Windows XP Task Manager starts and instantly teminates
- knapkin
- Born
- Joined: Sep 11, 2004
- Posts: 4
- Status: Offline
September 11th, 2004, 8:40 pm
i cant find anything in add/remove to do with my web, my bar or anthing
- Anonymous
- Bot
- Joined: 25 Feb 2008
- Posts: ?
- Loc: Ozzuland
- Status: Online
September 11th, 2004, 8:40 pm
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 11th, 2004, 8:42 pm
Ok, no problem. Just hang tight and we'll get you fixed up. Do you have xp pro or home edition?
- knapkin
- Born
- Joined: Sep 11, 2004
- Posts: 4
- Status: Offline
September 11th, 2004, 8:44 pm
windows xp media edition, its professional with some new microsoft media stuff (pretty nice)
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 11th, 2004, 9:04 pm
Okay, first download pskill: http://www.sysinternals.com/ntw2k/freeware/pskill.shtml
Extract the contents of the zip archive (pskill.exe) to c:\windows\system32\
Next, copy the following into notepad and save it as "fix.cmd" with the quotes.
Next copy the following into anothe text file, "fix.txt"; this is what you will need to fix with hijack this:
Okay. Once you have copied everything and saved it, reboot into safe mode. Double click the file, "fix.cmd".
Next, run hijack this, scan and place a check beside the items listed in fix.txt. Click 'Fixed checked'.
Reboot, run hijack this, scan and save the log. There should be a text file on your desktop called log.txt. Post that and your new hijack this log. Hopefull, the problem will be taken care of by this time.
Extract the contents of the zip archive (pskill.exe) to c:\windows\system32\
Next, copy the following into notepad and save it as "fix.cmd" with the quotes.
Code: [ Select ]
@echo off
pskill active.exe >"%userprofile\desktop\log.txt"
pskill 2W.exe >>"%userprofile\desktop\log.txt"
attrib -r -s -h C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
attrib -r -s -h "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
attrib -r -s -h C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
regsvr32 /u /s C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
del C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
del "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
del C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
pskill active.exe >"%userprofile\desktop\log.txt"
pskill 2W.exe >>"%userprofile\desktop\log.txt"
attrib -r -s -h C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
attrib -r -s -h "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
attrib -r -s -h C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
regsvr32 /u /s C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
del C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
del "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
del C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
- @echo off
- pskill active.exe >"%userprofile\desktop\log.txt"
- pskill 2W.exe >>"%userprofile\desktop\log.txt"
- attrib -r -s -h C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
- attrib -r -s -h "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
- attrib -r -s -h C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
- regsvr32 /u /s C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
- del C:\active.exe >>"%userprofile\desktop\log.txt" >>"%userprofile\desktop\log.txt"
- del "C:\documents and settings\robert knapp\local settings\temp\2W.exe" >>"%userprofile\desktop\log.txt"
- del C:\WINDOWS\System32\kngncuji.dll >>"%userprofile\desktop\log.txt"
Next copy the following into anothe text file, "fix.txt"; this is what you will need to fix with hijack this:
Code: [ Select ]
O2 - BHO: (no name) - {19FF602A-C36C-5CCF-D652-64557CAC2737} - C:\WINDOWS\System32\kngncuji.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [MS Decryption Software] C:\active.exe
O4 - HKLM\..\Run: [2W] C:\documents and settings\robert knapp\local settings\temp\2W.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [MS Decryption Software] C:\active.exe
O4 - HKLM\..\Run: [2W] C:\documents and settings\robert knapp\local settings\temp\2W.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
- O2 - BHO: (no name) - {19FF602A-C36C-5CCF-D652-64557CAC2737} - C:\WINDOWS\System32\kngncuji.dll
- O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
- O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
- O4 - HKLM\..\Run: [MS Decryption Software] C:\active.exe
- O4 - HKLM\..\Run: [2W] C:\documents and settings\robert knapp\local settings\temp\2W.exe
- O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
- O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
- O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
- O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
Okay. Once you have copied everything and saved it, reboot into safe mode. Double click the file, "fix.cmd".
Next, run hijack this, scan and place a check beside the items listed in fix.txt. Click 'Fixed checked'.
Reboot, run hijack this, scan and save the log. There should be a text file on your desktop called log.txt. Post that and your new hijack this log. Hopefull, the problem will be taken care of by this time.
