Hi, All,
Does anybody know how to setup target machine with WinDbg in Windows
Vista system? As usual, I tried to change “boot.ini” file to add
“/debug…”, however, it doesn’t work.
Thanks in advance!
Shunnian
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Kernel Debugging
Interest List digest
Sent: Tuesday, October 25, 2005 1:00 PM
To: windbg digest recipients
Subject: windbg digest: October 24, 2005
WINDBG Digest for Monday, October 24, 2005.
- Re: Disassembling sources for “other” processor type
- RE: Some information needed on .kdfiles
- need help debugging
SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4), please - Re: need help debugging
SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4), please
Subject: Re: Disassembling sources for “other” processor type
From: Spiro Trikaliotis
Date: Mon, 24 Oct 2005 10:45:25 +0200
X-Message-Number: 1
Hello Doron,
* On Sun, Oct 23, 2005 at 12:24:33PM -0700 Doron Holan wrote:
> You can use the -z flag to open the binary as a dump file.
Thank you, this works like a charm!
To Tony: Thanks, yes, I already knew about IDA. Anyway, it seemed to be
much of an “overkill” to me to get and use something like IDA just for
disassembling, especially since WinDBG already has a debugger.
Regards,
Spiro.
–
Spiro R. Trikaliotis xxxxx@trikaliotis.net
University of Magdeburg http://www.trikaliotis.net/
IVS.EUK, P.O.Box 4120 Phone: +49-391-67-12566
39016 Magdeburg, Germany Fax: +49-391-67-11161
----------------------------------------------------------------------
Subject: RE: Some information needed on .kdfiles
From: “Arlie Davis”
Date: Mon, 24 Oct 2005 11:44:24 -0400
X-Message-Number: 2
In most cases, intercepting user-mode DLLs is a lot easier than
attaching
KD, .kdfiles, etc.
NT has supported the “.local” file since Windows 2000. If you are
debugging
“foo.exe”, created a file “foo.exe.local” in the same directory. (The
contents are ignored – only its existence is significant.) The DLL
loader
will then prefer DLLs found in the same directory as foo.exe. This lets
your app bind to preferred versions of C runtimes, or any DLL at all
that
you want.
Of course, this may not be what you want, if you want a certain DLL
replaced
for every potential client of the DLL. But it certainly is handy in
some
circumstances. If you DO want to replace a system DLL, you’ll need to
read
up on disabling System File Protection (SFP), which can only be done
while
KD is attached.
– arlie
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Takin
Nili-Esfahani
Sent: Friday, October 21, 2005 6:36 PM
To: Kernel Debugging Interest List
Subject: [windbg] Some information needed on .kdfiles
How does .kdfiles intercept the driver loading event? I ask because I
would
like to know if it is possible to use this feature to replace any binary
(e.g. a UM DLL), not just drivers.
—
You are currently subscribed to windbg as: xxxxx@stonestreetone.com To
unsubscribe send a blank email to xxxxx@lists.osr.com
----------------------------------------------------------------------
Subject: need help debugging
SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4), please
From: “Marco Peretti”
Date: Mon, 24 Oct 2005 17:51:40 +0200
X-Message-Number: 3
Hi!
a customer got back to us with what seems an interesting dump and I
would
appreciate some
help in understanding the dump. The driver works fine on 3400 computers
but
fails on 200 and, from what I have been told, these are mostly
sys-admins
computers which have additional software that end users do not have.
Our driver: f3436000 f346b000 pmsecdrv.sys
Our driver is a legacy driver and it cannot be stopped and I was
surprised
to find it in the “unloaded modules” list when I tried the lm command
(see
later on).
Q: Do I have to deduce that the system was shutting down?
The memory referenced points to our driver but our driver
had already been unloaded. I suspect that since our driver hooks
a couple of functions (and that does not un-hook them) the system
crashed when trying to call such functions.
But why would that happen if our driver does not support unload?
