|
|
|
Please help me with this hijackthis log...
|
|
AfterDawn Addict
|
25. September 2008 @ 17:36 |
Link to this message
|
|
@hakuron,
It is frustrating since I don?t have my hands on it and my crystal ball is really fuzzy. ;)
I must be out of town a few days and will be thinking about it but in the mean time, I believe you may consider a re-format/re-install of your OS as a last resort, of curse.
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
Advertisement
|
 |
|
|
|
hakuron
Junior Member
|
2. October 2008 @ 17:59 |
Link to this message
|
@2oldgeek
really? wow, that would be terrible if i really have to reformat the computer... but i guess if it doesn't bother me too much, i could just leave it just like this??? or will it get worse over time?
have a safe trip
hakuron
|
Senior Member
|
3. October 2008 @ 10:57 |
Link to this message
|
I'm sorry for intruding, but your problem can be fixed manually, hakuron. Another sorry to 2oldgeek, if I'm messing up your thread. Normally, I would tell you first, but apparently, you're out of town... :(
This might take some trial and error, but perhaps it can be done.
First, download REG File Association Fix. Unzip this file only. Do not run it yet.
Go to Start, Run, and type in regedit. Click on OK. If this step does not work, look below. **
Click on File, Import, and navigate to xp_regfile.reg. Click on Open. Restart your computer.
Now, run the COM File Association Fix and reboot. I'll leave the rest for 2oldgeek.
Best Regards :D
**Download this tool ( http://www.softpedia.com/get/Security/Se...ions-Tool.shtml ) and enable regedit. You might have to reboot for the changes to take effect.
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
AfterDawn Addict
|
3. October 2008 @ 23:36 |
Link to this message
|
|
@hakuron,
Step through the instructions that cdavfrew posted and let me know what happens?.
If you don?t understand something, please ask..
@cdavfrew,
Tnx, sounds like that might work or at least narrow it down. :)
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
8. October 2008 @ 00:32 |
Link to this message
|
@2oldgeek and cdavfrew
well i ran the REG File Association Fix that cdavfrew has suggested. and it ran smoothly. then i tried to run the combofix file. this time no nircmd window popped up, so it ran smoothly also (asking me to click 'yes') and it restarted the computer. so far so good, but after i typed my password to log-on to windows, i can't see any icons(start buttons, toolbar, clock, icons on the desktop..etc). i can only see my desktop wallpaper. so i tried to force shut it off and turn it back on, but the same thing happened. but i know the computer works because i tried to press crtl+alt+delete and the window task manager pops up. but yea, as far as i can see, i can't use my computer because there aren't an icons for me to click. but the good news is that remember i told you about a weird window that pops up everytime before i type my password? that window didn't pop up anymore !!
please tell me what to do next so that i can finally use my cleaned computer. :) can't wait
thank you very much
hakuron
|
AfterDawn Addict
|
8. October 2008 @ 02:18 |
Link to this message
|
|
@ hakuron,
I don?t have much time but here is something to try?
Since you have your Task Manager:
Hit CTrl+Alt+Delete to open Task Manager:
Choose the Application Tab at the top.
Click the "New Task..." button.
Type explorer.exe and hit enter.
Hopefully this will return your desktop and icons.
If ComboFix ran successfully please post the Log located at c:\comboFix.txt
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
8. October 2008 @ 02:51 |
Link to this message
|
@2oldgeek
wow, after i typed explorer.exe, the icons appeared magically !! thank you so much. oh here's the log file. btw i've replaced my name with XXXXXXX :) and one last question, do i have to type explorer.exe everytime my computer starts? or is it a one time thing?
ComboFix 08-10-07.06 - XXXXXXXX 2008-10-07 20:55:57.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.950.852.1033.18.608 [GMT -7:00]
Running from: C:\Documents and Settings\XXXXXXXX\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
C:\WINDOWS\system32\tdsspopup.dll
C:\WINDOWS\system32\tdsspopup1.url
C:\WINDOWS\system32\tdsspopup2.url
C:\WINDOWS\system32\tdsspopup3.url
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
-------\Service_TDSSserv
((((((((((((((((((((((((( Files Created from 2008-09-08 to 2008-10-08 )))))))))))))))))))))))))))))))
.
2008-10-04 17:11 . 2008-10-04 17:11 <DIR> d-------- C:\Program Files\ConvertHelper
2008-10-04 15:10 . 2008-10-04 15:10 <DIR> d-------- C:\Documents and Settings\XXXXXXXX\dwhelper
2008-10-03 13:01 . 2008-10-03 13:01 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-03 13:00 . 2008-10-03 13:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-19 21:51 . 2008-10-07 20:01 <DIR> d-------- C:\Documents and Settings\XXXXXXXXX\Application Data\skypePM
2008-09-19 21:51 . 2008-09-19 21:51 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-09-19 21:38 . 2008-09-19 21:38 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-09-18 14:05 . 2008-09-18 14:06 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-18 14:05 . 2008-09-18 14:05 <DIR> d-------- C:\Documents and Settings\XXXXXXXX\Application Data\Malwarebytes
2008-09-18 14:05 . 2008-09-18 14:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-18 14:05 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-18 14:05 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-17 15:38 . 2008-09-17 16:31 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-09 00:12 . 2008-09-09 00:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-08 22:59 . 2008-09-08 22:59 <DIR> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-09-08 21:14 . 2008-09-08 21:14 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-08 03:51 --------- d-----w C:\Documents and Settings\XXXXXXXX\Application Data\OpenOffice.org2
2008-10-08 03:43 37,624 ----a-w C:\Documents and Settings\XXXXXXXXX\Application Data\wklnhst.dat
2008-10-08 03:40 --------- d-----w C:\Documents and Settings\XXXXXXXX\Application Data\Skype
2008-10-06 06:15 --------- d-----w C:\Program Files\FlashGet
2008-10-05 05:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\WholeSecurity
2008-10-01 06:50 --------- d-----w C:\Documents and Settings\XXXXXXXXXX\Application Data\dvdcss
2008-09-25 08:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-25 08:13 --------- d-----w C:\Documents and Settings\XXXXXXXXXX\Application Data\Samsung
2008-09-24 23:42 --------- d-----w C:\Documents and Settings\XXXXXXXXXX\Application Data\HP
2008-09-12 01:32 --------- d-----w C:\Program Files\BitComet
2008-09-09 05:59 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-06 20:08 --------- d-----w C:\Program Files\Citrix
2008-09-06 20:07 61,224 ----a-w C:\Documents and Settings\XXXXXXXXX\GoToAssistDownloadHelper.exe
2008-09-06 19:43 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-06 19:41 --------- d-----w C:\Documents and Settings\XXXXXXXXXX\Application Data\AdobeUM
2006-02-21 05:20 87,088 ----a-w C:\Documents and Settings\XXXXXXXXXX\Application Data\GDIPFONTCACHEV1.DAT
2005-05-14 00:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 18:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-14 04:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-08 02:14 308,224 --sha-w C:\WINDOWS\system32\avisynth.dll
2005-07-14 19:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 22:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-22 05:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 17:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 20:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
<pre>
----a-w 2,328,733 2006-12-16 07:39:14 C:\Program Files\BitComet\Downloads\WinXMedia DVD AVI MP3 MP4 MPEG iPod PSP Video Audio Converter Ripper\WinXMedia DVD Audio Ripper\WinXMedia DVD Audio Ripper .exe
</pre>
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 303104]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"Personal Firewall"="C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe" [2005-11-03 91648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [N/A]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2006-04-12 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2005-11-04 90112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-09-12 229952]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 827392]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 C:\WINDOWS\stsystra.exe]
"MAIHIME_ACCESSORY_STARTUP"="" [N/A]
"MAIHIME_CALENDAR_STARTUP"="" [N/A]
C:\Documents and Settings\XXXXXXX\Start Menu\Programs\Startup\
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-02-18 122880]
