Welcome, Guest. Please Login or Register.
Search
Members
Login
Register
   Mischel Internet Security Forum
   Malware
   Adware, Browser Hijackers and other Malware (Moderators: Helena, Gavin_Coe, Magnus)
   do i need these files		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: do i need these files  (Read 874 times)
Thomas
Full Member
***






   


Gender: male
 Posts: 233
do i need these files
« on: Mar 10th, 2009, 5:57am »		 Quote Quote  Modify Modify
TrojanHunter Scan Report - Saved 2009-03-10 07:16
 
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.Net.dll
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.ServiceModel.Web.dll
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.Xml.dll
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll
Warning: Unable to unpack UPX-packed file C:\Program Files\uTorrent\uTorrent.exe
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11 d50a3a\Microsoft.VisualBasic.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Micro soft.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.W eb.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.X ML.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b0 3f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.W eb.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f 11d50a3a\Microsoft.VisualBasic.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Mic rosoft.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\Sys tem.IO.Log.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System .Net.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad 364e35\System.ServiceModel.Web.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System .XML.dll
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5 c561934e089_a127a50a\System.Xml.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.d ll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa. dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
Warning: Unable to unpack UPX-packed file C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4PUJ8XQR\inst[1].php
Warning: Unable to unpack UPX-packed file C:\WINDOWS\Temp\ms1236534028.exe
Warning: Unable to unpack UPX-packed file D:\cmdcons\usbuhci.sy_/usbuhci.sys
Warning: Unable to unpack UPX-packed file D:\I386\SYSTEM32\drivers\USBUHCI.SYS
Warning: Unable to unpack UPX-packed file D:\MiniNT\system32\drivers\USBUHCI.SYS
IP Logged
Windows 7 Home Premium (64 Bit)
Yahoo! Messenger Version 11.0.0 Build 2014
Y!TunnelPro Version 2.6 Build 736
YTK Enhanced Version 2.6 Build 108
Mozilla Firefox Version 8.0 (Beta)
Internet Explorer Version 9.0.8112.16421
TrojanHunter Version 5.3 Build 994
HijackThis Version 2.0 Build 4
Wireless
avast! Free Antivirus
Malwarebytes' Anti-Malware
SUPERAntiSpyware Professional
Thomas
Full Member
***






   


Gender: male
 Posts: 233
Re: do i need these files
« Reply #1 on: Mar 10th, 2009, 5:58am »		 Quote Quote  Modify Modify
ComboFix 09-03-06.02 - Compaq_Owner 2009-03-10  7:30:54.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.222.63 [GMT -4:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
 * Created a new restore point
.
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
 
----- BITS: Possible infected sites -----
 
hxxp://sunmicro.ht.rd.llnw.net
Infected copy of c:\windows\system32\lsass.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\lsass.exe
 
Infected copy of c:\windows\system32\winlogon.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\winlogon.exe
 
Infected copy of c:\windows\system32\services.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\services.exe
 
Infected copy of c:\windows\system32\spoolsv.exe was found and disinfected  
Restored copy from - c:\windows\$NtUninstallKB896423$\spoolsv.exe
 
Infected copy of c:\windows\explorer.exe was found and disinfected  
Restored copy from - c:\windows\$NtUninstallKB938828$\explorer.exe
 
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
-------\Legacy_ICF
 
 
(((((((((((((((((((((((((   Files Created from 2009-02-10 to 2009-03-10  )))))))))))))))))))))))))))))))
.
 
