1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

[Resolved] maybe masterparadise trojan

Discussion in 'Virus & Other Malware Removal' started by tonsafun, Jan 17, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. tonsafun

    tonsafun Thread Starter

    Joined:
    Jan 16, 2003
    Messages:
    9
    I just started my computer up today and everything was fine until I opened "my documents" file and nothing at all showed up. I didn't have a virus scan installed on my computer and downloaded Norton and tried the panda online scan and neither of them will work. I also can't control alt del, or open regedit. I found some tips from one past posting and nothing worked, except I downloaded the "startuplist" applcation and got this... which means nothing to me. I hope someone can help me get my files back, thanks.

    StartupList report, 1/16/2003, 7:58:43 PM
    StartupList version: 1.51
    Started from : C:\DOCUME~1\Sam\Desktop\NEWFOL~1\STARTU~1.EXE
    Detected: Windows XP (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\NORTON~1\navapsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\WinServices.exe
    C:\WINDOWS\System32\tcpsvs32.exe
    C:\PROGRA~1\COMMON~1\CMEII\CMESys.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
    C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
    C:\WINDOWS\Services32.exe
    C:\PROGRA~1\COMMON~1\GMT\GMT.exe
    C:\PROGRA~1\WinZip\WZQKPICK.EXE
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\DOCUME~1\Sam\Desktop\NEWFOL~1\STARTU~1.EXE

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    C-Media Mixer = C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
    CMESys = "C:\PROGRA~1\COMMON~1\CMEII\CMESys.exe"
    WinampAgent = "C:\Program Files\Winamp\Winampa.exe"
    QuickTime Task = "C:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
    Immcheck = immcheck.exe -1
    WinStart001.EXE = C:\WINDOWS\System\WinStart001.EXE -b
    WinServices = C:\WINDOWS\System32\WinServices.exe
    WINSTA~1.EXE = C:\WINDOWS\System\WINSTA~1.EXE -b
    NAV CfgWiz = C:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
    ccApp = C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    ccRegVfy = C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Mozilla Quick Launch = "C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -aim
    STYLEXP = C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    System32 = C:\WINDOWS\Services32.exe NORMAL

    --------------------------------------------------

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "C:\WINDOWS\System32\nav32_loader.exe""%1"%*

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\WINDOWS\System32\FOne.dll - {000000F1-34E3-4633-87C6-1AA7A44296DA}
    (no name) - C:\WINDOWS\System32\lwz.dll - {00000EF1-34E3-4633-87C6-1AA7A44296DA}
    (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\WINDOWS\System32\netpal.dll - {6085FB5B-C281-4B9C-8E5D-D2792EA30D2F}
    Natural Language Navigation - C:\WINDOWS\System\BHO001.DLL - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF}
    (no name) - c:\Program Files\Flt\Flt.dll - {665ACD90-4541-4836-9FE4-062386BB8F05}
    (no name) - C:\WINDOWS\System32\veg32.dlltmp - {7DD896A9-7AEB-430F-955B-CD125604FDCB}
    NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Disk Cleanup.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [{41F17733-B041-4099-A042-B518BB6A408C}]
    CODEBASE = http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe

    [ActiveScan Installer Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
    CODEBASE = http://www.pandasoftware.com/activescan/as/asinst.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\System32\iuctl.dll
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37582.5317708333

    --------------------------------------------------
    End of report, 5,325 bytes
    Report generated in 0.200 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    You have a number of major problems there, the most immediate and serious of which is a Yaha infection. I'm not sure which version it is, it may even be a new one.

    You are going to have to jump through hoops to get rid of it.

    Start by reading this Symantec article and using the removal tool.

