Anky 1 Posted May 19, 2019 Report Share Posted May 19, 2019 My laptop files encrypt with norvas ransom virus i tried many tools to decrypt but no effect take place after that i instal window 7 in my laptop my files still encrypted help me to decrpyt my files MACs: 50:7B:9D:42:68:F0, B6:6D:83:E0:81:FC, B6:6D:83:E0:81:FD, B4:6D:83:E0:81:FC No key for ID: TZJSkeJ4DTCXUnXpdCiXXExPiC8ea2s5LF4UOYOZ (.norvas ) _readme.txt 2016-09-23-09-20-53.jpg.norvas.fcciwooo.norvas Quote Link to post Share on other sites
Amigo-A 136 Posted May 19, 2019 Report Share Posted May 19, 2019 More precisely, you have collected all your encrypted files and reinstalled the OS Windows 7. Have you checked the saved files with an antivirus program, so as not to suffer again from a hidden infection? Have you installed anti-virus protection for 30 days or more? I hope this is not Free Antivirus, because none of the Free Antivirus will protect against encryptors. Quote Link to post Share on other sites
Amigo-A 136 Posted May 19, 2019 Report Share Posted May 19, 2019 If your files are encrypted and now have an .norvas extension, then this is the result of an attack from the STOP Ransomware. STOP Ransomware encrypts files of users in many countries due to the fact that they download and run hacked software (MS Windows, MS Office, other repacked or patched programs), from which someone removed the activation, making them free and dangerous at the same time due of this malicious code. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor.Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. If you need help checking your PC for malware, you can make a request in the next section. You can also download the free tool Emsisoft Emergency Kit yourself and check the computer. Quote Link to post Share on other sites
Amigo-A 136 Posted May 19, 2019 Report Share Posted May 19, 2019 After checking the PC and folders with encrypted files, you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance. Quote Link to post Share on other sites
Anky 1 Posted May 19, 2019 Author Report Share Posted May 19, 2019 3 hours ago, Anky said: My laptop files encrypt with norvas ransom virus i tried many tools to decrypt but no effect take place after that i instal window 7 in my laptop my files still encrypted help me to decrpyt my files Quote Link to post Share on other sites
Anky 1 Posted May 19, 2019 Author Report Share Posted May 19, 2019 I used stopdecrypted but it doent decrypt my files it showing error Quote Link to post Share on other sites
Amigo-A 136 Posted May 19, 2019 Report Share Posted May 19, 2019 Did you read the text file that was in the archive with the STOPDecrypter? Did you open the links 'Support Topic' and 'FAQ'? At these links is all the necessary information. Your now need to copy the information from the STOPDecrypter window and paste it here or on the Support Topic. Then Demonslay335 - the developer STOP Decrypter will see your information. Quote Link to post Share on other sites
Anky 1 Posted May 20, 2019 Author Report Share Posted May 20, 2019 19 hours ago, Amigo-A said: Did you read the text file that was in the archive with the STOPDecrypter? Did you open the links 'Support Topic' and 'FAQ'? At these links is all the necessary information. Your now need to copy the information from the STOPDecrypter window and paste it here or on the Support Topic. Download Image Then Demonslay335 - the developer STOP Decrypter will see your information. MACs: 50:7B:9D:42:68:F0, B6:6D:83:E0:81:FC, B6:6D:83:E0:81:FD, B4:6D:83:E0:81:FC No key for ID: TZJSkeJ4DTCXUnXpdCiXXExPiC8ea2s5LF4UOYOZ (.norvas ) Quote Link to post Share on other sites
Anky 1 Posted May 20, 2019 Author Report Share Posted May 20, 2019 MACs: 50:7B:9D:42:68:F0, B6:6D:83:E0:81:FC, B6:6D:83:E0:81:FD, B4:6D:83:E0:81:FC No key for ID: TZJSkeJ4DTCXUnXpdCiXXExPiC8ea2s5LF4UOYOZ (.norvas ) Quote Link to post Share on other sites
GT500 873 Posted May 20, 2019 Report Share Posted May 20, 2019 14 hours ago, Anky said: MACs: 50:7B:9D:42:68:F0, B6:6D:83:E0:81:FC, B6:6D:83:E0:81:FD, B4:6D:83:E0:81:FC No key for ID: TZJSkeJ4DTCXUnXpdCiXXExPiC8ea2s5LF4UOYOZ (.norvas ) I've forwarded your information to the creator of STOPDecrypter so that he can archive it in case he is able to figure out your decryption key at some future point. Quote Link to post Share on other sites
