آسف على التأخير
هذا هو التقرير
ComboFix 09-05-24.05 - l 05/25/2009 5:55.4 -
FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.767.453 [GMT 3:00]
Running from: c:\documents and settings\l\سطح المكتب\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-04-25 to 2009-05-25 )))))))))))))))))))))))))))))))
.
2009-05-24 21:45 . 2009-04-25 05:30 102400 ------w c:\windows\system32\dllcache\iecompat.dll
2009-05-24 15:39 . 2009-05-24 15:39 -------- d--h--w c:\windows\ie8
2009-05-23 04:09 . 2008-10-15 16:35 337408 ------w c:\windows\system32\dllcache\netapi32.dll
2009-05-20 16:30 . 2009-05-20 16:30 -------- d-sh--w C:\FOUND.009
2009-05-20 14:54 . 2009-05-20 14:54 206088 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-05-20 14:54 . 2009-05-20 14:54 33808 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-20 14:53 . 2009-05-20 14:54 226832 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-20 14:34 . 2009-05-20 14:54 94643 ----a-w c:\windows\system32\drivers\klick.dat
2009-05-20 14:34 . 2009-05-20 14:54 105395 ----a-w c:\windows\system32\drivers\klin.dat
2009-05-20 14:33 . 2009-05-25 02:59 32 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-05-20 14:33 . 2009-05-25 02:59 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-20 14:33 . 2009-05-20 14:33 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-20 11:33 . 2009-05-20 11:33 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-20 02:31 . 2008-09-04 17:15 1106944 ------w c:\windows\system32\dllcache\msxml3.dll
2009-05-20 02:31 . 2008-09-10 01:14 1307648 ------w c:\windows\system32\dllcache\msxml6.dll
2009-05-19 20:36 . 2009-05-19 20:36 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-19 20:33 . 2009-05-19 20:33 -------- d-----w c:\documents and settings\l\Local Settings\Application Data\Deployment
2009-05-19 17:00 . 2009-05-19 17:00 4096 ----a-w c:\windows\d3dx.dat
2009-05-18 00:44 . 2009-05-18 00:44 -------- d-----w c:\documents and settings\l\s
2009-05-18 00:44 . 2009-05-18 00:44 -------- d-----w C:\Temp
2009-05-14 20:00 . 2009-05-14 20:01 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-13 15:40 . 2009-05-13 15:40 -------- d-----w c:\program files\NOS
2009-05-13 15:40 . 2009-05-13 15:40 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-05-13 14:51 . 2009-05-13 14:51 -------- d-----w c:\windows\system32\Adobe
2009-05-13 02:27 . 2009-05-13 02:27 -------- d-sh--w c:\documents and settings\l\PrivacIE
2009-05-13 02:26 . 2009-05-13 02:26 -------- d-sh--w c:\documents and settings\l\IECompatCache
2009-05-13 02:20 . 2009-05-13 02:20 -------- d-sh--w c:\documents and settings\LocalService\IETldCache
2009-05-13 02:19 . 2009-05-13 02:19 -------- d-sh--w c:\documents and settings\l\IETldCache
2009-05-13 02:15 . 2006-06-29 10:07 14048 ------w c:\windows\system32\spmsg2.dll
2009-05-13 02:08 . 2009-05-13 02:08 -------- d-----w c:\windows\system32\XPSViewer
2009-05-13 02:08 . 2009-05-13 02:08 -------- d-----w c:\program files\MSBuild
2009-05-13 02:08 . 2009-05-13 02:08 -------- d-----w c:\program files\Reference Assemblies
2009-05-13 02:08 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll
2009-05-13 02:08 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll
2009-05-13 02:08 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll
2009-05-13 02:08 . 2009-05-13 02:08 -------- d-----w C:\7dff2d573ffc5a534b7769faf8dd
2009-05-13 02:02 . 2009-05-13 02:02 -------- d-----w c:\windows\ie8updates
2009-05-12 19:35 . 2009-05-12 19:35 -------- d-----w c:\program files\Common Files\xing shared
2009-05-12 19:27 . 2009-05-12 19:27 390664 ----a-w c:\documents and settings\l\Application Data\Real\RealPlayer\setup\AU_setup6.exe
2009-05-12 13:32 . 2009-05-12 13:32 390664 ----a-w c:\documents and settings\l\Application Data\Real\RealPlayer\Update\RealPlayer11.exe
2009-05-12 13:28 . 2009-05-12 13:28 -------- d-----w c:\program files\Acoustica Mixcraft 4
2009-05-12 12:50 . 2009-05-12 12:50 -------- d-----w c:\program files\Common Files\SWiSHzone.com
2009-05-12 12:49 . 2009-05-12 12:49 -------- d-----w c:\program files\SWiSH Max2
2009-05-12 01:03 . 2009-05-12 01:03 -------- d-----w c:\documents and settings\l\Application Data\DMCache
2009-05-10 13:10 . 2009-05-10 13:10 -------- d-sh--w C:\FOUND.008
2009-05-09 15:16 . 2009-05-09 15:16 8704 ----a-w c:\documents and settings\l\Application Data\Thinstall\AppData\4000002ca00002h\Rollcage D3D.exe
2009-05-06 23:53 . 2009-05-06 23:53 7168 ----a-w c:\documents and settings\l\Application Data\Thinstall\CuteFTP 8 Professional\4000001d000002i\ftpte.exe
2009-05-06 23:53 . 2009-05-06 23:53 -------- d-----w c:\documents and settings\l\Application Data\Thinstall
2009-05-02 23:42 . 2009-05-02 23:42 -------- d-sh--w C:\FOUND.007
2009-05-02 23:05 . 2009-05-02 23:05 -------- d-----w c:\documents and settings\l\Application Data\Nuotex
2009-05-01 18:25 . 2008-04-14 15:40 14592 ----a-w c:\windows\system32\drivers\kbdhid.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-25 02:59 . 2009-05-20 14:33 32 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-05-25 02:59 . 2009-05-20 14:33 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-25 02:57 . 2001-09-19 09:00 72328 ----a-w c:\windows\system32\perfc001.dat
2009-05-25 02:57 . 2001-09-19 09:00 378124 ----a-w c:\windows\system32\perfh001.dat
2009-05-20 14:54 . 2008-01-29 14:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys
2009-05-13 02:20 . 2008-05-06 19:10 97144 ----a-w c:\documents and settings\l\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-12 19:35 . 2008-05-06 18:53 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-24 14:02 . 2009-04-24 14:02 -------- d-----w c:\documents and settings\All Users\Application Data\TechSmith
2009-04-24 14:02 . 2009-04-24 14:02 -------- d-----w c:\program files\Common Files\TechSmith Shared
2009-04-24 14:02 . 2009-04-24 14:02 -------- d-----w c:\program files\TechSmith
2009-04-24 00:09 . 2009-04-24 00:09 -------- d-----w c:\documents and settings\All Users\Application Data\Blueberry
2009-04-24 00:08 . 2009-04-24 00:08 -------- d-----w c:\documents and settings\l\Application Data\Blueberry
2009-04-24 00:07 . 2009-04-24 00:07 4608 ----a-w c:\windows\system32\bbchlp.dll
2009-04-24 00:07 . 2009-04-24 00:07 2944 ----a-w c:\windows\system32\drivers\bbcap.sys
2009-04-24 00:07 . 2009-04-24 00:07 27776 ----a-w c:\windows\system32\bbcap.dll
2009-04-24 00:07 . 2009-04-24 00:07 -------- d-----w c:\documents and settings\l\Application Data\LogSys
2009-04-24 00:07 . 2009-04-24 00:07 -------- d-----w c:\documents and settings\All Users\Application Data\LogSys
2009-04-23 18:02 . 2009-04-23 18:02 -------- d-----w c:\documents and settings\l\Application Data\GrabPro
2009-04-20 16:23 . 2009-04-20 16:23 -------- d-----w c:\documents and settings\All Users\Application Data\Nokia
2009-04-20 16:22 . 2009-04-20 16:22 3351812 ----a-w c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
2009-04-20 16:22 . 2009-04-20 16:22 36864 ----a-w c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
2009-04-20 16:22 . 2009-04-20 16:22 3181612 ----a-w c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
2009-04-20 16:20 . 2009-04-20 16:22 24568280 ----a-w c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_ar.exe
2009-04-20 16:04 . 2009-04-20 16:04 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-04-20 16:04 . 2009-04-20 16:04 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-04-20 15:56 . 2009-04-20 15:56 -------- d-----w c:\program files\Common Files\PCSuite
2009-04-20 15:56 . 2009-04-20 15:56 -------- d-----w c:\program files\Common Files\Nokia
2009-04-20 15:55 . 2009-04-20 15:55 -------- d-----w c:\program files\PC Connectivity Solution
2009-04-20 15:53 . 2009-04-20 15:53 8192 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-20 15:53 . 2009-04-20 15:53 61440 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-20 15:53 . 2009-04-20 15:53 10240 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-20 15:52 . 2009-04-20 15:53 34649904 ----a-w c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_ara.exe
