Skip to main content

mat2

139 Posts

July 25th, 2005 16:00

Hi Mr Rich

 

I would be glad to help you with your computer problems. HijackThis logs take awhile to research. Please be patient with me. I know that you want your problems solved quicky, and I will work hard to help you. Please observe these rules while we work:

1. If you don't know, stop and ask! Don't keep going on. 2. Please reply to this thread. Do not start a new topic. If you can do those two things, everything should go smoothly

 

 

Mat2

In Training at Malware Removal

University , So could you

Message Edited by mat2 on 07-25-200506:55 PM

Message Edited by mat2 on 07-25-2005 06:55 PM

mat2

139 Posts

July 25th, 2005 19:00

Hi MrRich

 

NOTE : You may want to print out these instructions or save them as a text file with Notepad to your desktop because we will be restarting into Safe Mode later on in the fix and you might not be able to access the Internet. Read this instructions carefully and feel free to ask if you're unsure about something.

 

 

The first thing you need to download the Latest Hijack This from http://www.merijn.org/files/hijackthis.zip

 

We'll need to move HiJackThis.exe out of a temporary directory and into a directory of its own, preferably C:\HJT (creating the folder if necessary). The reason behind this is that HJT creates backups of every "fix" we do in the folder it's running in. If we happen to "fix" something and need it later on, there is a very good chance that, by that time, that TEMP directory could be purged and our backups would be lost. If you need a detailed tutorial or just a better explanation as to why, please http://russelltexas.com/malware/createhjtfolder.htm.

 

Also you need to update your windows XP with the latest Service packs and critical updates from Microsoft here http://windowsupdate.microsoft.com/.

 

 

The next thing you need to do as follows:

 

  • Goto Start, Then Run
  • Type MSCONFIG, press Enter
  • Select the Startup tab. Then check all the Unchecked items.
  • Press Apply, then Ok
  • Restart windows

 

When Windows restarts a message will appear press Ok

 

Please can you post a new log.

 

Mat2

In Training at Malware Removal University , So could you

Message Edited by mat2 on 07-26-2005 05:41 PM

Mr Rich

136 Posts

July 28th, 2005 23:00

Hi mat2,

Thanks for the response.

I will follow your directions and create a new folder. Also will check the item in msconfig and post a new log. My brother is out of town doing some research on our family history so it may take a few days. I will get back when he gets back. Thanks again.

Rich

mat2

139 Posts

July 29th, 2005 10:00

Hi Mr Rich
 
Thanks for letting us know
 
 
 
Mat2

In Training at Malware Removal University , So could you

Mr Rich

136 Posts

August 5th, 2005 23:00

Greetings,

I'm back. My brother's got a lot of work involved in the family history on his computer and he doesn't really want to install Microsoft's Service Packs until he's done. Can't seem to get his CD burner working on his Compaq so he has no way to backup his files. I checked everything in msconfig and put HJT in C: drive and ran it. Here's the Startup and Log File.

Once again: Thanks for any help.

Startup .....................................................................................................................................

StartupList report, 7/31/2005, 9:53:54 AM
StartupList version: 1.52.2
Started from : C:\HJT\HijackThis.EXE
Detected: Windows XP  (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================
 
Running processes:
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\HJT\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
 
--------------------------------------------------
 
Checking Windows NT UserInit:
 
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
 
NAV Agent = C:\PROGRA~1\NORTON~1\navapw32.exe
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
SSC_UserPrompt = C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
System = C:\WINDOWS\System32\kernels32.exe
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
 
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
winrnr = C:\WINDOWS\System32\winrnr.exe
ltimg11n = C:\WINDOWS\System32\ltimg11n.exe
ir41_qcx = C:\WINDOWS\System32\ir41_qcx.exe
 
--------------------------------------------------
 
Load/Run keys from C:\WINDOWS\WIN.INI:
 
load=*INI section not found*
run=*INI section not found*
 
Load/Run keys from Registry:
 
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=mad.dll
 
--------------------------------------------------
 
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
 
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
 
Shell & screensaver key from Registry:
 
Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr
drivers=*Registry value not found*
 
Policies Shell key:
 
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
 
--------------------------------------------------
 

Enumerating Browser Helper Objects:
 
