تعببتك معي يالغلا
ComboFix 09-04-23.A0 - user 04/23/2009 13:55.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.971.1033.18.511.211 [GMT 3:00]
Running from: c:\********s and settings\user\My ********s\Downloads\Programs\ComboFix.exe
AV: Avira Premium Security Suite *On-access scanning disabled* (Updated)
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\********s and settings\All Users\********s\Adobe PDF\Desktop_.ini
c:\********s and settings\All Users\********s\Adobe PDF\Extras\Desktop_.ini
c:\********s and settings\All Users\********s\Adobe PDF\Settings\Desktop_.ini
c:\********s and settings\All Users\********s\EA Games\Desktop_.ini
c:\********s and settings\All Users\********s\EA Games\The Sims 2\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\My Playlists\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Sample Music\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Sample Playlists\00130F65\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Sample Playlists\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Sync Playlists\203FDC\Desktop_.ini
c:\********s and settings\All Users\********s\My Music\Sync Playlists\Desktop_.ini
c:\********s and settings\All Users\********s\My Pictures\Desktop_.ini
c:\********s and settings\All Users\********s\My Pictures\Sample Pictures\Desktop_.ini
c:\********s and settings\All Users\********s\My Videos\Desktop_.ini
c:\********s and settings\user\Desktop\موسيقى رقص\Desktop_.ini
c:\windows\regedit.com
c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\system32\kakle.dll
c:\windows\system32\taskmgr.com
c:\windows\system32\Ultra.dll
c:\windows\system32\winitn.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Service_Iprip
((((((((((((((((((((((((( Files Created from 2009-05-23 to 2009-4-23 )))))))))))))))))))))))))))))))
.
2009-04-13 09:56 . 2004-08-03 21:56 363520 ----a-w c:\windows\system32\dllcache\psisdecd.dll
2009-04-12 17:24 . 2009-04-21 14:23 145 ----a-w c:\windows\system32\sarkophage.ini
2009-04-12 17:22 . 2006-06-02 22:07 453120 ----a-w c:\windows\system32\srksrv.exe
2009-04-12 17:22 . 2006-05-07 17:17 202240 ----a-w C:\sarko.dll
2009-04-12 17:22 . 2009-04-12 17:22 -------- d-----w c:\program files\Sarkophage
2009-04-12 17:22 . 2006-06-02 22:25 1048064 ----a-w c:\windows\system32\Sarkophage.exe
2009-04-12 17:22 . 2009-04-12 17:22 12 ----a-w c:\windows\system32\sarkopass.ini
2009-04-05 20:20 . 2009-04-05 20:20 268 ---ha-w C:\sqmdata01.sqm
2009-04-05 20:20 . 2009-04-05 20:20 244 ---ha-w C:\sqmnoopt01.sqm
2009-04-01 18:10 . 2009-04-01 18:10 -------- d-----w c:\program files\Common Files\xing shared
2009-03-31 18:34 . 2009-03-31 18:34 -------- d-----w c:\********s and settings\user\Application Data\Skype
2009-03-31 18:30 . 2009-03-31 18:30 -------- d-----w c:\program files\Common Files\Skype
2009-03-31 18:30 . 2009-03-31 18:30 -------- d-----w c:\********s and settings\All Users\Application Data\Skype
2009-03-31 17:53 . 2009-03-31 17:53 -------- d-----w c:\program files\Google
2009-03-31 17:21 . 2009-03-31 17:21 -------- d-----w c:\program files\MSN Messenger
2009-03-31 11:55 . 2009-03-31 11:55 -------- d-----w c:\********s and settings\user\Application Data\Nokia Multimedia Player
2009-03-31 10:43 . 2009-03-31 10:43 -------- d-----w c:\program files\Common Files\PCSuite
2009-03-31 10:43 . 2009-03-31 10:43 -------- d-----w c:\program files\Common Files\Nokia
2009-03-30 15:00 . 2009-03-30 15:00 -------- d-----w C:\3freet
2009-03-30 11:19 . 2009-03-30 11:19 -------- d-----w c:\********s and settings\user\Application Data\Avira
2009-03-29 20:52 . 2009-03-29 20:52 -------- d-----w c:\program files\CONEXANT
2009-03-28 12:18 . 2008-05-07 10:20 71592 ----a-w c:\windows\system32\drivers\avfwot.sys
2009-03-28 12:18 . 2008-05-07 06:51 71464 ----a-w c:\windows\system32\drivers\avfwim.sys
2009-03-28 12:17 . 2009-03-28 12:17 -------- d-----w c:\program files\Avira
2009-03-27 16:02 . 2009-03-27 16:02 -------- d-----w c:\********s and settings\All Users\Application Data\FLEXnet