2009-04-19 19:49 . 2009-04-19 19:49 -------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-04-19 19:34 . 2009-04-19 19:34 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-19 19:32 . 2009-04-19 19:32 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-04-19 19:28 . 2009-04-19 19:28 -------- d-----w c:\program files\Microsoft
2009-04-19 19:28 . 2009-04-19 19:28 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-19 18:52 . 2009-04-19 18:52 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-24 23:53 . 2009-04-23 23:53 59 ----a-w c:\documents and settings\l\Local Settings\Application Data\SUMQU0C1-FE20-APII-YE7M-BEDSDWMY5R6A.dat
2009-03-24 23:52 . 2009-04-23 23:52 82 ----a-w c:\documents and settings\All Users\Application Data\SUMQU0C1-FE20-APII-YE7M-BEDSDWMY5R6A.dat
2009-03-08 01:34 . 2004-08-03 18:55 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2004-08-03 18:55 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2004-08-03 18:55 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2004-08-03 18:55 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 01:32 . 2004-08-03 18:55 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 01:32 . 2004-08-03 18:55 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 01:31 . 2004-08-03 18:55 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 01:31 . 2004-08-03 18:53 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 01:31 . 2004-08-03 18:56 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 01:22 . 2001-09-19 09:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2004-08-03 18:55 283136 ----a-w c:\windows\system32\pdh.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-05-27 4269296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-12 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-20 206088]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-10 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [24/04/2009 03:07 ص 2944]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S2 gupdate1c9d8c1757c1a48;gupdate1c9d8c1757c1a48; [x]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [13/05/2009 06:40 م 33176]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-05-25 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-05-24 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-05-24 c:\windows\Tasks\User_Feed_Synchronization-{74B5EAAC-6219-4F6E-8C65-BA4E1341ADE1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
2009-05-25 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-19 20:36]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Device Detector - DevDetect.exe
HKLM-Run-SystemInit - (no file)
HKLM-Run-Karen - (no file)
HKLM-Run-raVe - (no file)
HKLM-Run-Win32BaseServiceMOD - (no file)
HKLM-Run-startIE - (no file)
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
ustart page = about:blank
mStart Page = about:blank
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\l\Application Data\Mozilla\Firefox\Profiles\flm7ctol.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Esraa-Essam
FF - prefs.js: browser.startup.homepage - hxxp://esraa-essam.alafdal.net
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
.
------- File Associations -------
.
txtfile=NOTEPAD %1
vbefile\shell\edit\command=c:\windows\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-05-25 06:00
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(780)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\WGATRAY.EXE
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\program files\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\program files\MICROSOFT\SEARCH ENHANCEMENT PACK\SEAPORT\SEAPORT.EXE
c:\program files\COMMON FILES\ACD SYSTEMS\EN\DEVDETECT.EXE
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-05-25 6:03 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-25 03:03
Pre-Run: 30,715,150,336 bytes free
Post-Run: 30,686,806,016 bytes free
252 --- E O F --- 2009-05-25 02:48
و شكراا