Wireless USB 2.0 WLAN Card Utility.lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe [2006-02-07 917611]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-09-06 13:07 10536 C:\Program Files\Citrix\GoToAssist\516\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Media Center Diagnostic Kit\\MCDiag.exe"=
"C:\\Program Files\\Media Center Diagnostic Kit\\MCEHostRemote.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"32670:TCP"= 32670:TCP:Azureus port
"6881:TCP"= 6881:TCP:bt1
"6882:TCP"= 6882:TCP:bt2
"6883:TCP"= 6883:TCP:bt3
"6884:TCP"= 6884:TCP:bt4
"6885:TCP"= 6885:TCP:bt5
"25456:TCP"= 25456:TCP:BitComet 25456 TCP
"25456:UDP"= 25456:UDP:BitComet 25456 UDP
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 VFILT;Lavasoft Firewall Kernel Driver;C:\Program Files\Lavasoft\Personal Firewall\kernel\FILTNT.SYS [2005-11-03 117408]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 ehMonitor;Media Center Monitor Service;C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe [2005-09-07 49336]
R3 ADBLOCK.DLL;Lavasoft Firewall PlugIn (ADBLOCK.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\ADBLOCK.DLL [2005-11-03 33504]
R3 ARP.DLL;Lavasoft Firewall PlugIn (ARP.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\ARP.DLL [2005-11-03 17632]
R3 CONTENT.DLL;Lavasoft Firewall PlugIn (CONTENT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\CONTENT.DLL [2005-11-03 4928]
R3 DNSCACHE.DLL;Lavasoft Firewall PlugIn (DNSCACHE.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\DNSCACHE.DLL [2005-11-03 14208]
R3 FTPFILT.DLL;Lavasoft Firewall PlugIn (FTPFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\FTPFILT.DLL [2005-11-03 9056]
R3 HTMLFILT.DLL;Lavasoft Firewall PlugIn (HTMLFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\HTMLFILT.DLL [2005-11-03 11584]
R3 HTTPFILT.DLL;Lavasoft Firewall PlugIn (HTTPFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\HTTPFILT.DLL [2005-11-03 13280]
R3 IMAPFILT.DLL;Lavasoft Firewall PlugIn (IMAPFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\IMAPFILT.DLL [2005-11-03 7232]
R3 MAILFILT.DLL;Lavasoft Firewall PlugIn (MAILFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\MAILFILT.DLL [2005-11-03 14784]
R3 NNTPFILT.DLL;Lavasoft Firewall PlugIn (NNTPFILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\NNTPFILT.DLL [2005-11-03 6784]
R3 POP3FILT.DLL;Lavasoft Firewall PlugIn (POP3FILT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\POP3FILT.DLL [2005-11-03 10016]
R3 PROTECT.DLL;Lavasoft Firewall PlugIn (PROTECT.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\PROTECT.DLL [2005-11-03 16992]
R3 SECRET.DLL;Lavasoft Firewall PlugIn (SECRET.DLL);C:\Program Files\Lavasoft\Personal Firewall\kernel\SECRET.DLL [2005-11-03 9728]
S3 GoToAssist;GoToAssist;C:\Program Files\Citrix\GoToAssist\516\g2aservice.exe Start=service [ ]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-23 29184]
S4 PRISMSVC;PRISMSVC;C:\WINDOWS\system32\PRISMSVC.EXE [2004-10-04 57344]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47067ed8-ba1a-11da-ae51-0014a55dc70c}]
\Shell\AutoRun\command - F:\q83iwmgf.bat
\Shell\explore\Command - F:\q83iwmgf.bat
\Shell\open\Command - F:\q83iwmgf.bat
.
Contents of the 'Scheduled Tasks' folder
2008-10-07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 18:13]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\XXXXXXX\Application Data\Mozilla\Firefox\Profiles\4yxa7ucb.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-07 23:34:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\explorer.exe [2444] 0x8569DAF0
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-10-07 23:41:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-08 06:41:09
Pre-Run: 71,113,617,408 bytes free
Post-Run: 77,711,953,920 bytes free
225 --- E O F --- 2008-09-10 10:02:32
Thank you very much for the fast reply
hakuron
|
AfterDawn Addict
|
8. October 2008 @ 03:22 |
Link to this message
|
Quote:
and one last question, do i have to type explorer.exe everytime my computer starts? or is it a one time thing?
You got me buddy, give it a boot and see??..
Maybe all will change after we get you cleaned up.. ;)
I need some time to go over the Combo Log so don?t hold your breath? lol
Looks like you may have a worm on a flash drive?. You do have a flash drive, huh?
I?ll be looking over the logs so any questions, concerns?
