i've followed the steps here: http://forums.afterdawn.com/thread_view.cfm/671553 I've done steps 1,3,4,5. (read below for #2) I just had a major virus attack, which i managed to clear after scanning using AVG. However i'm left with a few problems which i'm unable to fix. 1# I'm unable to complete Step #2 on the above link as i'm unable to connect to sites such as: Kapsersky WebSacanner, Symantec, Trend Micro HouseCall, etc. 2# I'm unable to preform a system restore, no matter how many times i click the next button it wont work. 3# I recieve a popup message from the icon tray stating: The file or directory C:\WINDOWS\System32\Drivers\restore.sys is corrupt and unreadable. Please run Chkdsk Utility. 4# I'm unable to run Chkdsk Utility on drive C: as i'm given the error: Disk Defragmenter has detected that Chkdsk is scheduled to run on the volume: (C. Please run Chkdsk /f. (which i've done and still have this problem). 5# I'm unable to start the Error-checking Tool, i receive a error: Windows was unable to complete the disk check. 6# I keep receiving Internet Explorer crashes, even though i haven't launched it. ----------------- Hijack This Log ---------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:26:02, on 15/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\3361\SVCHOST.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\MioNet\MioNetManager.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\MioNet\jvm\bin\MioNet.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Family Safety\fssui.exe C:\WINDOWS\System32\reader_s.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Admin\reader_s.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\5.tmp C:\WINDOWS\system32\cmd.exe C:\WINDOWS\services.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\6.tmp C:\WINDOWS\system32\cmd.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\services.exe C:\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\Admin\LOCALS~1\Temp\995042894.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\svchost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: (no name) - {c0a148e3-b5d6-4119-8ea9-ce2877231186} - C:\WINDOWS\system32\kijanufu.dll O2 - BHO: C:\WINDOWS\system32\zfgh83jg3.dll - {D5BF49A0-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\zfgh83jg3.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" O4 - HKLM\..\Run: [Rburowowo] rundll32.exe "C:\WINDOWS\ogaxifokelod.dll",e O4 - HKLM\..\Run: [vuwebiyoye] Rundll32.exe "C:\WINDOWS\system32\wigofota.dll",s O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe O4 - HKLM\..\Run: [6079846b] rundll32.exe "C:\WINDOWS\system32\devudaza.dll",b O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe /p O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe O4 - HKLM\..\Run: [CPM634ab7f7] Rundll32.exe "c:\windows\system32\mafiyeso.dll",a O4 - HKLM\..\RunOnce: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [] C:\DOCUME~1\Admin\LOCALS~1\Temp\f0ukpmqkb.exe O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Admin\reader_s.exe O4 - HKCU\..\Run: [Diagnostic Manager] C:\DOCUME~1\Admin\LOCALS~1\Temp\995042894.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [vuwebiyoye] Rundll32.exe "C:\WINDOWS\system32\wigofota.dll",s (User '?') O4 - HKUS\S-1-5-21-796845957-1303643608-1801674531-1003\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User '?') O4 - HKUS\S-1-5-21-796845957-1303643608-1801674531-1003\..\Run: [] C:\DOCUME~1\Admin\LOCALS~1\Temp\f0ukpmqkb.exe (User '?') O4 - HKUS\S-1-5-21-796845957-1303643608-1801674531-1003\..\Run: [reader_s] C:\Documents and Settings\Admin\reader_s.exe (User '?') O4 - HKUS\S-1-5-21-796845957-1303643608-1801674531-1003\..\Run: [Diagnostic Manager] C:\DOCUME~1\Admin\LOCALS~1\Temp\995042894.exe (User '?') O4 - HKUS\S-1-5-21-796845957-1303643608-1801674531-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\TEMP\alu4ahf.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\alu4ahf.exe (User 'Default user') O4 - S-1-5-21-796845957-1303643608-1801674531-1003 Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User '?') O4 - S-1-5-18 Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User '?') O4 - .DEFAULT Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\lspkcu.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1212323504049 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O20 - AppInit_DLLs: mjuort.dll vghyeo.dll c:\progra~1\ThunMail\testabd.dll C:\WINDOWS\system32\fenedemu.dll c:\windows\system32\mafiyeso.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\mafiyeso.dll O22 - SharedTaskScheduler: jkxg983iksnf934uitmgs3gt - {B2BA40A2-74F3-42BD-F434-2604812C8954} - C:\WINDOWS\system32\hsf73ikmdf3f.dll O22 - SharedTaskScheduler: lkjf9873jhifjnsfi8w3fe - {D5BF49A0-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\zfgh83jg3.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\mafiyeso.dll O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing) O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: MioNet - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing) O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing) O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe (file missing) O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing) O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing) O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing) -- End of file - 10079 bytes