Any idea/tip/comment is welcome.
thanks,
Marco
Microsoft (R) Windows Debugger Version 6.5.0003.7
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [E:\2del\MEMORY.DMP]
Kernel Complete Dump File: Full address space is available
Windows XP Kernel Version 2600 (Service Pack 1) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp2.050301-1526
Kernel base = 0x804d4000 PsLoadedModuleList = 0x8054c850
Debug session time: Thu Oct 13 21:29:52.928 2005 (GMT+2)
System Uptime: 0 days 0:19:17.364
Loading Kernel Symbols
…
…
Loading unloaded module list
…
Loading User Symbols
***********************************************************
Bugcheck Analysis
*****************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D4, {f34673c8, ff, 1, 804d87b7}
Probably caused by : ntoskrnl.exe ( nt!ExfInterlockedInsertTailList+d )
Followup: MachineOwner
---------
kd> !analyze -v
***********************************************************
Bugcheck Analysis
*****************************************************************
SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4)
A driver unloaded without cancelling lookaside lists, DPCs, worker
threads,
etc.
The broken driver’s name is displayed on the screen.
When possible, the guilty driver’s name (Unicode string) is printed on
the bugcheck screen and saved in KiBugCheckDriver.
An attempt was made to access the driver at raised IRQL after it
unloaded.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: f34673c8, memory referenced
Arg2: 000000ff, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 804d87b7, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: f34673c8
CURRENT_IRQL: ff
FAULTING_IP:
nt!ExfInterlockedInsertTailList+d
804d87b7 8910 mov [eax],edx
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD4
LAST_CONTROL_TRANSFER: from 804e4f1d to 804d87b7
TRAP_FRAME: f89798cc – (.trap fffffffff89798cc)
ErrCode = 00000002
eax=f34673c8 ebx=81f98ac8 ecx=80550da8 edx=82182da0 esi=82182da0
edi=82182dd8
eip=804d87b7 esp=f8979940 ebp=f89799f0 iopl=0 nv up di pl zr na
po
nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010046
nt!ExfInterlockedInsertTailList+0xd:
804d87b7 8910 mov [eax],edx
ds:0023:f34673c8=???
Resetting default scope
STACK_TEXT:
f8979940 804e4f1d 8054398c f8979990 82182d68
nt!ExfInterlockedInsertTailList+0xd
f8979950 804eba2a 82182da0 f8979a28 00004000
nt!ExInitializeResourceLite+0x43
f8979964 804eb928 81f98ac8 82251dd8 f8979990
nt!CcAllocateInitializeBcb+0x6c
f89799f0 80566d55 821b11e0 f8979a44 00004000 nt!CcPinFileData+0x1d2
f8979a64 8057a61f 821b11e0 f8979a90 00004000 nt!CcPinMappedData+0xf4
f8979ab4 8057a57f e1036008 e10e77d0 cd096c3c nt!CmpPinCmView+0x3d
f8979acc 80586327 e1036008 000c0190 e1036008 nt!HvMarkCellDirty+0x67
f8979aec 80586420 e1036008 002d5c38 e23e8ab8 nt!CmpMarkKeyDirty+0xa0
f8979b04 80585dbf e1036008 002d5c38 00000001 nt!CmpFreeKeyByCell+0x12
f8979b34 80585fc3 e2c173f8 f8979ba0 f8979c1c nt!CmDeleteKey+0x8a
f8979b94 804dad01 80000894 80584dec 00000000 nt!NtDeleteKey+0x138