- under3p
- Born
- Joined: Sep 11, 2004
- Posts: 1
- Status: Offline
September 11th, 2004, 9:06 pm
Having the same problem with the task manager, etc.
here's my hijack this log:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\pctspk.exe
C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Archivos de programa\TELMEX\Prodigy Infinitum\app\TangoService.exe
C:\WINDOWS\System32\taskmqr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\ARCHIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\ARCHIV~1\TELMEX\PRODIG~1\app\TangoManager.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\tftp.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\ponchin\Configuración local\Archivos temporales de Internet\Content.IE5\6JU1IJ69\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.prodigy.com.mx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Archivos de programa\iMesh Light\iMeshBHO.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [TangoManager] C:\ARCHIV~1\TELMEX\PRODIG~1\app\TANGOM~1.EXE
O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\Run: [MSConfig] C:\EmergencyUtils\Copy_of_MSConfig.exe /auto
O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] flunkw.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKCU\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Shared ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{050067AD-6B3D-4DBE-B9BA-9910EC2C0B26}: NameServer = 200.33.146.217 200.33.146.209
here's my hijack this log:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\pctspk.exe
C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Archivos de programa\TELMEX\Prodigy Infinitum\app\TangoService.exe
C:\WINDOWS\System32\taskmqr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\ARCHIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\ARCHIV~1\TELMEX\PRODIG~1\app\TangoManager.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\tftp.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\ponchin\Configuración local\Archivos temporales de Internet\Content.IE5\6JU1IJ69\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.prodigy.com.mx/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Archivos de programa\iMesh Light\iMeshBHO.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [TangoManager] C:\ARCHIV~1\TELMEX\PRODIG~1\app\TANGOM~1.EXE
O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\Run: [MSConfig] C:\EmergencyUtils\Copy_of_MSConfig.exe /auto
O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] flunkw.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKCU\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Shared ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{050067AD-6B3D-4DBE-B9BA-9910EC2C0B26}: NameServer = 200.33.146.217 200.33.146.209
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 11th, 2004, 9:13 pm
Hello under3p, just hang tight and I will be with you in a moment. Welcome to Ozzu. 
- knapkin
- Born
- Joined: Sep 11, 2004
- Posts: 4
- Status: Offline
September 11th, 2004, 9:20 pm
Logfile of HijackThis v1.98.2
Scan saved at 12:19:52 AM, on 9/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Winad Client\Winad.exe
C:\WINDOWS\System32\EXPLORERZ.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winad Client\WinClt.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\PROGRA~1\AMERIC~1.0\waol.exe
C:\PROGRA~1\AMERIC~1.0\shellmon.exe
C:\PROGRA~1\AMERIC~1.0\aolwbspd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\aim.exe
C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [Windows Explorer] EXPLORERZ.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Windows Explorer] EXPLORERZ.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EE24AEC-7493-4A12-ADF8-9563F69241FB}: NameServer = 205.188.146.146
Scan saved at 12:19:52 AM, on 9/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Winad Client\Winad.exe
C:\WINDOWS\System32\EXPLORERZ.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winad Client\WinClt.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\PROGRA~1\AMERIC~1.0\waol.exe
C:\PROGRA~1\AMERIC~1.0\shellmon.exe
C:\PROGRA~1\AMERIC~1.0\aolwbspd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\aim.exe
C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [Windows Explorer] EXPLORERZ.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Windows Explorer] EXPLORERZ.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Documents and Settings\Tyler Knapp\Desktop\Shtuff\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EE24AEC-7493-4A12-ADF8-9563F69241FB}: NameServer = 205.188.146.146
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 11th, 2004, 9:28 pm
under3p, first download this file: http://www.sysinternals.com/files/pskill.zip
Extract pskill.exe to C:\windows\system32\
Next, copy the following command into notepad and save as, "fix.cmd". Include the quotes when saving,
Next, copy the following items into notepad and save as "fix.txt". These will be the items you will fix with Hijack This:
Once you have copied the above to the appropriate files, reboot into safe mode. Once in safe mode, double click "fix.cmd".
Next, run hijack this, scan, and place a check next to the items listed in fix.txt and click 'Fixed checked'.
Reboot, Run Hijack This, Scan, save the log. There should be a file called 'log.txt' on your desktop, Post that and your new Hijack This log here. Hopefully the problem will be fixed by this time. Good luck.