Anky 1 Posted May 21, 2019 Author Report Share Posted May 21, 2019 3 hours ago, GT500 said: I've forwarded your information to the creator of STOPDecrypter so that he can archive it in case he is able to figure out your decryption key at some future point. thanks sir, when n who will rply me Quote Link to post Share on other sites
GT500 873 Posted May 22, 2019 Report Share Posted May 22, 2019 23 hours ago, Anky said: thanks sir, when n who will rply me The screen name he uses here is Demonslay335, and he'll more than likely contact you directly if he's able to figure out your decryption key. Quote Link to post Share on other sites
Anky 1 Posted May 22, 2019 Author Report Share Posted May 22, 2019 4 hours ago, GT500 said: The screen name he uses here is Demonslay335, and he'll more than likely contact you directly if he's able to figure out your decryption key. if i move my encrypted data to new hard drive and formate my whole laptop and instal new window in it then also i can decrrypt my data Quote Link to post Share on other sites
Amigo-A 136 Posted May 22, 2019 Report Share Posted May 22, 2019 Dear Anky In principle, this can be done if you save all the files and notes on the redemption where they are. Sometimes files can be encrypted in several steps. Some are encrypted with one key, others with another, it depends on how your PC worked at the time of encryption - was turned on, then off, connected to the Internet or not. For Demonslay335 may need to search for files, if there are no other samples of the malicious file, that was active on your system. Wait for Demonslay335 answer and make the final decision. Quote Link to post Share on other sites
Anky 1 Posted May 22, 2019 Author Report Share Posted May 22, 2019 ok Quote Link to post Share on other sites
GT500 873 Posted May 22, 2019 Report Share Posted May 22, 2019 Let's get some logs from FRST and see if they show any signs of the ransomware (Demonslay335 still needs a copy of this variant of STOP/Djvu). You can find instructions for downloading and running FRST at the following link:https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: When FRST checks the Windows Firewall settings, Emsisoft Anti-Malware's Behavior Blocker will quarantine it automatically. This can be avoided by clicking "Wait, I think this is safe" in the notification that is displayed while FRST is scanning. Quote Link to post Share on other sites
GT500 873 Posted May 22, 2019 Report Share Posted May 22, 2019 FYI: While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums):https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it. Quote Link to post Share on other sites
Anky 1 Posted May 23, 2019 Author Report Share Posted May 23, 2019 after this software instal my web broweser opening automatically again n agin and new tab in tab browser FRST.txt Addition.txt Quote Link to post Share on other sites
Anky 1 Posted May 23, 2019 Author Report Share Posted May 23, 2019 after installing FRST, again 1 setup file is instaling showing in shutdown process,i looks like previous malware attack. Quote Link to post Share on other sites
Amigo-A 136 Posted May 23, 2019 Report Share Posted May 23, 2019 Anky I see several malicious files here. Do not do anything yet. Wait for a response from a support service specialist. Quote Link to post Share on other sites
GT500 873 Posted May 24, 2019 Report Share Posted May 24, 2019 14 hours ago, Anky said: after this software instal my web broweser opening automatically again n agin and new tab in tab browser FRST.txt 186.74 kB · 2 downloads Addition.txt 26.76 kB · 1 download Please download the following fixlist.txt file and save it to the Desktop:https://www.gt500.org/emsisoft/fixlist/anky/2019-05May-23/fixlist.txt NOTE: It's important that both files, the FRST download from earlier and the fixlist file, are in the same location or the fix will not work. If you need to, please copy the files from your Downloads folder to your desktop. Run the FRST download from earlier, and press the Fix button just once and wait. If for some reason the tool needs to restart your computer, please make sure you let the computer restart normally. After that let the tool complete anything it still needs to do. When finished FRST will generate a log on the Desktop (Fixlog). Please attach it to a reply. Quote Link to post Share on other sites
Anky 1 Posted May 24, 2019 Author Report Share Posted May 24, 2019 Fixlog.txt Quote Link to post Share on other sites