    I'm going to suggest some additonal regedits, as I don't think the Tool will remove everything. But your first task is to get regedit working. You can do that by following their instructions to create reg.com

    http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

    You must remove the following entries from

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    1 -- WinStart001.EXE = C:\WINDOWS\System\WinStart001.EXE -b (this is actually associated with some other nasty, but kill it)

    2 --WinServices = C:\WINDOWS\System32\WinServices.exe

    from:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    1 -- System32 = C:\WINDOWS\Services32.exe NORMAL

    >> To repair the registries "shell open" entries have this downloaded and run it after the Symantec Removal tool:

    http://www.diamondcs.com.au/cleanrun.reg

    You also have some spy and ad ware cleaning to do, but we'll tackle that after you post a yaha clean startup log.
     
  3. tonsafun

    tonsafun Thread Starter

    Joined:
    Jan 16, 2003
    Messages:
    9
    Thanks for the help, I'll start reading that stuff. I just took care of the spyware with the search and destroy program.
     
  4. tonsafun

    tonsafun Thread Starter

    Joined:
    Jan 16, 2003
    Messages:
    9
    I ran the checks and it found and said it deleted the yaha worm. Then I ran the live update and it found "hanta" w32.hllp.handy and I quarantined it. I found "winservices.exe-06a34fe0.pf in c\windows\prefetch", but not the "WinServices = C:\WINDOWS\System32\WinServices.exe". Here is my new start up log, thanks. sam

    StartupList report, 1/17/2003, 10:20:14 AM
    StartupList version: 1.51
    Started from : C:\Documents and Settings\Sam\Desktop\New Folder\StartupList.EXE
    Detected: Windows XP (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\NORTON~1\navapsvc.exe
    C:\PROGRA~1\NORTON~1\Cfgwiz.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\Services32.exe
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\Program Files\Norton AntiVirus\NAVW32.EXE
    C:\Program Files\AIM95\aim.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Sam\Desktop\New Folder\StartupList.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    C-Media Mixer = C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
    WinampAgent = "C:\Program Files\Winamp\Winampa.exe"
    QuickTime Task = "C:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
    Immcheck = immcheck.exe -1
    WinStart001.EXE = C:\WINDOWS\System\WinStart001.EXE -b
    WINSTA~1.EXE = C:\WINDOWS\System\WINSTA~1.EXE -b
    NAV CfgWiz = C:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
    ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Mozilla Quick Launch = "C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -aim
    STYLEXP = C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    System32 = C:\WINDOWS\Services32.exe NORMAL

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\WINDOWS\System32\FOne.dll - {000000F1-34E3-4633-87C6-1AA7A44296DA}
    (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\WINDOWS\System32\netpal.dll (file missing) - {6085FB5B-C281-4B9C-8E5D-D2792EA30D2F}
    Natural Language Navigation - C:\WINDOWS\System\BHO001.DLL - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF}
    (no name) - (no file) - {7DD896A9-7AEB-430F-955B-CD125604FDCB}
    NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Disk Cleanup.job
    Norton AntiVirus - Scan my computer.job
    Symantec NetDetect.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [{41F17733-B041-4099-A042-B518BB6A408C}]
    CODEBASE = http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe

    [ActiveScan Installer Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
    CODEBASE = http://www.pandasoftware.com/activescan/as/asinst.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\System32\iuctl.dll
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37582.5317708333

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    --------------------------------------------------
    End of report, 4,954 bytes
    Report generated in 0.260 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  5. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    ok tonsafun.........now lets get rid of all the spyware.

    you have "gohip","netpal".......and possibly more.

    go here: http://beam.to/spybotsd
    download "spybot search and destroy" update it,then run it making sure all scanning options are checked.
    delete anything and everything it finds and marks in RED

    then come back and post another startuplist.

    sorry if this is all tedious,but its neccessary.
    good luck;)
     
  6. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    ROG or TONY.......one i dont know is "F0ne.dll" located in the browser helper objects.

    anyone?
     
  7. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Ok, it looks like yaha is gone, the AV removed winservices.exe but other problems remain.

    Did you do the regedits recommended? -- if so they've come back.