Also, while I am looking over the logs, please go to Start > Run > type in sfc /scannow click OK
Let it run and let me know the outcome?
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
AfterDawn Addict
|
8. October 2008 @ 03:40 |
Link to this message
|
Also, please send me a fresh HJT Log.... TNX
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
8. October 2008 @ 13:40 |
Link to this message
|
@2oldgeek
i did the scan thing, and when it's almost complete, it asks me for a win xp cd2 , which i don't have. btw here's the HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38, on 2008-10-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: (no name) - {491AF6C5-21F2-46E1-C653-3DF529127D7B} - C:\WINDOWS\wcidBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {85CF4327-68DE-1974-B32E-766E84A9706C} - C:\WINDOWS\wcidBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Personal Firewall] C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Norton Confidence Online - {144FDEB7-A23D-4D39-A00E-AA44195535B6} - C:\WINDOWS\wcidButton.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared...01/mcinsctl.cab
O16 - DPF: {CCC46940-DED0-476C-A27E-115B10DAE0B4} - http://td.nortonconfidenceonline.com/plug-in/WSAS.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\516\G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\516\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Personal Firewall Service (LavasoftFirewall) - Agnitum Ltd. - C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 10044 bytes
thank you again
hakuron
|
|
hakuron
Junior Member
|
8. October 2008 @ 13:56 |
Link to this message
|
|
btw, what's a flash drive???
|
AfterDawn Addict
|
9. October 2008 @ 00:42 |
Link to this message
|
@hakuron,
Let me know if your icons and toolbar are staying in place now?
You have a corrupt or missing System File. That is what we found out with the SFC /scannow..
If you have a friend that has a XP disk, see if you can borrow it to make the repairs to your computer.. Simply run sfc /scannow again and when it asks for a CD put it in the drive and it will find and replace the bad file??
The link I sent you for McAfee un-installer is still down but I found another one.
Download and run this to get rid of the old McAfee programs that are still running in your machine:
http://download.mcafee.com/products/lice...atches/MCPR.exe
Here are a few other things you need to do:
Your Adobe Reader is out of date.
Download and install -> Adobe Reader 9.0
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
Update Java using JavaRa
Please download JavaRa and unzip it to your desktop.
? Double-click on JavaRa.exe to start the program.
? Click on Remove Older Versions to remove the older versions of Java installed on your computer.
? Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
? A logfile will pop up. Please save it to a convenient location.
Then download and install Java Runtime Environment (JRE) 6 Update 7.
Java Runtime can be activated by websites, so if there is security vulnerability in any Java version on your machine, it can be exploited by a malicious site to infect your machine. Each new version of Java fixes security vulnerabilities, so it's extremely important to keep up to date, and it's auto-update mechanism isn't considered very reliable.
hakuron, I know you know what a Flash drive, Thumb drive, Pin drive, USB drive is?.
What is your F: Drive??? Either you or someone has plugged in a ?F? drive and it contains a Worm. Find it and we can clean it. Otherwise don?t plug it in??.
Let me know how everything is working.. any problems???
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
9. October 2008 @ 19:39 |
Link to this message
|
|
@2oldgeek
WOOHOO!! the Mcafee has finally been officially removed. i have updated Java and installed the new adobe reader. but there's still one slight problem, it seems that i have to type explorer.exe everytime after i restarted my computer to get my icons back. is there a way to make it stay there? and about the F drive, i'm not sure where you see it, because on the 'my computer' window, i don't see any F drive. only C, A, D, E , and G
you're the best
hakuron
|
AfterDawn Addict
|
10. October 2008 @ 09:05 |
Link to this message
|
@hakuron,
Will be away for a few days but when I return, hopefully, I can come up with a solution to get your desktop to load properly. Hang in there?. 
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
AfterDawn Addict
|
12. October 2008 @ 23:11 |
Link to this message
|
@ hakuron,
Originally posted by hakuron:
about the F drive, i'm not sure where you see it, because on the 'my computer' window, i don't see any F drive.
You won?t be able to see it until it?s plugged in. When you plug in a flash drive the system initializes it and places a key in the registry.
