Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Adware Popups


  • This topic is locked This topic is locked
5 replies to this topic

#1 polarlight

polarlight

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 25 October 2009 - 10:15 PM

Hi - This is my son's computer - he seems to be infected with some virus that creates adware popus when using his browser (he uses Firefox 3.5.3). We would appreciate any help in removing this virus. Thank you. Following are the contents of the DDS.txt file - and I have attached the Attach.txt and ark.txt files, as instructed.

- Steve & Grant Rosen


DDS (Ver_09-10-24.04) - NTFSx86
Run by Grant at 20:11:25.45 on Sun 10/25/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2181 [GMT -7:00]

AV: avast! antivirus 4.8.1356 [VPS 091025-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NETGEAR\WPNT121\WPNT121.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Zune\ZuneLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\downloads\RootRepeal.exe
C:\WINDOWS\system32\notepad.exe
C:\downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
mWinlogon: Shell=Explorer.exe logon.exe
mWinlogon: Userinit=c:\windows\system32\userinit.exe,userinit.exe
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: ShoppingReport: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - c:\program files\shoppingreport\bin\2.5.0\ShoppingReport.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
EB: ShopperReports: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shoppingreport\bin\2.5.0\ShoppingReport.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\grant\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [igndlm.exe] c:\program files\ign\download manager\dlm.exe /windowsstart /startifwork
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [WPNT121] c:\program files\netgear\wpnt121\WPNT121.exe
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [gatesozul] Rundll32.exe "c:\windows\system32\huwulita.dll",a
dRun: [wow64main.exe] c:\windows\temp\wow64main.exe
StartupFolder: c:\documents and settings\grant\start menu\programs\startup\Registration Tom Clancy's Rainbow Six
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\shoppingreport\bin\2.5.0\ShoppingReport.dll
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\shoppingreport\bin\2.5.0\ShoppingReport.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144247023203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\windows\system32\zowiwogu.dll yoyorena.dll c:\windows\system32\huwulita.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: lagamokiv - {f4560c75-0999-4b05-be40-6c89615ca15c} - c:\windows\system32\zowiwogu.dll
SSODL: zepitayad - {1d78a5e3-d8ea-419b-aeae-5d4afdaacf10} - c:\windows\system32\huwulita.dll
STS: tokatiluy: {f4560c75-0999-4b05-be40-6c89615ca15c} - c:\windows\system32\zowiwogu.dll
STS: mujuzedij: {1d78a5e3-d8ea-419b-aeae-5d4afdaacf10} - c:\windows\system32\huwulita.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Notification Packages = scecli mulebime.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\grant\applic~1\mozilla\firefox\profiles\un4hy3x0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13161&gct=&gc=1&q=
FF - plugin: c:\documents and settings\grant\application data\mozilla\firefox\profiles\un4hy3x0.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\grant\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\ign\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npff_gdm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

As per the instructions you would have received, kindly ensure any onboard
script blocking tools have been disabled for they shall interfere with DDS.

DDS is a non-invasive diagnostic tool.

- DDS makes no registry writes/changes

- DDS does not create any permanent files/folders.

This scan should not take longer than three minutes to complete.

When the scan is complete, a logfile/report shall pop open.

Post the contents of the logfile to the forum where it was requested

We only require it to run just once. Dispose after use.


:::::::::::::::::::::::::::::::::::::::

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-24 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-24 20560]
R2 Stuffit Archive Name Service;Stuffit Archive Name Service;c:\program files\smith micro\stuffit 12.0.1\ArcNameService.exe [2008-5-23 157016]
R2 ZDCNDIS5;ZDCNDIS5 NDIS5.1 Protocol Driver;c:\windows\system32\ZDCndis5.sys [2008-6-18 20736]
R3 Airgo3U;NETGEAR RangeMax™ 240 Wireless USB 2.0 Adapter WPNT121;c:\windows\system32\drivers\TMIMO31U.sys [2006-3-6 1680384]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-8-29 38472]
S3 UXDCMN;UXDCMN;\??\e:\winstress\uxdcmn.sys --> e:\winstress\UXDCMN.SYS [?]