GT500 873 Posted May 24, 2019 Report Share Posted May 24, 2019 A lot of the things I saw in the log were missing when the fix was run. There are two likely explanations. Either another tool removed them before the fix was run, or there are infections on the system that keep changing their file names and load points in order to make removal more difficult. For now, run a Malware Scan with Emsisoft Emergency Kit (EEK) and quarantine anything it finds (do not click "Delete"), and be sure to save the report (you can view it after the scan and then save it from there) when it's done and attach it to a reply. You can download it at the following link:https://www.emsisoft.com/en/home/emergencykit/download/ After running the scan with EEK, please run another scan with FRST and post the new logs in a reply so that I can make sure that everything was taken care of. Note that if EEK wants to restart your computer after scanning that you should do so before running FRST again. Quote Link to post Share on other sites
Anky 1 Posted May 25, 2019 Author Report Share Posted May 25, 2019 scan_190525-055127.txtFRST.txtAddition.txt Quote Link to post Share on other sites
Kevin Zoll 309 Posted May 25, 2019 Report Share Posted May 25, 2019 Yes, the system is infected and we need to deal with the infection. Copy the below code to Notepad; Save As fixlist.txt to your Desktop.( ) [File not signed] C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr\wepgwdgyb2x.exe () [File not signed] C:\Users\ztl\AppData\Local\Temp\is-5AQ5N.tmp\wepgwdgyb2x.tmp HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1467488971-3136232132-3031571334-1000\...\Run: [1033734] => C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr\wepgwdgyb2x.exe [991555 2019-05-23] ( ) [File not signed] HKU\S-1-5-21-1467488971-3136232132-3031571334-1000\...\Run: [KGFRH26AKSJ39OR] => "C:\Program Files\PIMTW8AM7I\PIMTW8AM7.exe" GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {094B6384-D554-4918-BBB7-9AEA4F942DFA} - \SaFubZhGCfsOVm -> No File <==== ATTENTION Task: {3F8B2663-3794-4E76-8548-B1C54F4443EB} - \nTrHDwdmtxKxoszUObi2 -> No File <==== ATTENTION Task: {B95B24C6-7EDF-4861-B750-D0C7078FEBA1} - \OUpEptiVIdUqL2 -> No File <==== ATTENTION Task: {BA02737B-86B2-45E9-B022-4AB49D85FD1A} - System32\Tasks\TmSipvT => C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\TmSipvT\TmSipvT.dll",TmSipvT <==== ATTENTION Task: {CF1A735C-A113-476A-9BD8-D983A9BB52C8} - \fstZwSPTafElMco2 -> No File <==== ATTENTION Task: {F2F57705-35E2-4C58-8E22-09A36610E517} - \fizLPSktsROBAcwlw2 -> No File <==== ATTENTION SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 2019-05-23 16:07 - 2019-05-25 05:58 - 000000000 ____D C:\Program Files\PIMTW8AM7I 2019-05-23 16:07 - 2019-05-23 16:07 - 000000000 ____D C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr 2019-05-23 15:57 - 2019-05-23 15:57 - 000003574 _____ C:\Windows\System32\Tasks\{3D41FDB2-4320-4EFD-9FC9-83A72ED3A206} 2019-05-23 15:50 - 2019-05-25 06:17 - 000016694 _____ C:\Windows\System32\Tasks\TmSipvT 2019-05-23 15:50 - 2019-05-20 14:29 - 000000000 ____D C:\Program Files (x86)\TmSipvT 2019-05-23 15:41 - 2019-05-25 05:57 - 000000000 ____D C:\Program Files\ZDNkYWMzZmFlNjJhNW 2019-05-23 15:38 - 2019-05-23 15:38 - 000000000 ____D C:\ProgramData\{BAD27D28-BDC4-637D-BCA0-FEEFBC47A7BE} 2019-05-23 15:38 - 2019-05-23 15:38 - 000000000 ____D C:\ProgramData\{419F7D00-BDEC-9830-94A0-B3149447EA45} 2019-05-22 03:43 - 2019-05-22 03:43 - 000000000 ____D C:\Users\ztl\Desktop\DDR - Memory Card Recovery Crack 2019-05-22 03:42 - 2019-05-23 16:07 - 000000000 ____D C:\Users\ztl\Desktop\DDR - Memory Card Recovery_Crack 2019-05-22 03:41 - 2019-05-22 03:42 - 000682246 _____ C:\Users\ztl\Downloads\DDR - Memory Card Recovery_Crack.zip 2019-04-30 01:51 - 2019-04-30 01:51 - 000000000 ____D C:\ProgramData\{72278A76-2A4C-36A0-3437-23BA34D07AEB} 2019-04-30 01:51 - 2019-04-30 01:51 - 000000000 ____D C:\ProgramData\{4F5FE989-49B3-0BD8-CB54-5B87CBB302D6} 2019-04-29 06:38 - 2019-04-29 06:38 - 000000000 ____D C:\4550e16ef551f1e2e5586a58faa2 2019-04-29 06:11 - 2019-04-29 06:11 - 000000000 ____D C:\1505a9811e8dc1099c1ee0701832 2019-05-23 16:07 - 2019-05-23 16:07 - 000991555 _____ ( ) [File not signed] C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr\wepgwdgyb2x.exe 2019-05-23 15:50 - 2019-05-20 14:29 - 003090944 _____ () [File not signed] C:\Program Files (x86)\TmSipvT\TmSipvT.dll 2019-05-25 05:59 - 2008-10-15 16:44 - 000205312 _____ () [File not signed] C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\itdownload.dll 2019-05-25 05:59 - 2019-05-25 05:59 - 000715776 _____ () [File not signed] C:\Users\ztl\AppData\Local\Temp\is-5AQ5N.tmp\wepgwdgyb2x.tmp 2019-05-25 05:59 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [File not signed] C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\idp.dll 2019-05-25 05:59 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [File not signed] C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\psvince.dll C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr\wepgwdgyb2x.exe C:\Users\ztl\AppData\Roaming\ci4pu1lgfyr C:\Users\ztl\AppData\Local\Temp\is-5AQ5N.tmp\wepgwdgyb2x.tmp C:\Users\ztl\AppData\Local\Temp\is-5AQ5N.tmp C:\Program Files\PIMTW8AM7I\PIMTW8AM7.exe C:\Program Files\PIMTW8AM7I C:\Program Files (x86)\TmSipvT\TmSipvT.dll C:\Program Files (x86)\TmSipvT C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\idp.dll C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\itdownload.dll C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmp\psvince.dll C:\Users\ztl\AppData\Local\Temp\is-17UKO.tmpClose Notepad.NOTE: It's important that both files, FRST64, and fixlist.txt are in the same location or the fix will not work.NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.NOTE: If the tool warns you about an outdated version please download and run the updated version. Quote Link to post Share on other sites
Anky 1 Posted May 26, 2019 Author Report Share Posted May 26, 2019 Fixlog.txt Quote Link to post Share on other sites
GT500 873 Posted May 26, 2019 Report Share Posted May 26, 2019 OK, good. That fix appears to have been more successful. Let's verify that it removed everything by running another scan with FRST. If everything has gone well, the logs should show no further signs of infection. Quote Link to post Share on other sites
Anky 1 Posted May 26, 2019 Author Report Share Posted May 26, 2019 So now i have to run scan with frst64 or press fix button Quote Link to post Share on other sites
Anky 1 Posted May 26, 2019 Author Report Share Posted May 26, 2019 i run another scan with frst64 asyou say so last scan file is attach with with t his rply FRST.txt Quote Link to post Share on other sites
Amigo-A 136 Posted May 26, 2019 Report Share Posted May 26, 2019 Anky Please, be patient. Support specialists may not respond during the weekend. This is indicated in the forum rules. Among other things, I want to note that your Google Chrome browser is also infected. Reset its settings, replace the start page with google.com, remove third-party extensions. What is now ruling there can lead your browser to sites that have become the cause of infection and encryption. Quote Link to post Share on other sites
Amigo-A 136 Posted May 26, 2019 Report Share Posted May 26, 2019 On your system now there are several antivirus and support programs. This does not enhance protection, but only hinders. It is advisable to remove everything and install one, but a comprehensive anti-virus solution that will control all possible ways of penetration of malicious programs, including through remote access. For Windows Professional, you must install all critical patches from Microsoft, including to protect the RDP from all known vulnerabilities. STOP Ransomware, which attacked your PC, uses a very tricky method, which is associated with the penetration through the RDP-utility, which free antiviruses always miss. Quote Link to post Share on other sites
Anky 1 Posted May 26, 2019 Author Report Share Posted May 26, 2019 i reset my google chrome browser and uninstall other antivirus , now tell me whats next Quote Link to post Share on other sites
GT500 873 Posted May 27, 2019 Report Share Posted May 27, 2019 Beyond the browser hijacker that effected Google Chrome, I don't see anything else that looks malicious in the logs, so you should be good. I noted that while you had Malwarebytes Anti-Malware, HitmanPro, and some Trend Micro Screen Unlocker tool you don't appear to have a real anti-virus software with real-time protection installed (unless you had real-time protection enabled in Malwarebytes Anti-Malware, which I think they just call "Malwarebytes 3" now). If you are relying on Windows Defender to protect your computer, then I recommend getting a paid anti-virus software to supplement it. Most paid anti-virus software offers a 30-day free trial, including Emsisoft Anti-Malware, so I highly recommend finding something you like and not depending on free protection. Quote Link to post Share on other sites
Amigo-A 136 Posted May 27, 2019 Report Share Posted May 27, 2019 6 hours ago, GT500 said: Malwarebytes Anti-Malware, HitmanPro, and some Trend Micro Screen Unlocker there is still avast Quote Link to post Share on other sites
Amigo-A 136 Posted May 27, 2019 Report Share Posted May 27, 2019 There are some more vulnerable programs in the list that can be used by attackers. But they will be under control if there work Emsisoft Anti-Malware comprehensive anti-virus protection or another, which has Internet Security in its name. Anky Tell me, did you install Avast, WinRAR and IObit yourself? There are cases when malicious programs, under the guise of these programs, have installed malware to carry out an attack. One file or several legitimate files of these programs can be hidden installed, and later will then be used by attackers to attack. Quote Link to post Share on other sites
Anky 1 Posted May 27, 2019 Author Report Share Posted May 27, 2019 Yes i installed these program myself Quote Link to post Share on other sites
Anky 1 Posted May 27, 2019 Author Report Share Posted May 27, 2019 Now i removed every tool and free virus protection software 1 Quote Link to post Share on other sites
Anky 1 Posted May 27, 2019 Author Report Share Posted May 27, 2019 5 hours ago, Anky said: Now i removed every tool and free virus protection sir now tell me what i have to do to decrypt my files Quote Link to post Share on other sites
GT500 873 Posted May 27, 2019 Report Share Posted May 27, 2019 3 hours ago, Anky said: now tell me what i have to do to decrypt my files All you have to do is wait until the maker of STOPDecrypter can come up with a solution for you. It may take a little bit if time, so please be patient. Quote Link to post Share on other sites
Anky 1 Posted May 28, 2019 Author Report Share Posted May 28, 2019 Ok sir Quote Link to post Share on other sites
Amigo-A 136 Posted May 28, 2019 Report Share Posted May 28, 2019 Do not leave your PC without protection even for a short time.Emsisoft Anti-Malware for 30 days free Quote Link to post Share on other sites
Anky 1 Posted May 28, 2019 Author Report Share Posted May 28, 2019 Thank u sir🤘 Quote Link to post Share on other sites
Anky 1 Posted May 30, 2019 Author Report Share Posted May 30, 2019 Any update sir Quote Link to post Share on other sites
GT500 873 Posted June 1, 2019 Report Share Posted June 1, 2019 On 5/30/2019 at 5:16 PM, Anky said: Any update sir If the creator of STOPDecrypter is able to figure out your key, then he'll contact you directly to let you know. Quote Link to post Share on other sites
Anky 1 Posted June 1, 2019 Author Report Share Posted June 1, 2019 Ok sir Quote Link to post Share on other sites
Anky 1 Posted June 1, 2019 Author Report Share Posted June 1, 2019 Tell me one thing if i take backup of my encrypted data on any exeternal hard drive and i install new window on my laptop then also i can decrypt my data later when stop decryptor will contacy me Quote Link to post Share on other sites
Amigo-A 136 Posted June 3, 2019 Report Share Posted June 3, 2019 On 5/22/2019 at 4:02 PM, Amigo-A said: Dear Anky In principle, this can be done if you save all the files and notes on the redemption where they are. Sometimes files can be encrypted in several steps. Some are encrypted with one key, others with another, it depends on how your PC worked at the time of encryption - was turned on, then off, connected to the Internet or not. This has already been discussed before. Quote Link to post Share on other sites
GT500 873 Posted June 3, 2019 Report Share Posted June 3, 2019 On 6/1/2019 at 8:38 AM, Anky said: Tell me one thing if i take backup of my encrypted data on any exeternal hard drive and i install new window on my laptop then also i can decrypt my data later when stop decryptor will contacy me As Amigo-A pointed out, it should technically be safe as long as you keep backups of both the encrypted files and the ransom notes. Just be sure not to miss anything, as the odds of recovering data from a drive you have reformatted and reinstalled Windows on are extremely slim. 1 Quote Link to post Share on other sites
Anky 1 Posted June 3, 2019 Author Report Share Posted June 3, 2019 Thank u sir Quote Link to post Share on other sites
GT500 873 Posted June 3, 2019 Report Share Posted June 3, 2019 You're welcome. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.