2009-03-10 07:24 . 2009-03-10 07:2473,728--a------c:\windows\system32\javacpl.cpl
2009-03-10 03:54 . 2009-03-10 03:54<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\DivX
2009-03-09 07:11 . 2008-10-16 14:06268,648--a------c:\windows\system32\mucltui.dll
2009-03-09 07:11 . 2008-10-16 14:0627,496--a------c:\windows\system32\mucltui.dll.mui
2009-03-09 06:07 . 2009-03-09 06:08<DIR>d--------c:\program files\DivX
2009-03-08 19:01 . 2009-03-08 19:01<DIR>d--------c:\program files\Digital Asphyxia
2009-03-08 19:01 . 2009-03-08 19:01<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\Digital Asphyxia
2009-03-08 19:01 . 2009-03-08 19:01<DIR>d--------c:\documents and settings\All Users\Application Data\Tarma Installer
2009-03-08 19:01 . 2009-03-08 19:01<DIR>d--------c:\documents and settings\All Users\Application Data\Digital Asphyxia
2009-03-08 18:50 . 2009-03-08 18:50<DIR>d--------c:\program files\Yahoo!
2009-03-08 18:50 . 2009-03-08 18:54<DIR>d--------c:\documents and settings\All Users\Application Data\Yahoo!
2009-03-08 18:39 . 2009-03-08 18:39<DIR>d--------c:\program files\Common Files\NSV
2009-03-08 18:35 . 2003-10-28 06:0220,016---------c:\windows\system32\drivers\pxhelp20.sys
2009-03-08 18:34 . 2009-03-08 18:49<DIR>d--------c:\program files\Winamp
2009-03-08 18:34 . 2009-03-09 17:411,125--a------c:\windows\winamp.ini
2009-03-08 18:23 . 2009-03-08 18:23<DIR>d--------c:\program files\MySpace
2009-03-08 18:23 . 2009-03-08 18:23<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\MySpace
2009-03-08 16:29 . 2009-03-08 16:29<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\TrojanHunter
2009-03-08 16:20 . 2009-03-08 16:21<DIR>d--------c:\program files\TrojanHunter 5.0
2009-03-08 16:11 . 2009-03-08 16:11<DIR>d--------c:\documents and settings\Compaq_Owner\Contacts
2009-03-08 16:09 . 2009-03-08 16:09<DIR>d--------c:\program files\MSN Messenger
2009-03-08 13:37 . 2009-03-08 13:3732--a-s----c:\windows\system32\662304388.dat
2009-03-08 13:10 . 2009-03-08 13:10<DIR>d--------c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-08 13:09 . 2009-03-10 04:18<DIR>d--------c:\program files\SUPERAntiSpyware
2009-03-08 13:09 . 2009-03-08 13:09<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2009-03-08 13:08 . 2009-03-08 13:08<DIR>d--------c:\program files\Common Files\Wise Installation Wizard
2009-03-08 12:43 . 2009-03-08 12:43<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\Malwarebytes
2009-03-08 12:42 . 2009-03-10 02:52<DIR>d--------c:\program files\Malwarebytes' Anti-Malware
2009-03-08 12:42 . 2009-03-08 12:42<DIR>d--------c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-08 12:42 . 2009-02-11 10:1938,496--a------c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-08 12:42 . 2009-02-11 10:1915,504--a------c:\windows\system32\drivers\mbam.sys
2009-03-08 12:19 . 2009-03-08 12:19<DIR>d--------c:\windows\system32\scripting
2009-03-08 12:19 . 2009-03-08 12:19<DIR>d--------c:\windows\system32\en
2009-03-08 12:19 . 2009-03-08 12:19<DIR>d--------c:\windows\system32\bits
2009-03-08 12:19 . 2009-03-08 12:19<DIR>d--------c:\windows\l2schemas
2009-03-08 12:16 . 2009-03-08 12:20<DIR>d--------c:\windows\ServicePackFiles
2009-03-08 12:07 . 2009-03-08 12:07<DIR>d--------c:\windows\EHome
2009-03-08 11:58 . 2009-03-08 11:58<DIR>d--------c:\program files\Microsoft Silverlight
2009-03-08 11:58 . 2009-03-08 11:58<DIR>d--------c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-08 11:36 . 2009-01-09 15:191,089,593---------c:\windows\system32\dllcache\ntprint.cat