f8979b94 804d91f6 80000894 80584dec 00000000 nt!KiSystemService+0xc4
f8979c10 805a83ef 80000894 c0000365 00000000 nt!ZwDeleteKey+0x11
f8979c90 805c445d 00000b14 00000000 00000000
nt!IopDriverLoadingFailed+0x271
f8979d4c 8059773d 00000b14 81d0e000 821297b8 nt!IopLoadDriver+0x286
f8979d74 804e0f89 00000b14 00000000 823ca020 nt!IopLoadUnloadDriver+0x43
f8979dac 805609b0 f44f2cf4 00000000 00000000 nt!ExpWorkerThread+0xfe
f8979ddc 804e8c54 804e0eb6 00000001 00000000
nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
FOLLOWUP_IP:
nt!ExfInterlockedInsertTailList+d
804d87b7 8910 mov [eax],edx
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: nt!ExfInterlockedInsertTailList+d
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 422517e4
STACK_COMMAND: .trap fffffffff89798cc ; kb
FAILURE_BUCKET_ID: 0xD4_W_nt!ExfInterlockedInsertTailList+d
BUCKET_ID: 0xD4_W_nt!ExfInterlockedInsertTailList+d
Followup: MachineOwner
---------
kd> lm
start end module name
bf9b7000 bfc7c220 nv4_disp T (no symbols) // nvidia
f398f000 f3991ac0 SYMREDRV (no symbols) // process Redirector
Filter
Driver ( Symantec )
f39c3000 f39d1000 Unknown_Module_f39c3000 T (no symbols)
f3b2b000 f3b2f000 Unknown_Module_f3b2b000 T (no symbols)
f3f33000 f3f67820 Unknown_Module_f3f33000 (no symbols)
f440f000 f4412000 _____T (no symbols)
f6c2d000 f6c6d000 SYMTDI T (no symbols) // symantec
f6ce0000 f6cf2000 naveng T (no symbols) // symantec
f6cf2000 f6d94000 navex15 T (no symbols) // symantec
f6da7000 f6df6000 savrt (no symbols) // symantec
f7dfe000 f7e01000 mdc8021x T (no symbols) // IEEE 802.1X Protocol
Driver (software AEGIS Client by Meetinghouse Data Communications)
f7e6d000 f7e8fe00 ipsecw2k (no symbols)
f7fbf000 f7fdede0 ptserial (no symbols) // PC Tel driver. PC Tel
modem driver
f804b000 f8061640 Apfiltr (no symbols) // Alps Pointing-device
Driver
f8626000 f8636000 Savrtpel (no symbols) // symantec
f8696000 f869f000 atmdlc T (no symbols) // Attachmate DLC
Protocol
f8726000 f8734200 drmk (export symbols) drmk.sys (
managing
the digital rights of kernel-streaming audio Microsoft)
f887e000 f8882300 omci (no symbols) // dell open
manage
client
f88d6000 f88de000 Unknown_Module_f88d6000 T (no symbols)
f8a1a000 f8a1c7a0 eacfilt (no symbols) // NDIS Filter
Intermediate Drive
f8a7a000 f8a7c000 T (no symbols)
f8aac000 f8aae000 dump_WMILIB T (no symbols)
Unloaded modules:
f3436000 f346b000 pmsecdrv.sys
f3818000 f383f000 kmixer.sys
f8c18000 f8c19000 drmkaud.sys
f3af3000 f3b00000 DMusic.sys
f4152000 f4160000 swmidi.sys
f3850000 f3873000 aec.sys
f8a5c000 f8a5e000 splitter.sys
f6a94000 f6aaa000 dump_atapi.s
f88be000 f88c3000 Cdaudio.SYS
f8232000 f8235000 Sfloppy.SYS
----------------------------------------------------------------------
Subject: Re: need help debugging
SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4), please
From: “Jonathan Morrison [Microsoft]”
Date: Mon, 24 Oct 2005 10:40:29 -0700
X-Message-Number: 4
Looks like the driver is failing in DriverEntry somewhere. You need to
undo
anything you do in DriverEntry if you fail.
