عبدالسميع سرحان |
10-04-2009 22:01 |
أخي الكريم هادي
جزيت خيرا اخي على سرعة الأجابة وهذا هو تقرير الـ combofix
كود:
ComboFix 09-04-04.01 - Administrator 04/10/2009 23:45:05.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.2037.1770 [GMT 3:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Avira Premium Security Suite *On-access scanning enabled* (Updated)
FW: Avira Firewall *enabled*
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Application Data\BITS
c:\documents and settings\Administrator\Application Data\BITS\BITS.ini
c:\documents and settings\Administrator\Application Data\inst.exe
c:\windows\clofghls.dll
c:\windows\IE4 Error Log.txt
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-10 21:17 --------- d-----w c:\documents and settings\Administrator\Application Data\DMCache
2009-04-10 17:15 --------- d-----w c:\program files\Family Games
2009-04-10 16:37 --------- d-----w c:\documents and settings\Administrator\Application Data\Skype
2009-04-10 16:36 --------- d-----w c:\program files\Reference Assemblies
2009-04-10 16:36 --------- d-----w c:\program files\MSBuild
2009-04-10 15:38 --------- d-----w c:\documents and settings\Administrator\Application Data\skypePM
2009-04-10 13:17 --------- d-----w c:\program files\Microsoft Works
2009-04-10 13:17 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-08 15:00 --------- d-----w c:\program files\Norton Security Scan
2009-04-08 15:00 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-08 14:31 --------- d-----w c:\documents and settings\All Users\Application Data\Genimo
2009-04-08 14:27 --------- d-----w c:\documents and settings\Administrator\Application Data\Genimo
2009-04-08 10:01 --------- d-----w c:\program files\Google
2009-04-07 18:44 --------- d-----w c:\program files\DivX
2009-04-05 17:22 --------- d-----w c:\program files\CamStudio
2009-04-03 19:53 --------- d-----w c:\program files\Kasparov Chessmate
2009-04-03 19:47 --------- d-----w c:\program files\ReflexiveArcade
2009-04-03 14:56 --------- d-----w c:\program files\Inkscape
2009-04-02 19:33 --------- d-----w c:\program files\DoubleD
2009-04-02 19:15 --------- d-----w c:\documents and settings\Administrator\Application Data\Internet Saving Optimizer
2009-04-02 19:14 --------- d-----w c:\program files\Nice Prosper
2009-04-02 19:14 --------- d-----w c:\program files\Media Access Startup
2009-04-02 19:13 --------- d-----w c:\program files\System Search Dispatcher
2009-04-02 19:13 --------- d-----w c:\program files\Internet Saving Optimizer
2009-04-02 19:11 --------- dc-h--w c:\documents and settings\All Users\Application Data\{0C2DF936-9DF0-4DB1-AACD-40480B065ABE}
2009-04-01 15:26 --------- d-----w c:\program files\AxySnake
2009-03-30 18:13 --------- d-----w c:\program files\Blender Foundation
2009-03-30 18:13 --------- d-----w c:\documents and settings\Administrator\Application Data\Blender Foundation
2009-03-30 17:41 --------- d-----w c:\documents and settings\Administrator\Application Data\Inkscape
2009-03-26 16:46 --------- d-----w c:\program files\FastStone Image Viewer
2009-03-26 16:46 --------- d-----w c:\documents and settings\Administrator\Application Data\FastStone
2009-03-24 17:43 230,432 ----a-w C:\PAP7501.dat
2009-03-23 20:08 --------- d-----w c:\documents and settings\Administrator\Application Data\DivX
2009-03-21 20:27 407,129 ----a-w c:\windows\MarioForever_Toolbar_Uninstaller_1921.exe
2009-03-21 20:27 --------- d-----w c:\program files\Mario Forever Toolbar
2009-03-21 20:27 --------- d-----w c:\program files\Mario Forever
2009-03-20 19:37 --------- d-----w c:\program files\SWiSHmax
2009-03-19 14:03 --------- d-----w c:\program files\Common Files\Adobe
2009-03-18 18:47 --------- d-----w c:\program files\Common Files\DivX Shared
2009-03-18 17:40 --------- d-----w c:\program files\Windows Live
2009-03-18 17:40 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-03-18 17:40 --------- d-----w c:\program files\Microsoft
2009-03-18 17:37 --------- d-----w c:\program files\Microsoft Sync Framework
2009-03-18 17:37 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-03-18 17:35 --------- d-----w c:\program files\Windows Live SkyDrive
2009-03-18 17:11 --------- d-----w c:\program files\Common Files\Windows Live
2009-03-17 15:56 --------- d-----w c:\program files\SWiSHE.NET
2009-03-14 14:15 --------- d-----w c:\program files\Yahoo!