    This one's a mystery, but I know it doesn't belong:

    System32 = C:\WINDOWS\Services32.exe NORMAL

    This one is associated with a bad plugin:

    WinStart001.EXE = C:\WINDOWS\System\WinStart001.EXE -b

    http://www.doxdesk.com/parasite/IGetNet.html

    You can try the manual removal instructions there, but I'd also recommend installing, updating and running Spybot. When updating
    accept all the updates except for the PGP and Language tools.

    http://tomcoyote.com/SPYBOT/
     
  8. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    System32 = C:\WINDOWS\Services32.exe NORMAL

    ???


    that was in the 1st list.:rolleyes:

    :D
     
  9. tonsafun

    tonsafun Thread Starter

    Joined:
    Jan 16, 2003
    Messages:
    9
    I upgraded Spybot but didn't see "gohip" or "netpal", but I did get rid of all of the red that it found. I just did the regedits that were suggested but didn't find --WinServices = C:\WINDOWS\System32\WinServices.exe in HKLM\Software\Microsoft\Windows\CurrentVersion\Run. Here it is again, hopefully its clean, thanks a bunch. Also, should I worry about the W32.hllp.handy that Norton detected?




    StartupList report, 1/17/2003, 4:05:23 PM
    StartupList version: 1.51
    Started from : C:\Documents and Settings\Sam\Desktop\New Folder\StartupList.EXE
    Detected: Windows XP (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\NORTON~1\navapsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\Services32.exe
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\WINDOWS\System32\RUNDLL32.exe
    C:\Program Files\AIM95\aim.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Sam\Desktop\New Folder\StartupList.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    C-Media Mixer = C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
    WinampAgent = "C:\Program Files\Winamp\Winampa.exe"
    QuickTime Task = "C:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
    Immcheck = immcheck.exe -1
    WINSTA~1.EXE = C:\WINDOWS\System\WINSTA~1.EXE -b
    ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Mozilla Quick Launch = "C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -aim

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\WINDOWS\System32\FOne.dll - {000000F1-34E3-4633-87C6-1AA7A44296DA}
    (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\WINDOWS\System32\netpal.dll (file missing) - {6085FB5B-C281-4B9C-8E5D-D2792EA30D2F}
    Natural Language Navigation - C:\WINDOWS\System\BHO001.DLL - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF}
    (no name) - (no file) - {7DD896A9-7AEB-430F-955B-CD125604FDCB}
    NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Disk Cleanup.job
    Norton AntiVirus - Scan my computer.job
    Symantec NetDetect.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [{41F17733-B041-4099-A042-B518BB6A408C}]
    CODEBASE = http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe

    [ActiveScan Installer Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
    CODEBASE = http://www.pandasoftware.com/activescan/as/asinst.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\System32\iuctl.dll
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37582.5317708333

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    --------------------------------------------------
    End of report, 4,662 bytes
    Report generated in 0.100 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  10. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    find your way to:
    c:\windows\system32\netpal.dll and delete it.
    also:c:\windows\system\WINSTA.~1.EXE-b
    if you find these,delete em.
    (In MSCONFIG it may show up as c:\windows\winsta~1.exe)
    uncheck it if its in there.
    as forW32.hllp.handy ....low level threat.....if norton see` it....you should allow it to nuke it.
    let us know how you do.
    ;)
     
  11. Balzac

    Balzac Guest

  12. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    balzac...........this one is new to me..............i sort of though it was dodgy but couldnt find anything about it.
    thanx for the heads up.
    ;)
     
  13. tonsafun

    tonsafun Thread Starter

    Joined:
    Jan 16, 2003
    Messages:
    9
    Thanks a bunch. I have my files back and Norton or Spybot didn't pick anything up. Thanks again.
    Sam
     
  14. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    no problem sam.....glad to have helped;)
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - [Resolved] maybe masterparadise
  1. FlaredRyguy
    Replies:
    0
    Views:
    311
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/113686

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice