BleepingComputer.com: Google keeps on Redirecting & TS/Trash.Gen virus won't go away

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Google keeps on Redirecting & TS/Trash.Gen virus won't go away Do not know how to remove it!

#1 User is offline   Santista 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 10-August 11
  • Gender:Female
  • Location:Texas and Brazil

Posted 11 August 2011 - 06:37 PM

Everytime that I try to go to www.google.com I get a 404 Not Found Error then on the next line "nginx" very different from most 404 errors I've encountered before. I thought at first that it must be something local, since I am in Brazil, but when I tried to load it up w/ my netbook, through the same router/modem, it opens with out any issues. I tried downloading Firefox and Chrome, and am still getting the same error. When I run Avira, it keeps on popping up that the computer is infected with the virus TR/Trash.Gen, and it is unable to remove it. MalwareBytes does not prompt any viruses or malware in the machine. This computer is running Windows XP Professional Service Pack 3

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Usuario at 20:01:00 on 2011-08-11
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2037.1251 [GMT -3:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\PeerBlock\peerblock.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Documents and Settings\Usuario\Configurações locais\Temporary Internet Files\Content.IE5\5A3XJ1LP\dds[1].scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.yahoo.com.br/
uSearch Bar =
mDefault_Page_URL = hxxp://br.yahoo.com
mStart Page = hxxp://br.yahoo.com
uInternet Settings,ProxyOverride = 127.0.0.1
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\arquivos de programas\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\arquivos de programas\gbplugin\gbiehabn.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\arquivos de programas\windows live\toolbar\wltcore.dll
uRun: [Facebook Update] "c:\documents and settings\usuario\configurações locais\dados de aplicativos\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Search Protection] c:\arquivos de programas\yahoo!\search protection\SearchProtection.exe
uRun: [RegistryBooster] "c:\arquivos de programas\uniblue\registrybooster\launcher.exe" delay 20000
uRun: [NitroPC] "c:\arquivos de programas\nitropc\NitroPC.exe" -minimized
uRun: [MSMSGS] "c:\arquivos de programas\messenger\msmsgs.exe" /background
uRun: [PeerBlock] c:\arquivos de programas\peerblock\peerblock.exe
mRun: [SunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avgnt] "c:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\arquivos de programas\arquivos comuns\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\arquivos de programas\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [3telefonica.BlockedAlerts] "c:\arquivos de programas\assistente tecnico speedy\bin\aboutbrowser\MotiveBrowser.exe" -APPKEY=telesp -WINDOWCONTEXT=telesp -URL=file://C:/Arquivos de programas/Assistente Tecnico Speedy/vendors/telefonica/content/template/driven_dev/BroadBandAsst/SB_Template/modificarRul.html
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - c:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\micros~1.lnk - c:\arquivos de programas\microsoft office\office10\OSA.EXE
IE: &Download All using 4shared Desktop - c:\arquivos de programas\4shared desktop\down_all.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\arquivos de programas\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\arquivos de programas\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: bancoreal.com.br\www
Trusted Zone: bancosantander.com.br\www
Trusted Zone: realsecureweb.com.br\www
Trusted Zone: realsecureweb.com.br\www2
Trusted Zone: realsecureweb.com.br\wwws
Trusted Zone: santander.com.br\www
Trusted Zone: santanderempresarial.com.br\www
Trusted Zone: santandernet.com.br\www
Trusted Zone: santandernet.com.br\wwws
Trusted Zone: santandernetibe.com.br\www
Trusted Zone: secureweb.com.br\www
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 189.4.128.61 189.4.128.66
TCP: Interfaces\{DABF7BCE-4DD9-4275-B108-C84F4C5C823A} : DhcpNameServer = 189.4.128.61 189.4.128.66
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\arquivos de programas\arquivos comuns\microsoft shared\web folders\PKMCDO.DLL
Notify: GbPluginAbn - c:\arquivos de programas\gbplugin\gbiehAbn.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\arquivos de programas\gbplugin\gbiehabn.dll
Hosts: 74.125.45.100 4-open-davinci.com
Hosts: 74.125.45.100 securitysoftwarepayments.com
Hosts: 74.125.45.100 privatesecuredpayments.com
Hosts: 74.125.45.100 secure.privatesecuredpayments.com
Hosts: 74.125.45.100 getantivirusplusnow.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\usuario\dados de aplicativos\mozilla\firefox\profiles\t8i93z7h.default\
FF - plugin: c:\arquivos de programas\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\arquivos de programas\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\arquivos de programas\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\arquivos de programas\microsoft\office live\npOLW.dll
FF - plugin: c:\arquivos de programas\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\documents and settings\usuario\configuraã§ãµes locais\dados de aplicativos\facebook\video\skype\npFacebookVideoCalling.dll
.
============= SERVICES / DRIVERS ===============
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2011-1-28 47512]
R1 avgio;avgio;c:\arquivos de programas\avira\antivir desktop\avgio.sys [2010-10-23 11608]
R2 AntiVirSchedulerService;Avira AntiVir Agendamento;c:\arquivos de programas\avira\antivir desktop\sched.exe [2010-10-23 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\arquivos de programas\avira\antivir desktop\avguard.exe [2010-10-23 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-10-23 61960]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-3-16 54760]
R2 GbpSv;Gbp Service;c:\arquiv~1\gbplugin\GbpSv.exe [2011-1-28 55576]
R2 MBAMService;MBAMService;c:\arquivos de programas\malwarebytes' anti-malware\mbamservice.exe [2011-8-10 366640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-10 22712]
R3 pbfilter;pbfilter;c:\arquivos de programas\peerblock\pbfilter.sys [2011-8-11 19056]
S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2010-4-30 135664]
S3 fsssvc;Serviço Windows Live Proteção para a Família;c:\arquivos de programas\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 gupdatem;Serviço do Google Update (gupdatem);c:\arquivos de programas\google\update\GoogleUpdate.exe [2010-4-30 135664]
S3 WrKPoET2000;WrKPoET2000;\??\c:\arquivos de programas\speedy\wrkpoet2000.sys --> c:\arquivos de programas\speedy\WrKPoET2000.sys [?]
.
=============== Created Last 30 ================
.
2011-08-11 16:37:20 -------- d-----w- c:\arquivos de programas\PeerBlock
2011-08-10 19:17:45 -------- d-----w- c:\documents and settings\usuario\dados de aplicativos\Malwarebytes
2011-08-10 19:17:39 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-10 19:17:37 -------- d-----w- c:\documents and settings\all users\dados de aplicativos\Malwarebytes
2011-08-10 19:17:33 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 19:17:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2011-08-10 18:48:34 -------- d-----w- c:\windows\pss
2011-07-12 23:56:21 -------- d-----w- c:\documents and settings\usuario\dados de aplicativos\PriceGong
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-03 01:33:35 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-06-28 15:19:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10:39 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:30:56 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:30:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:30:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:34 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:48 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35:23 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-03-19 17:07:16 419016 ----a-w- c:\arquivos de programas\msgr10br yahoo.exe
2011-03-17 01:11:27 1254224 ----a-w- c:\arquivos de programas\wlsetup-web.exe
2010-09-30 18:02:22 65863489 ----a-w- c:\arquivos de programas\Instalar.exe
.
============= FINISH: 20:01:51,09 ===============

Attached File(s)

  • Attached File  attach.txt (17.03K)
    Number of downloads: 0
  • Attached File  ark.txt (7.42K)
    Number of downloads: 0

This post has been edited by Santista: 11 August 2011 - 06:40 PM

#2 User is offline   gringo_pr 

  • Bleepin Gringo
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 85,504
  • Joined: 03-July 08
  • Gender:Male
  • Location:Puerto rico

Posted 15 August 2011 - 01:39 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.


We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK

    Do not re-enable these drivers until otherwise instructed.


Download DDS:

    Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt

    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply


Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

"just click on Cancel, then Accept".

information and logs:

    In your next post I need the following

    • .logs from DDS
    • log from RKUnHooker
    • let me know of any problems you may have had


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#3 User is offline   gringo_pr 

  • Bleepin Gringo
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 85,504
  • Joined: 03-July 08
  • Gender:Male
  • Location:Puerto rico

Posted 17 August 2011 - 11:40 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#4 User is offline   gringo_pr 

  • Bleepin Gringo
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 85,504
  • Joined: 03-July 08
  • Gender:Male
  • Location:Puerto rico

Posted 22 August 2011 - 04:28 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users