Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan & Redirecting


  • Please log in to reply
15 replies to this topic

#1 Kazzy 7004

Kazzy 7004

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 14 December 2009 - 01:14 PM

Hi!

I really hope someone will be able to help me with this...

AVG picked up on a virus - Trojan Vundu. I've since scanned it and it 'appears to be gone'. However for the last couple of days its taking a few attempts to actually get to a web site that I want. ie: when i google tesco direct, I end up with a completely different site and an AVG warning box.

I've downloaded Malwarebytes Anti Malware and run that but I still have the problem.

Any help/assistance would be much appreciated!

Karen.

ps I believe its Windows XP Home!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 14 December 2009 - 03:44 PM

Hello and welcome.
please Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


Please download TFC by Old Timer and save it to your desktop.
alternate download link
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Now run SAS:
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 15 December 2009 - 05:31 AM

Hi Boopme

Thank you for your help and detailed instruction!

I re ran MBAM as instructed, TFC and downloaded SAS. However, I couldn't reboot into 'Safe Mode'. It wouldn't let me do it 'due to recent changes with hardware or software'. Therefore, I have not yet scanned with the SAS.

The MBAM log:

Malwarebytes' Anti-Malware 1.42
Database version: 3363
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

15/12/2009 09:45:46
mbam-log-2009-12-15 (09-45-46).txt

Scan type: Quick Scan
Objects scanned: 127905
Time elapsed: 11 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Although MBAM didn't seem to find anything, i'm still being redirected to 'dangerous' sites!

Karen.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 15 December 2009 - 10:47 PM

Ok,please run SAS in normal.


Some rootkits can terminate your security tools by changing the permissions on targeted programs so that they cannot run or complete scans. Even stopping safe Mode. Further investigation is required to determine if this is the case with the issues you have described.

Please download Win32kDiag.exe by AD and save it to your desktop.
alternate download 1
alternate download 2
  • This tool will create a diagnostic report for me to review.
  • Double-click on Win32kDiag.exe to run and let it finish.
  • When it states Finished! Press any key to exit..., press any key on your keyboard to close the program.
  • A file called Win32kDiag.txt should be created on your Desktop.
  • Open that file in Notepad, then copy and paste the entire contents starting with Running from... to Finished!) in your next reply.
Then go to Posted Image > Run..., and copy and paste this command into the open box: cmd
press OK.
At the command prompt C:\>, copy and paste the following command and press Enter:
DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txt
A file called log.txt should be created on your Desktop and open in Notepad.
Copy and paste the contents of that file in your next reply.

-- Vista users can refer to these instructions to open a command prompt.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 16 December 2009 - 08:17 AM

Good Afternoon!

Ok, here's all the logs...

SAS log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/16/2009 at 12:05 PM

Application Version : 4.31.1000

Core Rules Database Version : 4378
Trace Rules Database Version: 2217

Scan type : Complete Scan
Total Scan Time : 02:26:52

Memory items scanned : 465
Memory threats detected : 0
Registry items scanned : 6431
Registry threats detected : 10
File items scanned : 83801
File threats detected : 7

Adware.Tracking Cookie
C:\Documents and Settings\PEM\Cookies\pem@collective-media[1].txt
C:\Documents and Settings\PEM\Cookies\pem@revsci[3].txt
C:\Documents and Settings\PEM\Cookies\pem@ads.bleepingcomputer[1].txt
C:\Documents and Settings\PEM\Cookies\pem@atdmt[2].txt
C:\Documents and Settings\PEM\Cookies\pem@revsci[2].txt

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID
HKU\S-1-5-21-1100365090-2764205096-52395309-1007\Software\Registry Cleaner
HKU\S-1-5-21-1100365090-2764205096-52395309-1007\Software\SoftwareOnline.com
C:\Documents and Settings\PEM\Application Data\Registry Cleaner\RegClean.ini
C:\Documents and Settings\PEM\Application Data\Registry Cleaner

Adware.MyWebSearch/FunWebProducts
HKU\S-1-5-21-1100365090-2764205096-52395309-1007\SOFTWARE\FunWebProducts

Trojan.Media-Codec
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#isamonitor.exe [ C:\Program Files\Video ActiveX Object\isamonitor.exe ]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#none [ C:\Program Files\Video ActiveX Object\pmsngr.exe ]


Win32Diag.txt

Running from: C:\Documents and Settings\PEM\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\PEM\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!


