ComboFix 09-01-21.02 - cristi 2009-01-22 16:27:00.1 - NTFSx86
[GMT 2:00]
Running from: c:\documents and settings\cristi\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\cristi\Desktop\CFScript.txt.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
C:\[u]0[/u]37589.log
C:\AUTORUN.INF
C:\lsass.exe.48247687.exe
C:\NetApi00.sys
c:\pagefile.pif
c:\windows\system32\com\lsass.exe
c:\windows\system32\com\netcfg.000
c:\windows\system32\com\netcfg.dll
c:\windows\system32\com\smss.exe
c:\windows\system32\dnsq.dll
.
((((((((((((((((((((((((( Files Created from 2008-12-22 to 2009-01-22 )))))))))))))))))))))))))))))))
.
2009-01-22 16:17 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-01-22 16:04 . 2009-01-22 16:04
d-------- c:\program files\INFOGate
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-22 11:56 --------- d-----w c:\program files\microsoft frontpage
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Czone.lnk - c:\program files\INFOGate\CZone\Czone.exe [2009-01-22 1380864]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ro/
TCP: {F1FC8EB3-D270-474A-BD37-FE7E45E527AC} = 81.181.111.2,80.96.198.2
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 16:28:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-01-22 16:30:53
ComboFix-quarantined-files.txt 2009-01-22 14:30:15
Pre-Run: 7,489,429,504 bytes free
Post-Run: 7,481,339,904 bytes free
58