 - AppInit_DLLs: K:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O20 - Winlogon Notify: klogon - E:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ArcaVir Antivirus Monitor Service (ArcaVirMonitor) - Unknown owner - K:\Program Files\ArcaBit\ArcaVir\AvMon.exe (file missing)
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe" -r (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: iPodService - Apple Computer, Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - E:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
i z Combofixa
- Kod: Zaznacz wszystko
ComboFix 08-03-01 - Mama 2008-02-28 20:44:13.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.220 [GMT 1:00]
Running from: K:\narzedzia\hijackthis\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\WINDOWS\system32\Cfx32.lic
E:\WINDOWS\system32\cfx32.ocx
.
((((((((((((((((((((((((( Files Created from 2008-02-01 to 2008-03-01 )))))))))))))))))))))))))))))))
.
2008-02-27 23:18 . 2008-02-27 23:18 360 --ah----- E:\Documents and Settings\Mama\Dane aplikacji\hpothb07.dat
2008-02-14 12:40 . 2006-08-03 22:19 159,744 --a------ E:\WINDOWS\system32\la-core.dll
2008-02-14 12:14 . 2008-02-14 12:15 56 --a------ E:\ioA.ini
2008-02-11 20:00 . 2008-02-11 20:00 62,468 --ah----- E:\WINDOWS\system32\mlfcache.dat
2008-02-11 00:42 . 2008-02-11 00:58 <DIR> d-------- E:\WINDOWS\system32\XPSViewer
2008-02-11 00:41 . 2008-02-11 00:41 <DIR> d-------- E:\Program Files\Reference Assemblies
2008-02-11 00:37 . 2006-06-29 13:07 14,048 --------- E:\WINDOWS\system32\spmsg2.dll
2008-02-11 00:10 . 2008-02-11 01:07 <DIR> d-------- E:\Program Files\MSECache
2008-02-01 18:17 . 2008-02-22 18:50 <DIR> d-------- E:\Documents and Settings\Mama\Dane aplikacji\OpenOffice.org2
2008-02-01 18:13 . 2008-02-01 18:13 <DIR> d-------- E:\Program Files\OpenOffice.org 2.0
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-01 19:46 32,015,904 --sha-w E:\WINDOWS\system32\drivers\fidbox.dat
2008-03-01 19:46 1,332,512 --sha-w E:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-28 19:02 --------- d-----w E:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2008-02-27 22:18 7,487 -c-ha-w E:\Documents and Settings\Mama\hpothb07.dat
2008-02-27 22:18 259 ---ha-w E:\hpothb07.dat
2008-02-27 20:54 431,204 --sha-w E:\WINDOWS\system32\drivers\fidbox.idx
2008-02-27 20:54 127,724 --sha-w E:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-24 15:36 --------- d-----w E:\Documents and Settings\Mama\Dane aplikacji\WinEdt
2008-02-23 18:57 13,146 --sha-w E:\WINDOWS\system32\KGyGaAvL.sys
2008-02-21 10:26 --------- d-----w E:\Documents and Settings\Mama\Dane aplikacji\AdobeUM
2008-02-13 15:08 --------- d-----w E:\Program Files\Java
2008-02-13 11:21 --------- d-----w E:\Program Files\Neostrada TP
2008-02-11 18:47 --------- d-----w E:\Documents and Settings\Mama\Dane aplikacji\gtk-2.0
2008-02-11 09:37 101,584 -c--a-w E:\Documents and Settings\Mama\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-01-30 20:05 91,700 ----a-w E:\WINDOWS\system32\drivers\klin.dat
2008-01-26 19:43 82,380 ----a-w E:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-20 15:06 --------- d--h--w E:\Program Files\InstallShield Installation Information
2008-01-20 15:06 --------- d-----w E:\Program Files\SAGEM
2007-12-24 22:58 92,064 ----a-w E:\Documents and Settings\Mama\mqdmmdm.sys
2007-12-24 22:58 9,232 ----a-w E:\Documents and Settings\Mama\mqdmmdfl.sys
2007-12-24 22:58 79,328 ----a-w E:\Documents and Settings\Mama\mqdmserd.sys
2007-12-24 22:58 66,656 ----a-w E:\Documents and Settings\Mama\mqdmbus.sys
2007-12-24 22:58 6,208 ----a-w E:\Documents and Settings\Mama\mqdmcmnt.sys
2007-12-24 22:58 5,936 ----a-w E:\Documents and Settings\Mama\mqdmwhnt.sys
2007-12-24 22:58 4,048 ----a-w E:\Documents and Settings\Mama\mqdmcr.sys
2007-12-24 22:58 25,600 ----a-w E:\Documents and Settings\Mama\usbsermptxp.sys
2007-12-24 22:58 22,768 ----a-w E:\Documents and Settings\Mama\usbsermpt.sys
2007-12-19 17:16 478 ---ha-w E:\os582744.bin
2007-12-07 02:14 824,832 ----a-w E:\WINDOWS\system32\wininet.dll
2007-12-05 18:52 108,144 ----a-w E:\WINDOWS\system32\CmdLineExt.dll
2007-12-04 18:42 550,912 ------w E:\WINDOWS\system32\oleaut32.dll
2006-01-26 15:55 0 -c-ha-w E:\Documents and Settings\Administrator\hpothb07.dat
2005-11-04 13:13 0 -c--a-w E:\Documents and Settings\Mama\wind.exe
2005-10-10 09:14 77 -c--a-w E:\Documents and Settings\Mama\gojava.bat
2005-10-10 09:05 77 -c--a-w E:\Documents and Settings\Mama\a.bat
2006-10-19 20:56 56 --sh--r E:\WINDOWS\system32\EFA8D41927.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMONTRAY"="C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe" [2001-08-20 19:24 32768]
"Smapp"="E:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [2001-09-11 15:20 69632]
"AVP"="K:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe" [2007-04-25 13:18 206456]
"Share-to-Web Namespace Daemon"="K:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 04:19 69632]
"SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43 83608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="E:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 13:00 15360]
"Intec Service Drivers"="msmsgrs.exe" []
"Picasa Media Detector"="k:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices]
"Intec Service Drivers"="msmsgrs.exe" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=K:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Acrobat Assistant.lnk]
path=E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acrobat Assistant.lnk
backup=E:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Menu Start^Programy^Autostart^DSLMON.lnk]
path=E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk
backup=E:\WINDOWS\pss\DSLMON.lnkCommon Startup
[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=E:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\E:^Documents and Settings^Mama^Menu Start^Programy^Autostart^HDDlife.lnk]
path=E:\Documents and Settings\Mama\Menu Start\Programy\Autostart\HDDlife.lnk
backup=E:\WINDOWS\pss\HDDlife.lnkStartup
[HKLM\~\startupfolder\E:^Documents and Settings^Mama^Menu Start^Programy^Autostart^OpenOffice.org 2.0.lnk]
path=E:\Documents and Settings\Mama\Menu Start\Programy\Autostart\OpenOffice.org 2.0.lnk
backup=E:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 13:00 15360 E:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2005-11-16 11:57 2207744 K:\Program Files\Gadu-Gadu\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2005-10-18 10:58 278528 K:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
E:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]
E:\Program Files\Tlen.pl\tlen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 E:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2002-02-01 09:46 303104 E:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OLPSYNCH]
--a------ 2006-10-05 02:00 36864 k:\Program Files\Offline Course Player\OlpSynch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2005-10-27 21:41 155648 E:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-31 18:42 32768 k:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
K:\Program Files\Hewlett-Packard\Nowy folder\HP Share-to-Web\hpgs2wnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]
--a------ 2001-09-11 15:20 69632 E:\Program Files\Analog Devices\SoundMAX\Smtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 K:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySheriff]
C:\Program Files\SpySheriff\SpySheriff.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows installer]
C:\winstall.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon]
--a--c--- 2003-10-16 19:07 24576 E:\PROGRA~1\NEOSTR~1\CnxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
-----c--- 2003-10-16 19:07 53248 E:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2003-10-16 19:07 20480 E:\PROGRA~1\NEOSTR~1\Watch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"K:\\Program Files\\Gadu-Gadu\\gg.exe"=
"K:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"K:\\mama\\builder\\ksiazka\\Rozdzial09\\Chat\\Server\\ChatServer.exe"=
"K:\\Program Files\\eMule1\\emule.exe"=
"K:\\mama\\studenci\\builder\\Rozdzial09\\Chat\\Server\\ChatServer.exe"=
"K:\\mama\\studenci\\builder\\chat\\serwer\\Project1.exe"=
"K:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0 for Windows Workstations\\avp.exe"=
"E:\\WINDOWS\\system32\\spoolsv.exe"=
R1 Crlscsi;Crlscsi;E:\WINDOWS\system32\drivers\Crlscsi.sys [1995-11-07 09:57]
R2 BT848;WDM Video Capture;E:\WINDOWS\system32\drivers\BT848.sys [2001-09-03 14:20]
R2 BTTUNER;WDM TvTuner;E:\WINDOWS\system32\drivers\BTTUNER.sys [2001-08-22 14:19]
R2 BTXBAR;WDM Crossbar;E:\WINDOWS\system32\drivers\BTXBAR.sys [2001-09-03 14:26]
R2 GDTdiInterceptor;GDTdiInterceptor;E:\WINDOWS\System32\drivers\GDTdiIcpt.sys [2006-03-28 21:33]
R2 SQLWriter;SQL Server VSS Writer;"E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 02:53]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-02-02 12:31]
S1 Fs_Nla;Fs_Nla;E:\WINDOWS\System32\drivers\wanmcast.sys []
S1 SMBus;Intel(R) SMBus Driver;E:\WINDOWS\system32\DRIVERS\SMBus.sys [2001-08-20 16:33]
S2 ArcaVirMonitor;ArcaVir Antivirus Monitor Service;K:\Program Files\ArcaBit\ArcaVir\AvMon.exe []
S3 arcaen;ArcaVir Monitor Kernel Engine Driver;K:\Program Files\ArcaBit\ArcaVir\arcaen.sys []
S3 arcaev;ArcaVir Monitor Kernel Events Driver;K:\Program Files\ArcaBit\ArcaVir\arcaev.sys []
S3 arcafd;ArcaVir Monitor Kernel Filter Driver;K:\Program Files\ArcaBit\ArcaVir\arcafd.sys []
S3 kvpndev;Kerio VPN adapter;E:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2006-01-23 13:53]
S3 PavSRK.sys;PavSRK.sys;E:\WINDOWS\system32\PavSRK.sys []
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"K:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 20:47:05
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-01 20:48:19
ComboFix-quarantined-files.txt 2008-03-01 19:47:57
.
2008-02-12 22:07:34 --- E O F ---