Best regards,
Karen

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 16 December 2009 - 10:55 AM

Ok, if this is still redirecting ,I would like to do one more scan with Drweb-cureit .

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.
alternate download link
Note: The file will be randomly named (i.e. 5mkuvc4z.exe).

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • Please be patient as this scan could take a long time to complete.
  • When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.
  • Click Select All, then choose Cure > Move incurable.
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 17 December 2009 - 08:16 AM

Hi, yes it's still redirecting. Downloaded Dr.Web Cureit but am still unable to reboot into safe mode. The message which appears on the screen reads...

"We apologise for the inconvenience, but Windows did nt start successfully.
Recent hardware or software changes might have caused this.
If your computer stopped responding, restarted unexpectedly, or was automatically shut down to protect your files and folders, choose Last Known Good Configuration to revert to the most recent settings that worked."

Windows then restarts normally. I am not aware of any recent hardware of software changes so not sure why this is happening?

Thank you for your time and patience!!
Karen.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 17 December 2009 - 11:28 AM

Hi Karen lets do this and see if we can then scan from safe mode.

SUPERAntiSypware has a built in "Repairs" feature to fix policy restrictions and certain Windows settings which are sometimes targeted by malware infection. To use this feature, launch SUPERAntiSypware.
  • Click the Repairs tab.
  • Click on (highlight) "Repair broken SafeBoot key" and then click the Repair button.
  • You may be asked to reboot your computer for the changes to take effect.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 17 December 2009 - 02:13 PM

Oh nooooooo I did this and it still doesn't work :-( I get the same error message. I'm really worried now!!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 17 December 2009 - 03:28 PM

Hello Karen let's try runnning in normal and see if there is still some baddies in the way.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 18 December 2009 - 05:12 AM

Good morning!

I ran the Dr.Web Cureit in normal mode. It found two items but would not give me the option to 'select all' or 'cure'. Maybe this was because it had 'eradicated' one item and 'deleted' the other?

The Dr.Web report is:

Process in memory: C:\WINDOWS\system32\svchost.exe:1048;;BackDoor.Tdss.565;Eradicated.;
61A2371B.dll;C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine;Trojan.Fakealert.230;Deleted.;

I then did the SAS Repair Broken Safeboot Key and tried again to start in 'safe mode'. This still does not work.

And i'm still being redirected to sites I don't want to go to :flowers:

Is the only cure a large hammer??? :thumbsup:

Edited as I nearly forgot an error message!! This popped up on my screen when I started Dr.Web:

"The HOSTS file modified windows operating system use the HOSTS file to map HOSTS name to IP addresses. Modifications to the HOSTS file indicate possible operation of malicious software. Do you want to restore HOSTS file?"
I had the option of yes or no... I clicked yes. I didn't know which one to choose.

Karen

Edited by Kazzy 7004, 18 December 2009 - 05:17 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 18 December 2009 - 11:56 AM

Hi Karen,you chose well :flowers: on the HOsts.

We will run 2 more tools. if no go go we still can do a REpair install(needs your install disc) and HiJackThis. I would recommend tho you back up any very important files now.