=============== Created Last 30 ================

2009-10-25 01:27:30 0 d-sh--w- c:\windows\system32\lowsec
2009-10-25 01:27:26 26628 ----a-w- c:\windows\system32\logon.exe
2009-10-21 02:40:27 3559 ----a-w- c:\documents and settings\grant\.recently-used.xbel
2009-10-20 05:18:31 0 d-----w- c:\documents and settings\grant\.thumbnails
2009-10-20 05:13:27 0 d-----w- c:\documents and settings\grant\.gimp-2.6
2009-10-20 05:12:46 0 d-----w- c:\program files\GIMP-2.0
2009-10-12 06:30:07 0 d-----w- c:\program files\Thief - Deadly Shadows Demo
2009-10-03 07:38:36 195440 ------w- c:\windows\system32\MpSigStub.exe

==================== Find3M ====================

2009-09-12 19:19:21 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-12 19:19:12 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36:27 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36:24 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 02:52:22 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-04 15:13:08 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20:09 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2007-10-18 05:59:11 13284 ----a-w- c:\program files\install.log
2005-04-06 18:55:38 456384 ----a-w- c:\windows\inf\wg311t\WG311T13.sys
2004-10-20 02:58:28 35232 ----a-w- c:\windows\inf\wg311t\ME_INST.EXE
2004-10-20 02:58:28 26112 ----a-w- c:\windows\inf\wg311t\install.exe
2009-07-25 13:32:20 90112 --sha-w- c:\windows\system32\famuruya.dll
2009-07-26 01:32:44 89600 --sha-w- c:\windows\system32\huwulita.dll
2009-07-25 13:32:54 51712 --sha-w- c:\windows\system32\jalezada.dll
2009-07-25 13:32:20 38400 --sha-w- c:\windows\system32\javuroge.dll
2009-07-25 01:32:20 38912 --sha-w- c:\windows\system32\jekolahi.dll
2009-07-25 13:32:54 51712 --sha-w- c:\windows\system32\mulebime.dll
2009-07-25 13:32:20 51712 --sha-w- c:\windows\system32\ninugojo.dll
2009-07-25 13:32:54 51712 --sha-w- c:\windows\system32\yoyorena.dll
2009-07-26 01:32:44 38400 --sha-w- c:\windows\system32\zakanilu.dll
2008-08-30 02:14:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082920080830\index.dat

============= FINISH: 20:12:00.25 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:01:55 PM

Posted 01 November 2009 - 05:26 PM

Hello,

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and
we are trying our best to keep up.

My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if you
would let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Then please post back here with the following:
  • log.txt
  • info.txt
Thanks

unite.jpg


#3 polarlight

polarlight
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 01 November 2009 - 08:58 PM

Hi Syler,

Thank you for replying to us - I suspected you were simply a little busier than usual - your excellent team helped me out with my wife's computer awhile ago (last year I think) - so I told my son that you'd probably reply at some point - he still has his malware problem - we downloaded the rsit.exe and ran it to generate the log.txt and info.txt files - they are attached to this reply - we look forward to hearing back from you - and thanks again for your help - it's very much appreciated!

For some additional bits of information, he just gets an occasional popup (it's typically a new Firefox window) for some ad when using his Firefox 3.5.4 browser - and he also showed me that his Firefox "personas" that he has set will go back to its default value when he restarts the Firefox browser - and finally, he said that when a page loads into his browser, it often does not load 100% - it gets to almost 100% and never fully loads - so he just hits the stop loading button and continues on (the page is essentially fully loaded - but he feels this problem could be related to his infection). He does not use Internet Explorer.

Thanks so much - we look forward to "cleaning" his system with your help!

- Steve & Grant Rosen

Attached Files

  • Attached File  log.txt   30.68KB   1 downloads
  • Attached File  info.txt   30.83KB   1 downloads


#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:01:55 PM

Posted 02 November 2009 - 11:30 AM

Hi polarlight,


One or more of the identified infections is a backdoor trojan/Rootkit.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

If you decide you want to proceed with trying to clean your machine please follow these next steps.



Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed, click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix



Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


Please post back here with the following logs:
  • Combofix.txt
  • MBAM log
  • New Rsit log
Thanks

unite.jpg


#5 polarlight

polarlight
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 02 November 2009 - 12:30 PM

Hi Syler,

Thank you for letting us know about the backdoor trojan that Grant has on his machine. He doesn't normally do any banking type of transactions at this time (he's only 15), but just to be safe, we've shut down his machine and will re-boot it without any networking turned on - I have a USB hard drive that can hold all his important files and data, so we'll copy off all the relevant data files, then re-format his hard drive and re-install the OS, as you suggested.

Thanks again for your help and advice - very much appreciated, as usual! You can go ahead and close this topic.

- Steve & Grant Rosen

#6 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:01:55 PM

Posted 02 November 2009 - 04:24 PM

Hi steve,

Your very welcome it's just a shame it couldn't have been fix easier, but I think reformatting is the wise option.

Since this issue appears resolved ... this Topic is closed. Glad we could help.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users