|
Answer» I was actually kind of embarassed to have to find this site!!! Im normally the one people call when they have a computer issue. I had a narley Vundo virus I was unable to catch for a while *censored* babysitters anywayz!!! But it turned my windows updates off, I could not turn them back on for nothing >< It prevented me from updating my ad aware, AVG was seeing it, but unable to remove it. It got into my system restore and deleted all the checkpoints from before i got the virus. It caused pop-ups EVERY 30 seconds when I would try to use the internet for anything. It made walking through the steps that more frustrating >< It was nasty, I have spent the last week trying to remove it. hours into it I thought i was gonna have to re-do windows Followed the steps, and it was the SUPERantispyware program that finally got rid of it It stored itself on my memory and in my registry's but its gone now, thanx to Evilfantasy's steps (almost sounds like Im in an aa meeting now, lol) Didnt want to just come in here, learn what to do, and bail without saying a word, so THANX!!!! Lots of work and very frustrating, but a good learning expierence anywayz SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/02/2009 at 01:28 PM
Application Version : 4.24.1004
Core Rules Database Version : 3694
Trace Rules Database Version: 1670
Scan type : Complete Scan
Total Scan Time : 01:03:34
Memory items scanned : 408
Memory threats detected : 3
Registry items scanned : 6662
Registry threats detected : 46
File items scanned : 81017
File threats detected : 30
Adware.Vundo/Variant
C:\WINDOWS\SYSTEM32\XHSCQO.DLL
C:\WINDOWS\SYSTEM32\XHSCQO.DLL
C:\WINDOWS\SYSTEM32\CSDEVQ.DLL
C:\WINDOWS\SYSTEM32\QGOTXV.DLL
C:\WINDOWS\SYSTEM32\YAKWNQ.DLL
Trojan.Vundo-Variant/Small
C:\WINDOWS\SYSTEM32\XXYYYYQI.DLL
C:\WINDOWS\SYSTEM32\XXYYYYQI.DLL
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\xxyyyYQI
Trojan.Vundo-Variant/Small-GEN
C:\WINDOWS\SYSTEM32\PMNLMMMD.DLL
C:\WINDOWS\SYSTEM32\PMNLMMMD.DLL
HKU\S-1-5-21-2000478354-1123561945-839522115-1003\Software\Microsoft\Windows\CurrentVersion\
Ext\Stats\{CFDD11EC-6332-4B6F-B369-E58CC025F9F4}
Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}\InprocServer32
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{6D794CB4-C7CD-4c6
f-BFDC-9B77AFBDC02C}
HKU\S-1-5-21-2000478354-1123561945-839522115-1003\Software\Microsoft\Windows\CurrentVersion\
Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
C:\WINDOWS\SYSTEM32\XEFWFMWM.DLL
Trojan.Vundo-Variant/NextGen-Six
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{865c0079-4a6a-473f-93a6-7031c9cc8eb7}
HKCR\CLSID\{865C0079-4A6A-473F-93A6-7031C9CC8EB7}
HKCR\CLSID\{865C0079-4A6A-473F-93A6-7031C9CC8EB7}\InprocServer32
HKCR\CLSID\{865C0079-4A6A-473F-93A6-7031C9CC8EB7}\InprocServer32#ThreadingModel
Trojan.Vundo-Variant/NextGen
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{CFDD11EC-6332-4B6F-B369-E58CC025F9F4}
HKCR\CLSID\{CFDD11EC-6332-4B6F-B369-E58CC025F9F4}
HKCR\CLSID\{CFDD11EC-6332-4B6F-B369-E58CC025F9F4}\InprocServer32
HKCR\CLSID\{CFDD11EC-6332-4B6F-B369-E58CC025F9F4}\InprocServer32#ThreadingModel
Adware.Tracking Cookie
C:\Documents and Settings\Katie\Cookies\[emailprotected][2].txt
C:\Documents and Settings\Katie\Cookies\[emailprotected][1].txt
C:\Documents and Settings\Katie\Cookies\[emailprotected][2].txt
C:\Documents and Settings\Katie\Cookies\[emailprotected][1].txt
C:\Documents and Settings\Katie\Cookies\[emailprotected][1].txt
C:\Documents and Settings\Katie\Cookies\[emailprotected][1].txt
.sonyonlineentertainment.112.2o7.net [ C:\Program
Files\Sony\EverQuest\mozilla\cookies.txt ]
.doubleclick.net [ C:\Program Files\Sony\EverQuest\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest\mozilla\cookies.txt ]
