Quick question
- Thread starter Hi.Im.New
- Start date
- Status
The Korgo worm, just like Sasser, exploits the LSASS vulnerability to spread rapidly across the Internet. But unlike Sasser, Korgo tries to lay low when it infects computers. Users won't see tell-tale signs such as continuous restarts in infected computers. Korgo will, however, depending on the variant, delete certain files, open communication ports, and try to connect to various IRC servers.
Make sure you are updated and you will be fine.
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
Now post a hijack this log so we can check
Make sure you are updated and you will be fine.
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
Now post a hijack this log so we can check
ok heres hijack this:
hijack just checks the partition with ur system files cause i have 3 others:
Logfile of HijackThis v1.99.0
Scan saved at 6:36:49 AM, on 5/21/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE\Monitor.exe
G:\WINDOWS\System32\sstray.exe
G:\WINDOWS\System32\TCAUDIAG.exe
G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Winamp\winampa.exe
G:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
G:\PROGRA~1\AIM\aim.exe
G:\Program Files\MSN Messenger\MsnMsgr.Exe
G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
G:\Program Files\Common Files\VideoMate\ComproRemote.exe
G:\Program Files\Common Files\VideoMate\ComproScheduler.exe
G:\WINDOWS\System32\rundll32.exe
G:\WINDOWS\System32\3Com_DMI\3CDMINIC.EXE
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\WINDOWS\System32\Ati2evxx.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\system32\ZoneLabs\vsmon.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\PROGRA~1\MOZILL~1\FIREFOX.EXE
G:\WINDOWS\System32\wuauclt.exe
G:\WINDOWS\System32\wuauclt.exe
G:\Program Files\Alwil Software\Avast4\ashSimpl.exe
G:\WINDOWS\System32\taskmgr.exe
G:\Documents and Settings\shutdawg\Desktop\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - G:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ulead AutoDetector] G:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE\Monitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ATIPTA] G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe
O4 - HKLM\..\Run: [Zone Labs Client] G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] G:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ViewMgr] G:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI Launchpad] "G:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI Remote Control] G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKCU\..\Run: [AIM] G:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ComproRemote.lnk = G:\Program Files\Common Files\VideoMate\ComproRemote.exe
O4 - Global Startup: ComproScheduler.lnk = G:\Program Files\Common Files\VideoMate\ComproScheduler.exe
O4 - Global Startup: TweakYC.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - G:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O23 - Service: 3Com DMI Agent - 3Com Corporation - G:\WINDOWS\System32\3Com_DMI\3CDMINIC.EXE
O23 - Service: avast! iAVS4 Control Service - Unknown - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown - G:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - G:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service - Unknown - G:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
hijack just checks the partition with ur system files cause i have 3 others:
Logfile of HijackThis v1.99.0
Scan saved at 6:36:49 AM, on 5/21/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE\Monitor.exe
G:\WINDOWS\System32\sstray.exe
G:\WINDOWS\System32\TCAUDIAG.exe
G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Winamp\winampa.exe
G:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
G:\PROGRA~1\AIM\aim.exe
G:\Program Files\MSN Messenger\MsnMsgr.Exe
G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
G:\Program Files\Common Files\VideoMate\ComproRemote.exe
G:\Program Files\Common Files\VideoMate\ComproScheduler.exe
G:\WINDOWS\System32\rundll32.exe
G:\WINDOWS\System32\3Com_DMI\3CDMINIC.EXE
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\WINDOWS\System32\Ati2evxx.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\system32\ZoneLabs\vsmon.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\PROGRA~1\MOZILL~1\FIREFOX.EXE
G:\WINDOWS\System32\wuauclt.exe
G:\WINDOWS\System32\wuauclt.exe
G:\Program Files\Alwil Software\Avast4\ashSimpl.exe
G:\WINDOWS\System32\taskmgr.exe
G:\Documents and Settings\shutdawg\Desktop\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - G:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ulead AutoDetector] G:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE\Monitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ATIPTA] G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe
O4 - HKLM\..\Run: [Zone Labs Client] G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] G:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ViewMgr] G:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI Launchpad] "G:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI Remote Control] G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKCU\..\Run: [AIM] G:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ComproRemote.lnk = G:\Program Files\Common Files\VideoMate\ComproRemote.exe
O4 - Global Startup: ComproScheduler.lnk = G:\Program Files\Common Files\VideoMate\ComproScheduler.exe
O4 - Global Startup: TweakYC.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - G:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O23 - Service: 3Com DMI Agent - 3Com Corporation - G:\WINDOWS\System32\3Com_DMI\3CDMINIC.EXE
O23 - Service: avast! iAVS4 Control Service - Unknown - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown - G:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - G:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service - Unknown - G:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
Remove entries at your own risk
O23 - Service: X10 Device Network Service - Unknown - G:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) Unknown service. (x10nets.exe (file missing))
Unnecessary (deactivated) entry that can be fixed.