2009-03-14 14:15 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-14 14:15 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-03-14 14:15 --------- d-----w c:\documents and settings\Administrator\Application Data\Yahoo!
2009-03-13 16:19 --------- d-----w c:\documents and settings\Administrator\Application Data\IBP
2009-03-12 14:33 --------- d-----w c:\program files\IslamicPlayer
2009-03-02 10:33 --------- d-----w c:\documents and settings\Administrator\Application Data\IDM
2009-02-27 12:44 73,216 ----a-w c:\windows\ST6UNST.EXE
2009-02-27 12:44 249,856 ------w c:\windows\Setup1.exe
2009-02-26 14:21 --------- d-----w c:\program files\TechSmith
2009-02-26 14:21 --------- d-----w c:\documents and settings\All Users\Application Data\TechSmith
2009-02-26 14:20 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-26 07:04 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-25 21:16 --------- d-----w c:\program files\Common Files\BOONTY Shared
2009-02-25 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\BOONTY
2009-02-25 20:30 --------- d-----w c:\program files\Common Files\ACD Systems
2009-02-25 16:29 720,896 ----a-w c:\windows\iun6002ev.exe
2009-02-25 16:29 --------- d-----w c:\program files\المصحف المعلم للأطفال
2009-02-21 19:37 --------- d-----w c:\program files\Common Files\Skype
2009-02-21 19:37 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-21 19:37 --------- d-----r c:\program files\Skype
2009-02-20 18:19 --------- d-----w c:\program files\Super DX-Ball Deluxe
2009-02-20 17:24 --------- d-----w c:\program files\Fantasy Tetrix
2009-02-20 17:17 --------- d-----w c:\program files\Alien Shooter
2009-02-20 17:14 --------- d-----w c:\program files\BrixoutXP
2009-02-18 18:52 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom
2009-02-14 17:48 --------- d-----w c:\documents and settings\Administrator\Application Data\Apple Computer
2009-02-14 17:42 --------- d-----w c:\program files\iTunes
2009-02-14 17:42 --------- d-----w c:\program files\iPod
2009-02-14 17:42 --------- d-----w c:\program files\Common Files\Apple
2009-02-14 17:42 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-02-14 17:42 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-14 17:41 --------- d-----w c:\program files\QuickTime
2009-02-14 17:41 --------- d-----w c:\program files\Bonjour
2009-02-14 17:41 --------- d-----w c:\program files\Apple Software Update
2009-02-14 17:41 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-02-06 16:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-01-16 01:54 94,208 ----a-w c:\documents and settings\Administrator\Application Data\ezplay.sys
2009-01-16 01:54 47,360 ----a-w c:\documents and settings\Administrator\Application Data\pcouffin.sys
2009-01-27 01:34 1,044,480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 200,704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-09-18 18:02 28,672 ----a-w c:\program files\mozilla firefox\components\FlashgetXpi.dll
2009-01-08 22:38 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009010920090110\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
03/18/2009 05:42 PM 176128 --a------ c:\program files\Media Access Startup\1.0.0.610\HPIEAddOn.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
09/02/2008 05:05 PM 398776 --a------ c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [04/14/2008 03:12 AM 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [01/17/2009 06:36 PM 39408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [01/14/2009 09:03 PM 2606512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [01/25/2009 06:41 PM 185872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/15/2008 01:04 AM 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [04/14/2008 03:12 AM 53760 c:\windows\system32\narrator.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-03-19 113664]
SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-08-29 6824264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.ACDV"= ACDV.dll
"vidc.DIV3"= DIVXc32.dll
"vidc.DIV4"= DIVXc32f.dll
"msacm.divxa32"= DivXa32.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FlashGetX\\FlashGetX.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2009-01-16 71592]
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe [2009-01-16 344321]
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-01-16 164097]
R2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\avwebgrd.exe [2009-01-16 258305]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2009-01-16 41217]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-18 55152]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 YahooAUService;Yahoo! Updater;c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2009-01-16 71464]
R3 GUCI_AVS;Generic USB Controller Interface (AVS);c:\windows\system32\drivers\GUCI_AVS.sys [2009-01-02 537216]
S2 gupdate1c992d5c907461a;Google Update Service (gupdate1c992d5c907461a);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
.