2009-03-27 15:16 . 2009-03-27 15:16 -------- d-----w c:\program files\Common Files\Macrovision Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-04-23 11:05 . 2008-12-18 20:05 32 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-04-23 11:05 . 2008-12-18 20:05 32 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-04-23 11:05 . 2008-12-18 20:05 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-23 11:05 . 2008-12-18 20:05 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-03-31 20:55 . 2009-03-31 20:52 290 ------w C:\Win32.Worm.Downladup.Gen.log
2009-03-31 13:43 . 2009-03-12 19:59 304 ----a-w C:\hook.log
2009-03-22 14:19 . 2009-03-22 14:19 268 ---ha-w C:\sqmdata00.sqm
2009-03-22 14:19 . 2009-03-22 14:19 244 ---ha-w C:\sqmnoopt00.sqm
2009-03-20 11:11 . 2009-03-20 11:11 -------- d-----w c:\program files\Traysoft
2009-03-15 09:36 . 2009-03-15 09:36 352256 ----a-w c:\windows\eSellerateEngine.dll
2009-03-15 08:51 . 2009-03-15 08:51 -------- d-----w c:\********s and settings\All Users\Application Data\InterVideo
2009-03-15 08:49 . 2009-03-15 08:49 -------- d-----w c:\program files\Common Files\InterVideo
2009-03-15 08:49 . 2009-03-15 08:49 -------- d-----w c:\program files\InterVideo
2009-03-13 16:26 . 2009-03-13 16:26 -------- d-----w c:\program files\MPEG2_Decoders
2009-03-13 11:35 . 2009-03-12 20:11 150 ----a-w C:\YServer.txt
2009-03-13 09:11 . 2009-03-13 09:11 32 ----a-w C:\ProgDVB.ini
2009-03-12 11:38 . 2008-01-29 14:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys
2009-03-12 11:38 . 2009-03-11 20:58 89601 ----a-w c:\windows\system32\drivers\klick.dat
2009-03-12 11:38 . 2009-03-11 20:58 101287 ----a-w c:\windows\system32\drivers\klin.dat
2009-03-11 20:57 . 2009-03-11 20:57 -------- d-----w c:\program files\Kaspersky Lab
2009-03-11 20:55 . 2009-03-11 20:55 -------- d-----w c:\********s and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-03-09 20:14 . 2005-09-28 09:11 229016 ----a-w c:\********s and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-09 19:59 . 2009-03-09 19:59 -------- d-----w c:\********s and settings\All Users\Application Data\Nero
2009-02-27 20:30 . 2009-02-27 20:30 -------- d-----w c:\program files\Flash Banner Creator
2009-02-09 10:19 . 2004-08-03 20:17 1846272 ----a-w c:\windows\system32\win32k.sys
2009-02-09 10:19 . 2004-08-03 20:17 1846272 ----a-w c:\windows\system32\dllcache\win32k.sys
2009-01-30 15:37 . 2009-01-25 17:23 98304 ----a-w c:\windows\system32\viscomtran.dll
2009-01-25 17:22 . 2009-01-25 17:22 344064 ----a-w c:\windows\system32\dkll.dll
2009-01-25 17:22 . 2009-01-25 17:22 196608 ----a-w c:\windows\system32\maag.dll
2009-01-25 17:22 . 2009-01-25 17:22 1212416 ----a-w c:\windows\system32\ckll.dll
2009-01-25 17:22 . 2009-01-25 17:22 1986560 ----a-w c:\windows\system32\akll.dll
2008-08-11 18:06 . 2008-08-11 11:54 228232 ----a-w c:\********s and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2008-08-07 21:09 . 2006-01-10 14:40 228232 ----a-w c:\********s and settings\user\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-12-17 2606512]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2009-03-31 171448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"TheaterMgr"="c:\program files\AxtromDTV\TheaterMgr.exe" [2007-07-30 53248]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-01-08 53340]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-03-12 206088]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-06-12 266497]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-01 185872]
"EssSpkPhone"="essspk.exe" - c:\windows\essspk.exe [2002-05-31 167936]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-12-17 2606512]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\********s and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2007-05-25 12:22 63040 ----a-w c:\windows\system32\LMIinit.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave4"= serwvdrv.dll
"wave5"= serwvdrv.dll
"wave6"= serwvdrv.dll
"wave7"= serwvdrv.dll
"wave8"= serwvdrv.dll
"wave9"= serwvdrv.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\ 3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\USMT\\MIGWIZ.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"20801:TCP"= 20801:TCP:BitComet 20801 TCP
"20801:UDP"= 20801:UDP:BitComet 20801 UDP
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 DVBNet;DVB Net ETAdapter;c:\windows\system32\DRIVERS\DVBNet.sys [2008-03-31 24064]
R2 LMIInfo;LogMeIn Kernel Information Provider; [x]
R2 stuad;Transaction Coordinator; [x]
R2 stued;COM+ System Appliction;c:\program files\Uninstall Information\smss.exe [2008-08-24 98304]
R3 PAC207;SoC PC-Camera Beta3;c:\windows\system32\DRIVERS\pfc027.sys [2005-11-22 162176]
R3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\DRIVERS\V0090Vid.sys [2005-04-13 138112]
R3 yqfprhqr;yqfprhqr; [x]
R4 LMIRfsClientNP;LMIRfsClientNP; [x]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-03-12 33808]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.s ys [2008-05-07 71592]
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-03-28 164097]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE [2008-06-12 258305]
S2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2008-05-09 41217]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sy s [2007-04-05 46112]
S2 PoliceService;PoliceService;c:\windows\system32\sr ksrv.exe [2006-06-02 453120]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2008-05-07 71464]
S3 DVBSDMC;DVBSDMC;c:\windows\system32\DRIVERS\DVBSDM C.sys [2008-03-31 20224]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4c7589fe-1b06-11de-9391-beba43982de1}]
\****l\AutoRun\command - F:\xp32.exe
\****l\explore\Command - F:\xp32.exe
\****l\open\Command - F:\xp32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b1de6143-e1ab-11dd-92ba-b373eba930fd}]
\****L\autoplAy\coMManD - xlieir.pif
\****L\AutoRun\command - xlieir.pif
\****L\eXplore\CommaNd - xlieir.pif
\****L\oPen\COmmANd - xlieir.pif
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Yahoo! Pager - ~c:\program files\Yahoo!\Messenger\YahooMessenger.exe
HKCU-Run-msnmsgr - ~c:\program files\MSN Messenger\msnmsgr.exe
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*[عزيزي الزائر يتوجب عليك التسجيل لمشاهدة الرابط
للتسجيل اضغط هنا التسجيل مجاني في لايف نت]
uInternet Connection Wizard,****lNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: إضافة إلى حاجب الدعايات - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: avsda.dll
.
.
------- File Associations -------
.
txtfile=c:\windows\notepad.exe %1
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [عزيزي الزائر يتوجب عليك التسجيل لمشاهدة الرابط
للتسجيل اضغط هنا التسجيل مجاني في لايف نت]
Rootkit scan 2009-04-23 14:10
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\sccfg.sys 16384 bytes
scan completed successfully
hidden files: 1
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{58ae071 4-7ec2-4431-a3cc-39b39707cb1b}]
@Denied: (Full) (Everyone)
"Model"=dword:0000006e
"Therad"=dword:0000001c
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76 ,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,9f,c0,5a,f7,7c,3a ,53,b5,f0,2c,6c,89,95,e5,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E916 4-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):74,52,b8,f9,a4,c0,1f,e3,54,3f,99,5 2,b5,0b,51,46,ec,c3,8e,bf,8d,
7e,c1,a4,be,eb,8f,b3,c9,90,7c,81,99,88,14,80,72,18 ,fe,b6,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\LMIinit.dll
- - - - - - - > 'lsass.exe'(856)
c:\windows\system32\avsda.dll
- - - - - - - > 'explorer.exe'(4064)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\avsda.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVIRA\AVIRA PREMIUM SECURITY SUITE\SCHED.EXE
c:\program files\AVIRA\AVIRA PREMIUM SECURITY SUITE\AVGUARD.EXE
c:\program files\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
c:\windows\SYSTEM32\CRYPSERV.EXE
c:\program files\NERO\NERO 7\INCD\INCDSRV.EXE
c:\program files\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\windows\SYSTEM32\LOCATOR.EXE
c:\windows\SYSTEM32\TCPSVCS.EXE
c:\windows\SYSTEM32\PASTISVC.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\PC Connectivity Solution\NclBTHandler.exe
c:\windows\system32\wscntfy.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
.
************************************************** ************************
.
Completion time: 2009-04-23 14:14 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-23 11:14
Pre-Run: 1,389,592,576 bytes free
Post-Run: 2,089,713,664 bytes free
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,3,4,5
290 --- E O F --- 2009-03-23 13:55
22-04-2009
رد: المربع الاسود فوق مؤشر الماوس 
المواضيع المتشابهه 
المربع الاسود فوق مؤشر الماوس 
العرض العادي