(no name) - (no file) - SOFTWARE
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {3D8A06ED-FF1B-41AF-8744-E7EF29D95D24}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {4887CE34-8A91-44E9-A61B-34F1254E784B}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {7B9F24CF-BDDE-4675-B894-9C8D4C6FBE7E}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {7EA2ECDA-590E-4F75-9C72-E0D80A66BEBB}
(no name) - (no file) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {A1C0A78F-A833-45CE-BCC9-92AD02FB6ED9}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {B171FEC8-4E36-47B4-B2F1-EE7ABDE6D0FA}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {B9156E9D-3F9B-431C-B32C-FBA7A2E5B461}
(no name) - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {C67D2CF8-00C7-49D9-A223-D7BEA56F330C}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {DA51AB3F-2978-4994-AA36-914E19C4BB8B}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {F6D7C63A-C30A-4E4E-A6D8-56BBDF21EF25}
(no name) - C:\Program Files\CSBB\CSBB.dll (file missing) - {F952BE02-0FD8-4F90-9F40-42A3EDA47A04}
 
--------------------------------------------------
 
Enumerating Task Scheduler jobs:
 
Norton AntiVirus - Scan my computer.job
Symantec NetDetect.job
 
--------------------------------------------------
 
Enumerating Download Program Files:
 
[{0335A685-ED24-4F7B-A08E-3BD15D84E668}]
CODEBASE = http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab
 
[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
 
[{1D0D9077-3798-49BB-9058-393499174D5D}]
CODEBASE = file://c:\counter.cab
 
[YInstStarter Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yinsthelper.dll
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
 
[CWDL_DownLoadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CWDL_DownLoad.dll
CODEBASE = http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
 
[MFInstall Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MFInstall.ocx
CODEBASE = http://c.ancestry.com/MFInstall/MFInstall.cab
 
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 
--------------------------------------------------
 
Enumerating ShellServiceObjectDelayLoad items:
 
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
 
--------------------------------------------------
End of report, 7,253 bytes
Report generated in 0.270 seconds
 
Command line options:
  /verbose  - to add additional info on each section
  /complete - to include empty sections and unsuspicious data
  /full     - to include several rarely-important sections
  /force9x  - to include Win9x-only startups even if running on WinNT
  /forcent  - to include WinNT-only startups even if running on Win9x
  /forceall - to include all Win9x and WinNT startups, regardless of platform
  /history  - to list version history only
 
Log File .................................................................................................................................................
 
Logfile of HijackThis v1.99.0
Scan saved at 9:46:24 AM, on 7/31/2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\HJT\HijackThis.exe
 
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {3D8A06ED-FF1B-41AF-8744-E7EF29D95D24} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4887CE34-8A91-44E9-A61B-34F1254E784B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7B9F24CF-BDDE-4675-B894-9C8D4C6FBE7E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7EA2ECDA-590E-4F75-9C72-E0D80A66BEBB} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O2 - BHO: (no name) - {A1C0A78F-A833-45CE-BCC9-92AD02FB6ED9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B171FEC8-4E36-47B4-B2F1-EE7ABDE6D0FA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B9156E9D-3F9B-431C-B32C-FBA7A2E5B461} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C67D2CF8-00C7-49D9-A223-D7BEA56F330C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {DA51AB3F-2978-4994-AA36-914E19C4BB8B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F6D7C63A-C30A-4E4E-A6D8-56BBDF21EF25} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F952BE02-0FD8-4F90-9F40-42A3EDA47A04} - C:\Program Files\CSBB\CSBB.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [winrnr] C:\WINDOWS\System32\winrnr.exe
O4 - HKCU\..\Run: [ltimg11n] C:\WINDOWS\System32\ltimg11n.exe
O4 - HKCU\..\Run: [ir41_qcx] C:\WINDOWS\System32\ir41_qcx.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {4226E9B7-D637-40E8-893A-13298AB41477} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {AFDD01B0-7ABB-11D9-9669-0800200C9A66} (MFInstall Class) - http://c.ancestry.com/MFInstall/MFInstall.cab
O20 - AppInit_DLLs: mad.dll
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PCTEL Speaker Phone - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

mat2

139 Posts

August 6th, 2005 07:00

Welcome back :smileyhappy:

 

Thanks for the new logs, i will go over them and report back shortly

mat2

139 Posts

August 6th, 2005 15:00


Hi Mr Rich

You may want to print out these instructions or save them as a text file with Notepad to your desktop because we will be restarting into Safe Mode later on in the fix and you might not be able to access the Internet. Read this instructions carefully and feel free to ask if you're unsure about something

1. Restart your computer. As your computer restarts, repeatedly press the F8 key on your keyboard until the Windows Advanced Options menu appears.
2. Use the arrow key to select Safe Mode, and then press ENTER.
3. Use an arrow key to select an operating system and press ENTER.
4. When prompted whether you want your Windows to run in safe mode, click Yes.

Next please run HijackThis, click Scan, and check the following:

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O2 - BHO: (no name) - {3D8A06ED-FF1B-41AF-8744-E7EF29D95D24} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4887CE34-8A91-44E9-A61B-34F1254E784B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7B9F24CF-BDDE-4675-B894-9C8D4C6FBE7E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7EA2ECDA-590E-4F75-9C72-E0D80A66BEBB} - C:\Program Files\CSBB\CSBB.dll (file missing)

O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O2 - BHO: (no name) - {A1C0A78F-A833-45CE-BCC9-92AD02FB6ED9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B171FEC8-4E36-47B4-B2F1-EE7ABDE6D0FA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B9156E9D-3F9B-431C-B32C-FBA7A2E5B461} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C67D2CF8-00C7-49D9-A223-D7BEA56F330C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {DA51AB3F-2978-4994-AA36-914E19C4BB8B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F6D7C63A-C30A-4E4E-A6D8-56BBDF21EF25} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F952BE02-0FD8-4F90-9F40-42A3EDA47A04} - C:\Program Files\CSBB\CSBB.dll (file missing)
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe

O4 - HKCU\..\Run: [winrnr] C:\WINDOWS\System32\winrnr.exe
O4 - HKCU\..\Run: [ltimg11n] C:\WINDOWS\System32\ltimg11n.exe
O4 - HKCU\..\Run: [ir41_qcx] C:\WINDOWS\System32\ir41_qcx.exe
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab

O20 - AppInit_DLLs: mad.dll



Press Fix Checked, HJT will prompt you to confirm if you would like to remove those items, select Yes.

Click Start. Open My Computer.
Select the Tools menu and click Folder Options. Select the View Tab.
Under the Hidden files and folders heading select "Show hidden files and folders".
Uncheck the "Hide protected operating system files (recommended)" option.
Uncheck the "Hide file extensions for known file types" option.
Click Yes to confirm. Click OK.

Please delete these folders using Windows Explorer(if present):

C:\Program Files\CSBB

Please delete these files using Windows Explorer(if present):

C:\WINDOWS\System32\ir41_qcx.exe
C:\WINDOWS\System32\ltimg11n.exe
C:\WINDOWS\System32\winrnr.exe
C:\WINDOWS\System32\kernels32.exe



Next restart windows back into normal mode and post another HJT log back into this thread, thanks :smileyhappy:


 





Mat2





In Training at Malware Removal
University , You too could train to help others




Threads will be considered closed 7 days after the last posting.



Message Edited by mat2 on 08-06-2005 05:10 PM

Message Edited by mat2 on 08-06-2005 05:23 PM

Mr Rich

136 Posts

August 10th, 2005 23:00

Thanks mat2

I printed out your instructions. It'll be a while before I get a chance to use it but after I do I'll post another Log File.

Thanks Again

Rich

mat2

139 Posts

August 11th, 2005 06:00

Hi Mr Rich

 

Thanks for your response, i'll wait to here from you

Thanks again for letting me know:smileyhappy:

Mat2


In Training at Malware Removal
University , You too could train to help others


Threads will be considered closed 7 days after the last posting.


mat2

139 Posts

September 10th, 2005 18:00

Hi I haven't heard for you for some time. So i am Posting this in your thread. Could you please let us know if you still requried any help If help is still required a new HJT log will need to be posted Thanks

 

user posted image
  user posted image
 

 

Message Edited by mat2 on 09-11-2005 07:50 PM

Was this post helpful?

View All

No Events found!

Top