The registry key shows up in ComboFix:
Quote:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47067ed8-ba1a-11da-ae51-0014a55dc70c}]
\Shell\AutoRun\command - F:\q83iwmgf.bat
\Shell\explore\Command - F:\q83iwmgf.bat
\Shell\open\Command - F:\q83iwmgf.bat
This tells me that you have had a memory device connected to your computer and it loaded a file called q83iwmgf.bat which is a Bad file. See ->> q83iwmgf.bat - HERE
That file is no longer in your computer, but if you connect that device without cleaning it you will be re-infected?.
Originally posted by hakuron:
i did the scan thing, and when it's almost complete, it asks me for a win xp cd2
As I said, this is a sign of a corrupted System file that needs to be replaced before Explorer can load properly..
Since you have no CD did you check with all your friends, cousins, neighbors, etc. and maybe beg or borrow a CD from one of them???
Maybe we can do a work around the problem or if we are lucky, there may be a file on your drive?.
Use windows explorer and navigate to C:\Windows\ - then look for a Folder named I386
Let me know if you find this folder and we can go from there?..
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
13. October 2008 @ 17:23 |
Link to this message
|
@2oldgeek
Hmmm... the only flash drive that i could think of is my ipod and my usb stick drive. so do i plug in my usb memory stick and scan it with avast?
well about the CD, i would have to wait for my friend to come back from her vacation and that would be around the end of this month. if this doesn't bother you, then i could get the CD from her when she gets back.
and about the i386 folder, i've found it, but it's not in C:\windows\. i found it in C:\ instead
you are sure one busy person, you travel a lot. :)
thanks
hakuron
|
AfterDawn Addict
|
13. October 2008 @ 22:09 |
Link to this message
|
@ hakuron,
We?ll get to your USB stick drive later..
First, please do a little checking for me.
Check and let me know the Size of the C:\i386 Folder. It should be around 456 MB.
Next:
Use Regedit, goto Start > Run > regedit then navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
In the right pane of Setup, look at SourcePath and let me know what is in the Data column.. it will probably be a path to your CD Drive but I need to know what it is.
Next, navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
I need to know if this folder ( explorer.exe ) is in the registry??
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 13. October 2008 @ 22:11
|
|
hakuron
Junior Member
|
14. October 2008 @ 02:37 |
Link to this message
|
@2oldgeek
around 456 mb?? my i386 folder says it's 1.13 GB. quite a large difference...
and Quote:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
In the right pane of Setup, look at SourcePath and let me know what is in the Data column..
it says C:\
and Quote:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
i can't find explorer.exe folder in the registry. is this a bad thing?
thanks
hakuron
|
AfterDawn Addict
|
14. October 2008 @ 04:08 |
Link to this message
|
@ hakuron,
Scratching my head??. If i386 is in C:\ and the registry is pointing to C:\ then WHY is sfc /scannow asking for a CD to be inserted??????????
Quote:
i can't find explorer.exe folder in the registry. is this a bad thing?
Yes and No? It?s not supposed to be there, but if it were it might be the problem?.
Check the registry for this one:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon
And the value should be shell="explorer.exe"
Let me know??.
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
hakuron
Junior Member
|
14. October 2008 @ 14:13 |
Link to this message
|
|
yes it is. Shell Data: Explorer.exe
|
AfterDawn Addict
|
15. October 2008 @ 00:34 |
Link to this message
|
@ hakuron,
I can find nothing on your computer that would cause explorer not to start except a missing/corrupt System File.. 
That means the only way to fix it is to get a System CD and run SFC /scannow?.
By the way, since I have been digging at this, I forgot to tell you that your Java is out of date..
And yes, I would plug-in the memory stick and run an AV on it..
When you come up with a CD, run it and let me know the outcome, please.
Update Java using JavaRa
Please download JavaRa and unzip it to your desktop.
? Double-click on JavaRa.exe to start the program.
? Click on Remove Older Versions to remove the older versions of Java installed on your computer.
? Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
? A logfile will pop up. Please save it to a convenient location.
Then download and install Java Runtime Environment (JRE) 6 Update 7.
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
Advertisement
|
|
|
|
hakuron
Junior Member
|
17. October 2008 @ 13:37 |
Link to this message
|
|
@2oldgeek
Ok, I will update you as soon as i have the disk. *fingers crossed* and i thought you already told me to update Java from the previous post. is this a different one?
thanks for looking out for me
hakuron
|
|