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
Possibly nasty Unknown buttons or entries in the 'Extras'-menu should be fixed. To be fixed if the entry 'AbsolutePoker.com ' is unknown.
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk To be fixed if the entry 'AbsolutePoker.com ' is unknown.
O4 - Global Startup: TweakYC.lnk = ? Unknown application.
The entry is unnecessary and can be fixed.
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe Unknown application.
O23 - Service: X10 Device Network Service - Unknown - G:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) Unknown service. (x10nets.exe (file missing))
Unnecessary (deactivated) entry that can be fixed.
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
Possibly nasty Unknown buttons or entries in the 'Extras'-menu should be fixed. To be fixed if the entry 'AbsolutePoker.com ' is unknown.
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk To be fixed if the entry 'AbsolutePoker.com ' is unknown.
O4 - Global Startup: TweakYC.lnk = ? Unknown application.
The entry is unnecessary and can be fixed.
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe Unknown application.
Hi Hi.Im.New
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's
anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers
when you are following the procedures below.
Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is
enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When
you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system
folders, Search hidden files and folders, and Search subfolders are checked.
For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use
or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we
think is bad to keep).
Go to Add/Remove programs and remove(uninstall) the following, if present:
Web Related
The above could appear anywhere within the entry. Be careful not to remove any personal or system software.
===============
Download, then unzip to "C:\HJT", the newest version of HiJackThis; version 1.99.1. Then repost your log, either now, or after following the steps in the solution (if provided in this post). This version has features that might be more helpful in 'cleaning' up your system.
Boot into "Safe Mode".
===============
Run HiJackThis and click "Scan", then check(tick) the following, if present:
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe
O4 - Global Startup: TweakYC.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
Now, with all windows closed except HiJackThis, click "Fix checked".
===============
Locate and delete the following item(s), if present. Make sure your able to view system and hidden files/ folders:
files...
G:\WINDOWS\System32\wxtdcjpx.exe
-
Then download and install all the critical windows updates available from Microsoft, at least up to service pack 1. This will help to make your system more secure and prevent many 'problems' from reoccuring in the future.
===============
Post back a new log, and let me know how everything goes.
-
Lobos.
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's
anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers
when you are following the procedures below.
Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is
enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When
you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system
folders, Search hidden files and folders, and Search subfolders are checked.
For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use
or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we
think is bad to keep).
Go to Add/Remove programs and remove(uninstall) the following, if present:
Web Related
The above could appear anywhere within the entry. Be careful not to remove any personal or system software.
===============
Download, then unzip to "C:\HJT", the newest version of HiJackThis; version 1.99.1. Then repost your log, either now, or after following the steps in the solution (if provided in this post). This version has features that might be more helpful in 'cleaning' up your system.
Boot into "Safe Mode".
===============
Run HiJackThis and click "Scan", then check(tick) the following, if present:
O4 - HKLM\..\Run: [Windows Update] G:\WINDOWS\System32\wxtdcjpx.exe
O4 - Global Startup: TweakYC.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: AbsolutePoker.com - {EFFF8D47-D060-4108-B761-E8EC86622E56} - G:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
Now, with all windows closed except HiJackThis, click "Fix checked".
===============
Locate and delete the following item(s), if present. Make sure your able to view system and hidden files/ folders:
files...
G:\WINDOWS\System32\wxtdcjpx.exe
-
Then download and install all the critical windows updates available from Microsoft, at least up to service pack 1. This will help to make your system more secure and prevent many 'problems' from reoccuring in the future.
===============
Post back a new log, and let me know how everything goes.
-
Lobos.
- Status