2009-03-08 11:29 . 2008-04-13 20:124,274,816---------c:\windows\system32\nv4_disp.dll
2009-03-08 11:28 . 2004-08-03 22:411,041,536---------c:\windows\system32\drivers\hsfdpsp2.sys
2009-03-08 10:49 . 2009-03-08 10:49<DIR>d--------c:\windows\system32\XPSViewer
2009-03-08 10:49 . 2009-03-08 10:49<DIR>d--------c:\program files\Reference Assemblies
2009-03-08 10:49 . 2009-03-08 10:49<DIR>d--------c:\program files\MSBuild
2009-03-08 10:47 . 2009-03-08 10:48<DIR>d--------C:\a26b07a34d6099f30772e6
2009-03-08 10:47 . 2008-07-06 08:061,676,288---------c:\windows\system32\xpssvcs.dll
2009-03-08 10:47 . 2008-07-06 08:061,676,288---------c:\windows\system32\dllcache\xpssvcs.dll
2009-03-08 10:47 . 2008-07-06 06:50597,504---------c:\windows\system32\dllcache\printfilterpipelinesvc .exe
2009-03-08 10:47 . 2008-07-06 08:06575,488---------c:\windows\system32\xpsshhdr.dll
2009-03-08 10:47 . 2008-07-06 08:06575,488---------c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-08 10:47 . 2008-07-06 08:06117,760---------c:\windows\system32\prntvpt.dll
2009-03-08 10:47 . 2008-07-06 08:0689,088---------c:\windows\system32\dllcache\filterpipelineprintproc .dll
2009-03-08 10:39 . 2009-03-08 10:39<DIR>d--------c:\program files\MSXML 6.0
2009-03-08 10:30 . 2009-03-08 10:30<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\Windows Desktop Search
2009-03-08 10:28 . 2009-03-08 10:28<DIR>d--------c:\windows\system32\GroupPolicy
2009-03-08 10:28 . 2009-03-08 10:28<DIR>d--------c:\program files\Windows Desktop Search
2009-03-08 10:25 . 2009-03-08 10:25<DIR>d--------c:\program files\Windows Media Connect 2
2009-03-08 10:23 . 2009-03-08 10:23<DIR>d--------c:\windows\system32\LogFiles
2009-03-08 10:23 . 2009-03-08 10:24<DIR>d--------c:\windows\system32\drivers\UMDF
2009-03-08 10:18 . 2009-03-08 08:50246--a------c:\windows\system\hpsysdrv.dat
2009-03-08 10:16 . 2009-03-08 08:41<DIR>d--------c:\windows\I386
2009-03-08 10:11 . 2008-04-13 20:12290,304---------c:\windows\system32\rhttpaa.dll
2009-03-08 10:11 . 2008-04-13 20:11136,192---------c:\windows\system32\aaclient.dll
2009-03-08 10:11 . 2008-04-13 20:1253,248---------c:\windows\system32\tsgqec.dll
2009-03-08 09:52 . 2008-12-20 19:156,066,688---------c:\windows\system32\dllcache\ieframe.dll
2009-03-08 09:52 . 2007-04-17 05:322,455,488---------c:\windows\system32\dllcache\ieapfltr.dat
2009-03-08 09:52 . 2007-03-08 01:10991,232---------c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-08 09:52 . 2008-12-20 19:15459,264---------c:\windows\system32\dllcache\msfeeds.dll
2009-03-08 09:52 . 2008-12-20 19:15383,488---------c:\windows\system32\dllcache\ieapfltr.dll
2009-03-08 09:52 . 2008-12-20 19:15267,776---------c:\windows\system32\dllcache\iertutil.dll
2009-03-08 09:52 . 2008-12-20 19:1563,488---------c:\windows\system32\dllcache\icardie.dll
2009-03-08 09:52 . 2008-12-20 19:1552,224---------c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-08 09:52 . 2008-12-19 05:1013,824
IP Logged
Windows 7 Home Premium (64 Bit)
Yahoo! Messenger Version 11.0.0 Build 2014
Y!TunnelPro Version 2.6 Build 736
YTK Enhanced Version 2.6 Build 108
Mozilla Firefox Version 8.0 (Beta)
Internet Explorer Version 9.0.8112.16421
TrojanHunter Version 5.3 Build 994
HijackThis Version 2.0 Build 4
Wireless
avast! Free Antivirus
Malwarebytes' Anti-Malware
SUPERAntiSpyware Professional
Thomas
Full Member
***