.sonyonlineentertainment.112.2o7.net [ C:\Program Files\Sony\EverQuest
II\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest II\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest II\mozilla\cookies.txt ]
.cgm.adbureau.net [ C:\Program Files\Sony\EverQuest II\mozilla\cookies.txt ]
Unclassified.Unknown Origin
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
Adware.Zango Toolbar/Hb
C:\Documents and Settings\Katie\Application
Data\ZangoToolbar\v3.0\ZangoToolbar\dynamic
C:\Documents and Settings\Katie\Application Data\ZangoToolbar\v3.0\ZangoToolbar
C:\Documents and Settings\Katie\Application Data\ZangoToolbar\v3.0
C:\Documents and Settings\Katie\Application Data\ZangoToolbar\zbar.log
C:\Documents and Settings\Katie\Application Data\ZangoToolbar
Trojan.DNSChanger-Codec
HKU\S-1-5-21-2000478354-1123561945-839522115-1003\Software\GetModule
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iCheck
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iCheck#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iCheck#UninstallString
Adware.AdSponsor/ISM
C:\Program Files\GetModule
C:\Program Files\iCheck\Uninstall.exe
C:\Program Files\iCheck
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\FCOVM
HKLM\SOFTWARE\Microsoft\RemoveRP
HKLM\SOFTWARE\Microsoft\contim
HKLM\SOFTWARE\Microsoft\contim#SysShell
HKLM\SOFTWARE\Microsoft\MS Track System
HKLM\SOFTWARE\Microsoft\MS Track System#Uid
HKLM\SOFTWARE\Microsoft\MS Track System#Shows
HKLM\SOFTWARE\Microsoft\MS Track System#Uqs
HKLM\SOFTWARE\Microsoft\rdfa
HKLM\SOFTWARE\Microsoft\rdfa#F
HKLM\SOFTWARE\Microsoft\rdfa#N
Trojan.Unclassified/C00-WL
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE
HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE#Asynchronous
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE#DllName
HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE#Impersonate
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE#Startup
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0063DFE#Logon
Rogue.Component/Trace
HKLM\Software\Microsoft\6CBC1F30
HKLM\Software\Microsoft\6CBC1F30#6cbc1f30
HKLM\Software\Microsoft\6CBC1F30#Version
HKLM\Software\Microsoft\6CBC1F30#6cbcb2b0
HKLM\Software\Microsoft\6CBC1F30#6cbcdb55
HKU\S-1-5-21-2000478354-1123561945-839522115-1003\Software\Microsoft\CS41275
HKU\S-1-5-21-2000478354-1123561945-839522115-1003\Software\Microsoft\FIAS4018
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:57:42 PM, on 1/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running PROCESSES:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\ResChanger 2005\ResChanger2005.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {033D9E79-723E-43C8-B18D-677BB46D0B3E} - C:\WINDOWS\system32\pmnlmmMD.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar NOTIFIER BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: {483e600a-3ebc-88e8-7bc4-c37535ad792b} - {b297da53-573c-4cb7-8e88-cbe3a006e384} - C:\WINDOWS\system32\qgotxv.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [ResChanger 2005] C:\Program Files\ResChanger 2005\ResChanger2005.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [GetModule32] "C:\Program Files\GetModule\GetModule32.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: D-Link AirPlus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Resume Beyond Media Installation.lnk = E:\Beyondmedia\Setup.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.msn.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave FLASH Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll qgotxv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WUSB54Gv42SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
O24 - Desktop Component 0: (no name) - http://spectraleyes.com/albums/artworx/NAMESTE_HOLO_U.gif
--
End of file - 10352 bytes
|