Contents of the 'Scheduled Tasks' folder
2009-02-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 12:34 PM]
2009-04-10 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [02/20/2009 12:05 AM]
2009-04-10 c:\windows\Tasks\Norton Security Scan for Administrator.job
- c:\program files\Norton Security Scan\Nss.exe [03/11/2009 08:20 PM]
2009-04-10 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [12/31/2008 05:04 PM]
2009-04-10 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [12/31/2008 05:04 PM]
2009-04-10 c:\windows\Tasks\User_Feed_Synchronization-{E497338D-DC65-4432-9386-93857C8A6429}.job
- c:\windows\system32\msfeedssync.exe [08/13/2007 06:36 PM]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Download ALL with IDA
IE: Download with IDA
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\windows\web\related.htm
LSP: avsda.dll
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\INBOXT~1\Inbox.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\n5cxqb4e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\program files\Internet Saving Optimizer\2.2.0.2880\FF\components\NPFFAddOn.dll
FF - component: c:\program files\Media Access Startup\1.0.0.610\FF\components\HPFFAddOn.dll
FF - component: c:\program files\Mozilla Firefox\components\FlashgetXpi.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-11 00:17:32
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-436374069-527237240-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"659BD8E725A05FDCC64118EA787EAA2B534A94FABE"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,92,4f,c7,80,ad,4d,b5,4e,a3,81,52,\
"3A77B377802A4B6183DDE08FDE4AD9AF647A702826"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,92,4f,c7,80,ad,4d,b5,4e,a3,81,52,\
"B34DEDAE08DEBC3D9AE72E5085B5F343BB2B215141"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,92,4f,c7,80,ad,4d,b5,4e,a3,81,52,\
[HKEY_USERS\S-1-5-21-436374069-527237240-839522115-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76DF01AD-D9CB-DC05-D68C-3320B05750F9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"faloiebklfhn"=hex:66,61,62,64,63,6c,69,6a,64,64,6d,70,00,00
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):f0,c2,49,1c,bc,4a,06,83,11,b6,76,87,9c,b7,66,d7,18,31,aa,de,cf,
0e,b1,60,f3,14,85,7e,38,bc,28,14,a0,b6,c2,e5,cd,e1,18,a9,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f113647a-40e4-4e71-b314-24dffef0025b}]
@Denied: (Full) (Everyone)
"Model"=dword:0000004d
"Therad"=dword:00000008
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,0b,b0,0e,82,56,d9,d8,39,8b,ad,1b,f7,d2,b0,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(1060)
c:\windows\system32\avsda.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\Avira Premium Security Suite\sched.exe
c:\program files\Avira\Avira Premium Security Suite\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\TechSmith\SnagIt 9\TscHelp.exe
c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
c:\program files\TechSmith\SnagIt 9\SnagItEditor.exe
.
**************************************************************************
.
Completion time: 04/11/2009 0:19:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-10 21:19:32
Pre-Run: 35,918,794,752 bytes free
Post-Run: 36,697,591,808 bytes free
289 --- E O F --- 2009-03-15 12:14:49
لم أفهم شيء ويبدو أنني أخطات في شيء ما ولم اعرف كيف أوقف الـ avira
|