   


Gender: male
 Posts: 233
Re: do i need these files
« Reply #2 on: Mar 10th, 2009, 5:59am »		 Quote Quote  Modify Modify
---------c:\windows\system32\dllcache\ieudinit.exe
2009-03-08 09:32 . 2009-03-08 12:401,355--a------c:\windows\imsins.BAK
2009-03-08 09:21 . 2008-04-11 15:04691,712---------c:\windows\system32\dllcache\inetcomm.dll
2009-03-08 09:21 . 2008-05-08 10:02203,136---------c:\windows\system32\dllcache\rmcast.sys
2009-03-08 09:20 . 2008-08-14 06:112,189,184---------c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-08 09:20 . 2008-08-14 06:092,145,280---------c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-08 09:20 . 2008-08-14 05:332,066,048---------c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-08 09:20 . 2008-08-14 05:332,023,936---------c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-08 09:20 . 2008-09-15 08:121,846,400---------c:\windows\system32\dllcache\win32k.sys
2009-03-08 09:20 . 2008-12-11 06:57333,952---------c:\windows\system32\dllcache\srv.sys
2009-03-08 09:20 . 2008-06-13 07:05272,128---------c:\windows\system32\drivers\bthport.sys
2009-03-08 09:20 . 2008-06-13 07:05272,128---------c:\windows\system32\dllcache\bthport.sys
2009-03-08 09:19 . 2008-10-24 07:21455,296---------c:\windows\system32\dllcache\mrxsmb.sys
2009-03-08 09:16 . 2008-10-15 12:34337,408---------c:\windows\system32\dllcache\netapi32.dll
2009-03-08 09:07 . 2009-03-08 09:07<DIR>d--hs----c:\documents and settings\Compaq_Owner\UserData
2009-03-08 08:35 . 2009-03-08 08:35<DIR>d--------c:\program files\iTunes
2009-03-08 08:35 . 2009-03-08 08:35<DIR>d--------c:\program files\iPod
2009-03-08 08:35 . 2009-03-08 08:35<DIR>d--------c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-08 08:34 . 2009-03-08 08:34<DIR>d--------c:\program files\QuickTime
2009-03-08 08:34 . 2009-03-08 08:34<DIR>d--------c:\program files\Bonjour
2009-03-08 08:33 . 2009-03-08 16:09<DIR>d----c---c:\windows\system32\DRVSTORE
2009-03-08 08:33 . 2009-03-08 08:35<DIR>d--------c:\program files\Common Files\Apple
2009-03-08 08:33 . 2009-03-08 08:33<DIR>d--------c:\documents and settings\All Users\Application Data\Apple
2009-03-08 08:05 . 2009-03-10 07:23410,984--a------c:\windows\system32\deploytk.dll
2009-03-08 07:57 . 2008-04-13 14:4685,248--a------c:\windows\system32\drivers\nabtsfec.sys
2009-03-08 07:57 . 2008-04-13 14:4619,200--a------c:\windows\system32\drivers\wstcodec.sys
2009-03-08 07:57 . 2008-04-13 14:4617,024--a------c:\windows\system32\drivers\ccdecode.sys
2009-03-08 07:57 . 2008-04-13 20:1216,384--a------c:\windows\system32\ipsink.ax
2009-03-08 07:57 . 2008-04-13 14:4615,232--a------c:\windows\system32\drivers\streamip.sys
2009-03-08 07:57 . 2008-04-13 14:4611,136--a------c:\windows\system32\drivers\slip.sys
2009-03-08 07:57 . 2008-04-13 14:4610,880--a------c:\windows\system32\drivers\ndisip.sys
2009-03-08 07:57 . 2008-04-13 14:395,504--a------c:\windows\system32\drivers\mstee.sys
2009-03-08 07:56 . 2008-04-13 20:1291,136--a------c:\windows\system32\kswdmcap.ax
2009-03-08 07:56 . 2008-04-13 20:1261,952--a------c:\windows\system32\kstvtune.ax
2009-03-08 07:56 . 2008-04-13 20:1253,760--a------c:\windows\system32\vfwwdm32.dll
2009-03-08 07:56 . 2008-04-13 20:1243,008--a------c:\windows\system32\ksxbar.ax
2009-03-08 07:56 . 2008-04-13 20:1228,672--a------c:\windows\system32\vidcap.ax
2009-03-08 07:53 . 2009-03-10 07:40<DIR>d-a------c:\documents and settings\All Users\Application Data\TEMP
2009-03-08 07:51 . 2009-03-08 07:51<DIR>d--------c:\program files\uTorrent
2009-03-08 07:51 . 2009-03-10 04:16<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\uTorrent
2009-03-08 07:49 . 2009-03-08 07:50<DIR>d--------c:\program files\7-Zip
2009-03-08 07:43 . 2009-03-08 07:45<DIR>d--------c:\program files\CCleaner
2009-03-08 07:40 . 2009-03-08 07:40<DIR>d--------c:\program files\Trend Micro
2009-03-08 07:33 . 2004-08-04 08:00221,184--a------c:\windows\system32\wmpns.dll
2009-03-08 07:33 . 2009-03-08 07:331,857-rahs----c:\windows\system32\drivers\103C_HP_CPC_ED861AA-ABA SR1603WM NA540_YC_0Pres_QCNH542_E54NAheRED2_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.08_T050913_WXH2_L409_M223_J80_7AMD_8Sempron_91.79_#051225_ N10EC8139_Z14F12F20_G10025954.MRK
2009-03-08 07:30 . 2005-08-08 18:50<DIR>d--------c:\documents and settings\Compaq_Owner\WINDOWS
2009-03-08 07:30 . 2005-08-08 18:54<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\SampleView
2009-03-08 07:30 . 2005-08-08 18:49<DIR>d--------c:\documents and settings\Compaq_Owner\Application Data\Apple Computer
2009-03-08 07:30 . 2009-03-08 16:11<DIR>d--------c:\documents and settings\Compaq_Owner
2009-03-08 07:28 . 2005-08-08 18:50<DIR>d--------c:\windows\system32\config\systemprofile\WINDOWS
2009-03-08 07:28 . 2005-08-08 19:10<DIR>d--------c:\windows\system32\config\systemprofile\Application Data\Symantec
2009-03-08 07:28 . 2005-08-08 18:54<DIR>d--------c:\windows\system32\config\systemprofile\Application Data\SampleView
 