Hi akmon911, This is the largest collection of Trojans/Malware/Backdoors/Worms/Spyware that I have seen in years. There is NO AntiVirus and NO Firewall, if the windows firewall is turned on it is probably disabled… My best assessment would be to Re-Formal/Re-Install your OS….. If you don’t have the means or ability to do that, I can assist you in trying to clean it.. That will take some time, I will give it my best shot, but is NOT guaranteed to solve All the problems… Let me know what you decide…. 2oG
i had my friend create this thread for me earlier, i'm currently running virus/spyware scanner to try clean up the computer. Scanning With: Malwarebyte, Avast, Spybot Search And Destroy, SuperAntiSpyware, and currently scanning with Avira & Google Updater (which include a spyware doctor). (recomended by a friend) I know i may have to re-install os, but i'm attempting to clear up before i do, and too keep this as a last resort. Are there any other clean up steps i could take? And if i do re-install OS what scanners/firewalls are recomended that i install? thank you for your quick reply. J
Thesaint2, Hey, sorry for the delay, I’ve been out of town and pretty busy……. : ) If you intend to re-install your OS, I wouldn’t even bother with trying to clean it. When you re-install, I’ll recommend 3 programs to keep you on the clean side.. Avira Antivir – free Comodo BoClean – Free SpywareBlaster – Free I have tested and used these for years and they work! If you decide you want to clean it, just let me know and post some logs. I’ll lend as much help as I can.. 2oG
Sorry for the late reply, i've re-installed Windows and its seemed to have fixed all the errors, however 1-2 weeks later i noticed that my windows firewall kept turning off even though i turned it back on, i hope that this isn't another attack. Heres my new Hijack this list: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:47:04 PM, on 4/25/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\xnev.exe C:\Program Files\Xfire\Xfire.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Downloads\Software\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe c:\lsass.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://atlantica.ndoorsgames.com/ O2 - BHO: C:\WINDOWS\system32\sjg9s8guigjs.dll - {b2ba40a2-74f0-42bd-f434-12345a2c8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll O2 - BHO: (no name) - {C471F537-5D60-4C5B-AE21-652ADE3C8ACF} - c:\windows\system32\ttsnlje.dll O4 - HKLM\..\Run: [3501] C:\xnev.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - S-1-5-18 Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\dopifadi.dll,c:\progra~1\ThunMail\testabd.dll O20 - Winlogon Notify: tovaozxu - C:\WINDOWS\SYSTEM32\ttsnlje.dll O22 - SharedTaskScheduler: jso8joigm409gopgmrlgd - {B2BA40A2-74F0-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 4258 bytes Thanks for your help
You are infected again… Here is my analysis of your Log: c:\lsass.exe BACKDOOR ADDED BY Troj/DwnLdr-GWE O2 - BHO: C:\WINDOWS\system32\sjg9s8guigjs.dll - {b2ba40a2-74f0-42bd-f434-12345a2c8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll ROGUE SECURITY PROGRAM O2 - BHO: (no name) - {C471F537-5D60-4C5B-AE21-652ADE3C8ACF} - c:\windows\system32\ttsnlje.dll UNKNOWN TROJAN O20 - AppInit_DLLs: C:\WINDOWS\system32\dopifadi.dll,c:\progra~1\ThunMail\testabd.dll WORM O20 - Winlogon Notify: tovaozxu - C:\WINDOWS\SYSTEM32\ttsnlje.dll UNKNOWN TROJAN O22 - SharedTaskScheduler: jso8joigm409gopgmrlgd - {B2BA40A2-74F0-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll FRAUDULENT SECRUITY PROGRAM O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ ??? PROBABLY MESSING UP YOUR UPDATES I don’t see an AntiVirus or an Anti Trojan like BoClean. MalwareBytes is great for cleaning your machine but doesn’t really offer very good protection. I do not recommend Spy Sweeper, Spyware Doctor, Spybot, or Ad-Aware. At one time all of them were considered premier tools. A lot has changed over the years, as malware has become much more complex, and all of the aforementioned programs have inferior detection/removal capabilities compared to the newer tools. Please do not waste your time using them. As I suggested; Avira Antivir, SpywareBlaster, Comodo BoClean and the windows firewall is just about the minimum protection you should have before going on the internet. The unidentified Trojan that I see in your Log may be FWKillr. It will kill your firewall and allow More Trojans to enter and infect your machine. If you had installed BoClean, it would have stopped it and the other infections that you now have… I’ll be off for a few days, so if you want to clean your machine, just give me a Go and I’ll work up a set of Fixes.. If you can follow my instructions and install the software that I’ll recommend you won’t have to come back for a very long time.. : ) 2oG