TDSS KILLER
Please download TDSSKiller.zip and save it to your Desktop.
Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop. (click here if you're not sure how to do this. Vista users refer to these instructions.)
  • Go to Posted Image > Run..., , then type or copy and paste everything in the code box below into the Open dialogue box:
    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\report.txt -v
  • Click OK.
  • If malicious services or files have been detected, the utility will prompt to reboot the PC in order to complete the disinfection procedure. Please reboot when prompted.
  • After reboot, the driver will delete malicious registry keys and files as well as remove itself from the services list.
  • A log file named report.txtt should have been created and saved to the root directory (usually C:\report.txt).
  • Copy and paste the contents of that report in your next reply.
*******************************
Kaspersky Virus Removal

Please download the Kaspersky Virus Removal Tool save to your Desktop.
Be sure to print out and read the instructions provided in How to use Kaspersky virus removal tool.
  • Double-click the setup file (i.e. setup_7.0.0.290_24.06.2009_12-58.exe) to install the utility.
  • If using Vista, right-click on it and Run As Administrator.
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
    .
  • Click Next to continue.
  • It will install by default to your desktop folder. Click Next.
  • Click Ok at the prompt for scanning in Safe Mode if you booted into safe mode.
  • A box will open with a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.
  • System Memory
  • Startup Objects
  • Disk Boot Sectors
  • My Computer
  • Any other drives (except CD-ROM drives)
  • Click on the Scan button.
  • If malware is detected, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • In the window that opens, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, name the report AVPT.txt and select Save to file.
  • This tool should uninstall when you close it so please save the report log before closing.
  • When done, close the Kaspersky Virus Removal Tool.
  • You will be prompted if you want to uninstall the program. Click Yes.
  • You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.
  • Copy and paste only the first part of the report (Detected) in your next reply. Do not include the longer list marked Events.
-- If you cannot run the Kaspersky AVP Removal Tool in normal mode, then try using it in "safe mode".
:thumbsup:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 22 December 2009 - 06:19 PM

Hi Boopme

Apologies for the long delay (it's a frantic time of year!).

I ran the TDSS Killer as per your instructions but cannot locate the report anywhere!! I then ran Kaspersky which picked up on the two items previously mentioned - Process in memory: C:\WINDOWS\system32\svchost.exe:1048;;BackDoor.Tdss.565;Eradicated.;
61A2371B.dll;C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine;Trojan.Fakealert.230;Deleted.;

However, when running Kaspersky it didn't run quite as per your instructions nor the instructions I printed from Kaspersky :-s

Anyway, after running Kaspersky I tried to boot in 'safe mode' and suceeded!!! :thumbsup: While in safe mode I ran SAS, the log is below:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/22/2009 at 08:57 AM

Application Version : 4.32.1000

Core Rules Database Version : 4384
Trace Rules Database Version: 2221

Scan type : Complete Scan
Total Scan Time : 13:56:14

Memory items scanned : 238
Memory threats detected : 0
Registry items scanned : 6456
Registry threats detected : 0
File items scanned : 85733
File threats detected : 4

Adware.Tracking Cookie
C:\Documents and Settings\PEM\Cookies\pem@rambler[1].txt
C:\Documents and Settings\PEM\Cookies\pem@yadro[1].txt
C:\Documents and Settings\PEM\Cookies\pem@revsci[2].txt
C:\Documents and Settings\PEM\Cookies\pem@atdmt[2].txt

I am no longer being redirected!! I do believe the problem has been solved :flowers: Can you just confirm this for me??

Karen

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:10 AM

Posted 23 December 2009 - 10:47 AM

Hi, yes same problem here with yhe Holidays..
Let's run one more quick scan...to be sure..


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Kazzy 7004

Kazzy 7004
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:10 AM

Posted 24 December 2009 - 10:33 AM

I ran the scan and the log is:

Malwarebytes' Anti-Malware 1.42
Database version: 3424
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

24/12/2009 15:29:56
mbam-log-2009-12-24 (15-29-56).txt

Scan type: Quick Scan
Objects scanned: 130145
Time elapsed: 12 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I guess that means everything is okay!!

Thank you so much for all you help, it's very much appreciated!!

Have a lovely Christmas holiday,
Best wishes
Karen.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users