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 12:34---------d-----wc:\documents and settings\All Users\Application Data\Apple Computer
2009-03-08 12:24---------d-----wc:\program files\Common Files\InstallShield
2009-03-08 12:22---------d--h--wc:\program files\InstallShield Installation Information
2009-03-08 12:04---------d-----wc:\program files\Java
2009-01-21 11:49118,656----a-wc:\windows\system32\drivers\Rtnicxp.sys
.
 
------- Sigcheck -------
 
2005-03-14 04:17  359936  6129e70f3d2f1e60860c930ebeaf92c2c:\windows\$hf_mig$\KB893066\SP2QFE\tcpi p.sys
2008-06-20 06:44  360960  744e57c99232201ae98c49168b918f48c:\windows\$hf_mig$\KB951748\SP2QFE\tcpi p.sys
2008-06-20 07:51  361600  9aefa14bd6b182d61e3119fa5f436d3dc:\windows\$hf_mig$\KB951748\SP3GDR\tcpi p.sys
2008-06-20 07:59  361600  ad978a1b783b5719720cff204b666c8ec:\windows\$hf_mig$\KB951748\SP3QFE\tcpi p.sys
2008-06-20 06:45  360320  2a5554fc5b1e04e131230e3ce035c3f9c:\windows\$NtServicePackUninstall$\tcpi p.sys
2008-04-13 15:20  361344  93ea8d04ec73a85db02eb8805988f733c:\windows\$NtUninstallKB951748$\tcpip.s ys
2005-03-14 03:55  359808  0e66b538096a6529d1ac66e78eb0d5c8c:\windows\$NtUninstallKB951748_0$\tcpip .sys
2008-04-13 15:20  361344  accf5a9a1ffaa490f33dba1c632b95e1c:\windows\ServicePackFiles\i386\tcpip.s ys
2008-06-20 06:45  360320  2a5554fc5b1e04e131230e3ce035c3f9c:\windows\SoftwareDistribution\Download \ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
2008-06-20 06:44  360960  744e57c99232201ae98c49168b918f48c:\windows\SoftwareDistribution\Download \ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
2008-06-20 07:51  361600  9aefa14bd6b182d61e3119fa5f436d3dc:\windows\SoftwareDistribution\Download \ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
2008-06-20 07:59  361600  ad978a1b783b5719720cff204b666c8ec:\windows\SoftwareDistribution\Download \ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
2008-04-13 15:20  361344  93ea8d04ec73a85db02eb8805988f733c:\windows\SoftwareDistribution\Download \e9500597a78495f397efb821e37bf356\tcpip.sys
2008-06-20 07:51  361600  9425b72f40257b45d45d24773273dad0c:\windows\system32\dllcache\tcpip.sys
2008-06-20 07:51  361600  9425b72f40257b45d45d24773273dad0c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown  
REGEDIT4
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"="c:\program files\Registry Mechanic\regmech.exe" [2008-07-08 2828184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-08 1830128]
"Y!TunnelPro"="c:\program files\Digital Asphyxia\Y!TunnelPro 2.5\YTPro.exe" [2008-09-27 1412608]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THGuard"="c:\program files\TrojanHunter 5.0\THGuard.exe" [2008-10-24 1056928]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-02-11 399504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-10 148888]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]
 
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Digital Asphyxia\\Y!TunnelPro 2.5\\YTPro.exe"=
 
R2 Bonjourwuauserv;Bonjour Service Bonjourwuauserv; [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-02-11 179856]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-01-15 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-01-15 55024]
S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\Drivers\ubVeo532.sys [2002-07-01 95232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-02-11 15504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
 
 
--- Other Services/Drivers In Memory ---
 
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - Arp1394
*Deregistered* - Ati HotKey Poller
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - bb-run
*Deregistered* - Beep
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - ftsata2
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - iaStor
*Deregistered* - ImapiService
*Deregistered* - IntelIde
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - MBAMProtector
*Deregistered* - MBAMService
*Deregistered* - MDM
*Deregistered* - mdmxsdk
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - SASDIFSV
*Deregistered* - SASENUM
*Deregistered* - SASKUTIL
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - ViaIde
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - WSearch
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_U S&c=Q405 &bd=presario&pf=desktop&parm1=seconduser
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_U S&c=Q405 &bd=presario&pf=desktop&parm1=seconduser
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
.
.
------- File Associations -------
.
.
 
************************************************************************ **
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-10 07:41:07
Windows 5.1.2600 Service Pack 3 NTFS
 
scanning hidden processes ...  
 
scanning hidden autostart entries ...  
 
scanning hidden files ...  
 
scan completed successfully
hidden files: 0
 
************************************************************************ **
.
--------------------- DLLs Loaded Under Running Processes ---------------------
 
- - - - - - - > 'winlogon.exe'(672)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\searchindexer.exe
c:\program files\Windows Desktop Search\WindowsSearch.exe
.
************************************************************************ **
.
Completion time: 2009-03-10  7:50:45 - machine was rebooted
ComboFix-quarantined-files.txt  2009-03-10 11:50:36
 
Pre-Run: 51,241,656,320 bytes free
Post-Run: 51,559,972,864 bytes free
 
375--- E O F ---2009-03-08 16:29:57
IP Logged
Windows 7 Home Premium (64 Bit)
Yahoo! Messenger Version 11.0.0 Build 2014
Y!TunnelPro Version 2.6 Build 736
YTK Enhanced Version 2.6 Build 108
Mozilla Firefox Version 8.0 (Beta)
Internet Explorer Version 9.0.8112.16421
TrojanHunter Version 5.3 Build 994
HijackThis Version 2.0 Build 4
Wireless
avast! Free Antivirus
Malwarebytes' Anti-Malware
SUPERAntiSpyware Professional
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 7358
Re: do i need these files
« Reply #3 on: Mar 10th, 2009, 7:38am »		 Quote Quote  Modify Modify
Absolutely, you need all the files below.  They are all valid Windows files.  See the link below concerning double extensions.  
 
http://www.misec.net/forum/board/FAQ/1139255660
 
You should uncheck the Option "Warn on executable files with double extensions" in TH scanner GUI (under the options icon on the left icon bar).  
 
Quote:
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.Net.dll  
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.ServiceModel.Web.dll  
Warning: Executable file with double extensions found: C:\Program Files\Microsoft Silverlight\2.0.40115.0\System.Xml.dll  
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll  
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll  
Warning: Executable file with double extensions found: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll  
Warning: Unable to unpack UPX-packed file C:\Program Files\uTorrent\uTorrent.exe  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11  d50a3a\Microsoft.VisualBasic.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Micro  soft.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.W  eb.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.X  ML.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b0  3f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.W  eb.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f  11d50a3a\Microsoft.VisualBasic.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Mic  rosoft.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\Sys  tem.IO.Log.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System  .Net.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad  364e35\System.ServiceModel.Web.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System  .XML.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5  c561934e089_a127a50a\System.Xml.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.d  ll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.  dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll  
Warning: Executable file with double extensions found: C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll  

 
The warnings below merely mean that TH was not able to unpack these files because they are packed with a packer that TH does not have in its unpacker capabilities.  The files are valid and you need them, yes.
 