Extract pskill.exe to C:\windows\system32\
Next, copy the following command into notepad and save as, "fix.cmd". Include the quotes when saving,
Code: [ Select ]
@echo off
pskill taskmqr.exe >%userprofile\desktop\log.txt"
pskill winupdate.exe >>%userprofile\desktop\log.txt"
attrib -r -s -h C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
del C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
pskill taskmqr.exe >%userprofile\desktop\log.txt"
pskill winupdate.exe >>%userprofile\desktop\log.txt"
attrib -r -s -h C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
del C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
- @echo off
- pskill taskmqr.exe >%userprofile\desktop\log.txt"
- pskill winupdate.exe >>%userprofile\desktop\log.txt"
- attrib -r -s -h C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
- del C:\WINDOWS\System32\taskmqr.exe >>%userprofile\desktop\log.txt"
Next, copy the following items into notepad and save as "fix.txt". These will be the items you will fix with Hijack This:
Code: [ Select ]
O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] flunkw.exe
O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKCU\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKCU\..\RunServices: [Windows Media Player] taskmqr.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O4 - HKLM\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
O4 - HKLM\..\RunServices: [Windows Media Player] taskmqr.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] flunkw.exe
O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
O4 - HKCU\..\Run: [Windows Media Player] taskmqr.exe
O4 - HKCU\..\RunServices: [Windows Media Player] taskmqr.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
- O4 - HKLM\..\Run: [WindowsRegKey update] winupdate.exe
- O4 - HKLM\..\Run: [Windows Media Player] taskmqr.exe
- O4 - HKLM\..\RunServices: [WindowsRegKey update] winupdate.exe
- O4 - HKLM\..\RunServices: [Windows Media Player] taskmqr.exe
- O4 - HKLM\..\RunServices: [Microsoft Update Machine] flunkw.exe
- O4 - HKCU\..\Run: [WindowsRegKey update] winupdate.exe
- O4 - HKCU\..\Run: [Windows Media Player] taskmqr.exe
- O4 - HKCU\..\RunServices: [Windows Media Player] taskmqr.exe
- O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
- O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
Once you have copied the above to the appropriate files, reboot into safe mode. Once in safe mode, double click "fix.cmd".
Next, run hijack this, scan, and place a check next to the items listed in fix.txt and click 'Fixed checked'.
Reboot, Run Hijack This, Scan, save the log. There should be a file called 'log.txt' on your desktop, Post that and your new Hijack This log here. Hopefully the problem will be fixed by this time. Good luck.
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 11th, 2004, 9:32 pm
Knapkin, are you still having problems? also, post the contents of "log.txt" that's on your desktop.
- welly
- Newbie
- Joined: Sep 10, 2004
- Posts: 6
- Status: Offline
September 12th, 2004, 2:30 am
Just wanted to say thank you for your time and solving the problem so quickly. My friend's laptop is now running as good as new and even if he doesn't know what Task Manager, regedit and msconfig are at least I know that they are running okay!
Once again, thank you
welly
Once again, thank you
welly
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 12th, 2004, 12:43 pm
No problem. Glad things are working again.
- JrzyCrim
- Mastermind
- Joined: Mar 17, 2004
- Posts: 2062
- Status: Offline
September 12th, 2004, 1:34 pm
Anyone wanting to post their Hijack This log, please make a new topic with the title: Hijack This Log - Description of the problem.
This thread is becoming untenable.
Also, before posting your Hijack This Log, please use either Spybot S&D or Adaware.
See this thread for further resources: http://www.ozzu.com/mswindows-forum/highjackthis-and-spyware-removal-resources-and-tips-t31034.html
This thread is becoming untenable.
Also, before posting your Hijack This Log, please use either Spybot S&D or Adaware.
See this thread for further resources: http://www.ozzu.com/mswindows-forum/highjackthis-and-spyware-removal-resources-and-tips-t31034.html
To Reply to this topic you need to LOGIN or REGISTER. It is free.
Post Information
- Total Posts in this topic: 132 posts
- Users browsing this forum: No registered users and 92 guests
- You cannot post new topics in this forum
- You cannot reply to topics in this forum
- You cannot edit your posts in this forum
- You cannot delete your posts in this forum
- You cannot post attachments in this forum