STACK_TEXT:
f8979940 804e4f1d 8054398c f8979990 82182d68
nt!ExfInterlockedInsertTailList+0xd
f8979950 804eba2a 82182da0 f8979a28 00004000
nt!ExInitializeResourceLite+0x43
f8979964 804eb928 81f98ac8 82251dd8 f8979990
nt!CcAllocateInitializeBcb+0x6c
f89799f0 80566d55 821b11e0 f8979a44 00004000 nt!CcPinFileData+0x1d2
f8979a64 8057a61f 821b11e0 f8979a90 00004000 nt!CcPinMappedData+0xf4
f8979ab4 8057a57f e1036008 e10e77d0 cd096c3c nt!CmpPinCmView+0x3d
f8979acc 80586327 e1036008 000c0190 e1036008 nt!HvMarkCellDirty+0x67
f8979aec 80586420 e1036008 002d5c38 e23e8ab8 nt!CmpMarkKeyDirty+0xa0
f8979b04 80585dbf e1036008 002d5c38 00000001 nt!CmpFreeKeyByCell+0x12
f8979b34 80585fc3 e2c173f8 f8979ba0 f8979c1c nt!CmDeleteKey+0x8a
f8979b94 804dad01 80000894 80584dec 00000000 nt!NtDeleteKey+0x138
f8979b94 804d91f6 80000894 80584dec 00000000 nt!KiSystemService+0xc4
f8979c10 805a83ef 80000894 c0000365 00000000 nt!ZwDeleteKey+0x11
f8979c90 805c445d 00000b14 00000000 00000000
nt!IopDriverLoadingFailed+0x271
<--------- Failed Load Here
f8979d4c 8059773d 00000b14 81d0e000 821297b8 nt!IopLoadDriver+0x286
f8979d74 804e0f89 00000b14 00000000 823ca020 nt!IopLoadUnloadDriver+0x43
f8979dac 805609b0 f44f2cf4 00000000 00000000 nt!ExpWorkerThread+0xfe
f8979ddc 804e8c54 804e0eb6 00000001 00000000
nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
–
Jonathan Morrison
“Marco Peretti” wrote in message
news:xxxxx@windbg…
> Hi!
>
> a customer got back to us with what seems an interesting dump and I
would
> appreciate some
> help in understanding the dump. The driver works fine on 3400
computers
> but
> fails on 200 and, from what I have been told, these are mostly
sys-admins
> computers which have additional software that end users do not have.
>
> Our driver: f3436000 f346b000 pmsecdrv.sys
>
> Our driver is a legacy driver and it cannot be stopped and I was
surprised
> to find it in the “unloaded modules” list when I tried the lm command
(see
> later on).
>
> Q: Do I have to deduce that the system was shutting down?
>
> The memory referenced points to our driver but our driver
> had already been unloaded. I suspect that since our driver hooks
> a couple of functions (and that does not un-hook them) the system
> crashed when trying to call such functions.
>
> But why would that happen if our driver does not support unload?
>
> Any idea/tip/comment is welcome.
>
> thanks,
>
> Marco
>
>
> Microsoft (R) Windows Debugger Version 6.5.0003.7
> Copyright (c) Microsoft Corporation. All rights reserved.
>
> Loading Dump File [E:\2del\MEMORY.DMP]
> Kernel Complete Dump File: Full address space is available
>
> Windows XP Kernel Version 2600 (Service Pack 1) UP Free x86 compatible
> Product: WinNt, suite: TerminalServer SingleUserTS
> Built by: 2600.xpsp2.050301-1526
> Kernel base = 0x804d4000 PsLoadedModuleList = 0x8054c850
> Debug session time: Thu Oct 13 21:29:52.928 2005 (GMT+2)
> System Uptime: 0 days 0:19:17.364
> Loading Kernel Symbols
>
…
…
> Loading unloaded module list
> …
> Loading User Symbols
>
*****************************************************************
> *
> *
> * Bugcheck Analysis
> *
> *
> *
>
*****************************************************************
>
> Use !analyze -v to get detailed debugging information.
>
> BugCheck D4, {f34673c8, ff, 1, 804d87b7}
>
> Probably caused by : ntoskrnl.exe ( nt!ExfInterlockedInsertTailList+d
)
>
> Followup: MachineOwner
> ---------
>
> kd> !analyze -v
>
*****************************************************************
> *
> *
> * Bugcheck Analysis
> *
> *
> *
>
*****************************************************************
>
> SYSTEM_SCAN_AT_RAISED_IRQL_CAUGHT_IMPROPER_DRIVER_UNLOAD (d4)
> A driver unloaded without cancelling lookaside lists, DPCs, worker
> threads,
> etc.
> The broken driver’s name is displayed on the screen.
> When possible, the guilty driver’s name (Unicode string) is printed on
> the bugcheck screen and saved in KiBugCheckDriver.
> An attempt was made to access the driver at raised IRQL after it
unloaded.
> If kernel debugger is available get stack backtrace.
> Arguments:
> Arg1: f34673c8, memory referenced
> Arg2: 000000ff, IRQL
> Arg3: 00000001, value 0 = read operation, 1 = write operation
> Arg4: 804d87b7, address which referenced memory
>
> Debugging Details:
> ------------------
>
>
> WRITE_ADDRESS: f34673c8
>
> CURRENT_IRQL: ff
>
> FAULTING_IP:
> nt!ExfInterlockedInsertTailList+d
> 804d87b7 8910 mov [eax],edx
>
> DEFAULT_BUCKET_ID: DRIVER_FAULT
>
> BUGCHECK_STR: 0xD4
>
> LAST_CONTROL_TRANSFER: from 804e4f1d to 804d87b7
>
> TRAP_FRAME: f89798cc – (.trap fffffffff89798cc)
> ErrCode = 00000002
> eax=f34673c8 ebx=81f98ac8 ecx=80550da8 edx=82182da0 esi=82182da0
> edi=82182dd8
> eip=804d87b7 esp=f8979940 ebp=f89799f0 iopl=0 nv up di pl zr
na po
> nc
> cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
> efl=00010046
> nt!ExfInterlockedInsertTailList+0xd:
> 804d87b7 8910 mov [eax],edx
> ds:0023:f34673c8=???
> Resetting default scope
>
> STACK_TEXT:
> f8979940 804e4f1d 8054398c f8979990 82182d68
> nt!ExfInterlockedInsertTailList+0xd
> f8979950 804eba2a 82182da0 f8979a28 00004000
> nt!ExInitializeResourceLite+0x43
> f8979964 804eb928 81f98ac8 82251dd8 f8979990
> nt!CcAllocateInitializeBcb+0x6c
> f89799f0 80566d55 821b11e0 f8979a44 00004000 nt!CcPinFileData+0x1d2
> f8979a64 8057a61f 821b11e0 f8979a90 00004000 nt!CcPinMappedData+0xf4
> f8979ab4 8057a57f e1036008 e10e77d0 cd096c3c nt!CmpPinCmView+0x3d
> f8979acc 80586327 e1036008 000c0190 e1036008 nt!HvMarkCellDirty+0x67
> f8979aec 80586420 e1036008 002d5c38 e23e8ab8 nt!CmpMarkKeyDirty+0xa0
> f8979b04 80585dbf e1036008 002d5c38 00000001 nt!CmpFreeKeyByCell+0x12
> f8979b34 80585fc3 e2c173f8 f8979ba0 f8979c1c nt!CmDeleteKey+0x8a
> f8979b94 804dad01 80000894 80584dec 00000000 nt!NtDeleteKey+0x138
> f8979b94 804d91f6 80000894 80584dec 00000000 nt!KiSystemService+0xc4
> f8979c10 805a83ef 80000894 c0000365 00000000 nt!ZwDeleteKey+0x11
> f8979c90 805c445d 00000b14 00000000 00000000
> nt!IopDriverLoadingFailed+0x271
> f8979d4c 8059773d 00000b14 81d0e000 821297b8 nt!IopLoadDriver+0x286
> f8979d74 804e0f89 00000b14 00000000 823ca020
nt!IopLoadUnloadDriver+0x43
> f8979dac 805609b0 f44f2cf4 00000000 00000000 nt!ExpWorkerThread+0xfe
> f8979ddc 804e8c54 804e0eb6 00000001 00000000
> nt!PspSystemThreadStartup+0x34
> 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
>
>
> FOLLOWUP_IP:
> nt!ExfInterlockedInsertTailList+d
> 804d87b7 8910 mov [eax],edx
>
> SYMBOL_STACK_INDEX: 0
>
> FOLLOWUP_NAME: MachineOwner
>
> SYMBOL_NAME: nt!ExfInterlockedInsertTailList+d
>
> MODULE_NAME: nt
>
> IMAGE_NAME: ntoskrnl.exe
>
> DEBUG_FLR_IMAGE_TIMESTAMP: 422517e4
>
> STACK_COMMAND: .trap fffffffff89798cc ; kb
>
> FAILURE_BUCKET_ID: 0xD4_W_nt!ExfInterlockedInsertTailList+d
>
> BUCKET_ID: 0xD4_W_nt!ExfInterlockedInsertTailList+d
>
> Followup: MachineOwner
> ---------
>
> kd> lm
> start end module name
> bf9b7000 bfc7c220 nv4_disp T (no symbols) // nvidia
> f398f000 f3991ac0 SYMREDRV (no symbols) // process Redirector
Filter
> Driver ( Symantec )
> f39c3000 f39d1000 Unknown_Module_f39c3000 T (no symbols)
> f3b2b000 f3b2f000 Unknown_Module_f3b2b000 T (no symbols)
> f3f33000 f3f67820 Unknown_Module_f3f33000 (no symbols)
> f440f000 f4412000 _____T (no symbols)
> f6c2d000 f6c6d000 SYMTDI T (no symbols) // symantec
> f6ce0000 f6cf2000 naveng T (no symbols) // symantec
> f6cf2000 f6d94000 navex15 T (no symbols) // symantec
> f6da7000 f6df6000 savrt (no symbols) // symantec
> f7dfe000 f7e01000 mdc8021x T (no symbols) // IEEE 802.1X
Protocol
> Driver (software AEGIS Client by Meetinghouse Data Communications)
> f7e6d000 f7e8fe00 ipsecw2k (no symbols)
> f7fbf000 f7fdede0 ptserial (no symbols) // PC Tel driver. PC
Tel
> modem driver
> f804b000 f8061640 Apfiltr (no symbols) // Alps
Pointing-device
> Driver
> f8626000 f8636000 Savrtpel (no symbols) // symantec
> f8696000 f869f000 atmdlc T (no symbols) // Attachmate DLC
Protocol
> f8726000 f8734200 drmk (export symbols) drmk.sys (
managing
> the digital rights of kernel-streaming audio Microsoft)
> f887e000 f8882300 omci (no symbols) // dell open
manage
> client
> f88d6000 f88de000 Unknown_Module_f88d6000 T (no symbols)
> f8a1a000 f8a1c7a0 eacfilt (no symbols) // NDIS Filter
> Intermediate Drive
> f8a7a000 f8a7c000 T (no symbols)
> f8aac000 f8aae000 dump_WMILIB T (no symbols)
>
>
> Unloaded modules:
> f3436000 f346b000 pmsecdrv.sys
> f3818000 f383f000 kmixer.sys
> f8c18000 f8c19000 drmkaud.sys
> f3af3000 f3b00000 DMusic.sys
> f4152000 f4160000 swmidi.sys
> f3850000 f3873000 aec.sys
> f8a5c000 f8a5e000 splitter.sys
> f6a94000 f6aaa000 dump_atapi.s
> f88be000 f88c3000 Cdaudio.SYS
> f8232000 f8235000 Sfloppy.SYS
>
>
>
>
—
END OF DIGEST
—
You are currently subscribed to windbg as: xxxxx@adaptec.com
To unsubscribe send a blank email to xxxxx@lists.osr.com