Quote:
Warning: Unable to unpack UPX-packed file D:\cmdcons\usbuhci.sy_/usbuhci.sys  
Warning: Unable to unpack UPX-packed file D:\I386\SYSTEM32\drivers\USBUHCI.SYS  
Warning: Unable to unpack UPX-packed file D:\MiniNT\system32\drivers\USBUHCI.SYS

 
Run CCleaner and then scan with TH to see if these two are gone.  
 
Quote:
Warning: Unable to unpack UPX-packed file C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4PUJ8XQR\inst[1].php  
Warning: Unable to unpack UPX-packed file C:\WINDOWS\Temp\ms1236534028.exe
IP Logged
______
TrojanHunter V5.5.1002...No. 1 AT in my Book and on my Box(es)! Windows 7 x64 Professional on a Dell XPS 410, 8 gbyte RAM, dual WD VelociRaptors, dual 24" UltraSharp FPD monitors, Logitech 5.1 Surround Sound; Windows 7 x86 Professional on a Dell Vostro 220s, 4 gbyte RAM, dual WD VelociRaptors. Common: router, cable modem.
Thomas
Full Member
***






   


Gender: male
 Posts: 233
Re: do i need these files
« Reply #4 on: Mar 10th, 2009, 4:47pm »		 Quote Quote  Modify Modify
on Mar 10th, 2009, 7:38am, siliconman01 wrote:
Absolutely, you need all the files below.  They are all valid Windows files.  See the link below concerning double extensions.  
 
http://www.misec.net/forum/board/FAQ/1139255660
 
You should uncheck the Option "Warn on executable files with double extensions" in TH scanner GUI (under the options icon on the left icon bar).  
 
 
The warnings below merely mean that TH was not able to unpack these files because they are packed with a packer that TH does not have in its unpacker capabilities.  The files are valid and you need them, yes.
 
 
Run CCleaner and then scan with TH to see if these two are gone.  
 

 
i knew the last part was bad i just wanting make sure what about the files that combofix deleteing
IP Logged
Windows 7 Home Premium (64 Bit)
Yahoo! Messenger Version 11.0.0 Build 2014
Y!TunnelPro Version 2.6 Build 736
YTK Enhanced Version 2.6 Build 108
Mozilla Firefox Version 8.0 (Beta)
Internet Explorer Version 9.0.8112.16421
TrojanHunter Version 5.3 Build 994
HijackThis Version 2.0 Build 4
Wireless
avast! Free Antivirus
Malwarebytes' Anti-Malware
SUPERAntiSpyware Professional
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 7358
Re: do i need these files
« Reply #5 on: Mar 10th, 2009, 8:12pm »		 Quote Quote  Modify Modify
Quote:
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat  
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

 
The above files are not infections, but are part of Microsoft Binary Intelligent Transfer Service as part of Windows Update for XP.  You should unquarantine them from Combofix.  
 
Quote:
----- BITS: Possible infected sites -----  
 
hxxp://sunmicro.ht.rd.llnw.net  
Infected copy of c:\windows\system32\lsass.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\lsass.exe  
 
Infected copy of c:\windows\system32\winlogon.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\winlogon.exe  
 
Infected copy of c:\windows\system32\services.exe was found and disinfected  
Restored copy from - c:\windows\$NtServicePackUninstall$\services.exe  
 
Infected copy of c:\windows\system32\spoolsv.exe was found and disinfected  
Restored copy from - c:\windows\$NtUninstallKB896423$\spoolsv.exe  
 
Infected copy of c:\windows\explorer.exe was found and disinfected  
Restored copy from - c:\windows\$NtUninstallKB938828$\explorer.exe

 
The above are probably okay as fixed by Combofix.
 
Please be very cautious when running Combofix.  Always download the latest version before running it.  It changes frequently.  Do not run it unless you strongly feel something is infected and its use is required.
IP Logged
______
TrojanHunter V5.5.1002...No. 1 AT in my Book and on my Box(es)! Windows 7 x64 Professional on a Dell XPS 410, 8 gbyte RAM, dual WD VelociRaptors, dual 24" UltraSharp FPD monitors, Logitech 5.1 Surround Sound; Windows 7 x86 Professional on a Dell Vostro 220s, 4 gbyte RAM, dual WD VelociRaptors. Common: router, cable modem.
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »