| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | News, November 25 2006 |
[cut-n-paste from sophos.com]
Name W32/Rbot-FWL
Type
* Worm
How it spreads
* Network shares
Affected operating systems
* Windows
Side effects
* Allows others to access the computer
* Downloads code from the internet
* Reduces system security
* Installs itself in the Registry
* Exploits system or software vulnerabilities
Aliases
* Backdoor.Win32.Rbot.adf
* a variant of Win32/Rbot
* W32.Spybot.Worm
* WORM_RBOT.CG
Prevalence (1-5) 2
Description
W32/Rbot-FWL is a worm with IRC backdoor functionality for the
Windows platform.
W32/Rbot-FWL spreads
- to computers vulnerable to common exploits, including: WKS
(MS03-049) and
ASN.1 (MS04-007)
- to MSSQL servers protected by weak passwords
- to network shares protected by weak passwords
W32/Rbot-FWL runs continuously in the background, providing a
backdoor server
which allows a remote intruder to gain access and control over the
computer via
IRC channels.
W32/Rbot-FWL modifies the HOSTS file, appended lines to prevent
access to
certain websites.
Advanced
W32/Rbot-FWL is a worm with IRC backdoor functionality for the
Windows platform.
W32/Rbot-FWL spreads
- to computers vulnerable to common exploits, including: WKS
(MS03-049) and
ASN.1 (MS04-007)
- to MSSQL servers protected by weak passwords
- to network shares protected by weak passwords
W32/Rbot-FWL runs continuously in the background, providing a
backdoor server
which allows a remote intruder to gain access and control over the
computer via
IRC channels.
When first run W32/Rbot-FWL copies itself to <System>\atigfx.exe.
The following registry entries are created to run atigfx.exe on
startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ATI Video Driver Control
atigfx.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ATI Video Driver Control
atigfx.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
ATI Video Driver Control
atigfx.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
ATI Video Driver Control
atigfx.exe
Registry entries are set as follows:
HKCU\SYSTEM\CurrentControlSet\Control\Lsa
ATI Video Driver Control
atigfx.exe
HKLM\SYSTEM\CurrentControlSet\Control\Lsa
ATI Video Driver Control
atigfx.exe
HKCU\Software\Microsoft\OLE
ATI Video Driver Control
atigfx.exe
HKLM\SOFTWARE\Microsoft\Ole
ATI Video Driver Control
atigfx.exe
Name Troj/Nebuler-M
Type
* Spyware Trojan
Affected operating systems
* Windows
Side effects
* Steals information
* Installs itself in the Registry
Aliases
* Trojan-Dropper.Win32.Small.aua
* Win32/Agent.NEQ
* TROJ_SMALL.DSN
Prevalence (1-5) 2
Description
Troj/Nebuler-M is a Trojan for the Windows platform.
Troj/Nebuler-M gathers details relating to dialup services and sends
collected information to a remote site via HTTP.
Advanced
Troj/Nebuler-M is a Trojan for the Windows platform.
Troj/Nebuler-M gathers details relating to dialup services and sends
collected information to a remote site via HTTP.
The Trojan may inject code into other processes in an attempt to
remain hidden.
When Troj/Nebuler-M is installed the following files are created:
\win32.dll
Where are random letters.
The file win32.dll is detected as Troj/Nebule-Gen.
The following registry entries are created to run code exported by
win32.dll on startup:
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\win32
DllName
win32.dll
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\win32
Impersonate
0
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\win32
Startup
EvtStartup
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\MSSMGR\
Name W32/Rbot-FWM
Type
* Worm
How it spreads
* Network shares
Affected operating systems
* Windows
Side effects
* Allows others to access the computer
* Installs itself in the Registry
Aliases
* Backdoor.Win32.SdBot.awk
Prevalence (1-5) 2
Description
W32/Rbot-FWM is a worm with IRC backdoor functionality for the
Windows platform.
W32/Rbot-FWM runs continuously in the background, providing a
backdoor server
which allows a remote intruder to gain access and control over the
computer via
IRC channels.
Advanced
W32/Rbot-FWM is a worm with IRC backdoor functionality for the
Windows platform.
W32/Rbot-FWM runs continuously in the background, providing a
backdoor server
which allows a remote intruder to gain access and control over the
computer via
IRC channels.
When first run W32/Rbot-FWM copies itself to <System>\svcchost.exe.
The following registry entries are created to run svcchost.exe on
startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
msvcc25
svcchost.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
msvcc25
svcchost.exe
Registry entries are set as follows:
HKLM\SOFTWARE\Microsoft\Ole
EnableDCOM
N
HKLM\SYSTEM\CurrentControlSet\Control\Lsa
restrictanonymous
1
Name Troj/Clagger-AK
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
* Reduces system security
Prevalence (1-5) 2
Description
Troj/Clagger-AK is a Trojan for the Windows platform.
Troj/Clagger-AK includes functionality to download, install and run
new software.
Advanced
Troj/Clagger-AK is a Trojan for the Windows platform.
Troj/Clagger-AK includes functionality to download, install and run
new software.
Troj/Clagger-AK attempts to download files to the following locations:
\1.exe
\chii.exe
\zupacha.exe
The following registry entry is set, affecting internet security:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
FiREWaLLpolicy\StAnDaRDPrOFiLe\AUtHorizedapplications\List\
:*:ENABLED:0
Name W32/Looked-AX
Type
* Virus
How it spreads
* Network shares
* Infected files
Affected operating systems
* Windows
Side effects
* Turns off anti-virus applications
* Downloads code from the internet
* Installs itself in the Registry
* Leaves non-infected files on computer
Prevalence (1-5) 2
Description
W32/Looked-AX is a virus which can also spread via network shares.
W32/Looked-AX runs continuously in the background, providing a
backdoor server which allows a remote intruder to gain access and
control over the computer.
Advanced
W32/Looked-AX is a virus which can also spread via network shares.
W32/Looked-AX runs continuously in the background, providing a
backdoor server which allows a remote intruder to gain access and
control over the computer.
W32/Looked-AX includes functionality to access the internet and
communicate with a remote server via HTTP.
When run W32/Looked-AX copies itself to
\uninstall\rundl132.exe and creates the following files:
\Dll.dll
Dll.dll is also detected as W32/Looked-AX.
The following registry entry is created to run rundl132.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
load
\uninstall\rundl132.exe
Registry entries are created under:
HKLM\SOFTWARE\Soft\DownloadWWW\
Name Troj/Vixup-BZ
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
* Reduces system security
* Installs itself in the Registry
Aliases
* Trojan-Downloader.Win32.Tibs.ir
* Win32/TrojanDownloader.Small.AWA
* Trojan.Galapoper.A
* TROJ_TIBS.OS
Prevalence (1-5) 2
Description
Troj/Vixup-BZ is a Trojan for the Windows platform.
Troj/Vixup-BZ includes functionality to download and run further
executable code.
Advanced
Troj/Vixup-BZ is a Trojan for the Windows platform.
Troj/Vixup-BZ includes functionality to download and run further
executable code.
When first run Troj/Vixup-BZ copies itself to \kernels8.exe
and may download a file to \dlh9jkdq8.exe.
The following registry entry is created to run kernels8.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
System
\kernels8.exe
The following registry entry is set, disabling the Windows task
manager (taskmgr):
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr
1
Name W32/Stration-AJ
Type
* Worm
How it spreads
* Network shares
Affected operating systems
* Windows
Side effects
* Drops more malware
* Downloads code from the internet
* Installs itself in the Registry
Aliases
* WORM_STRAT.GG
Prevalence (1-5) 2
Description
W32/Stration-AJ is a worm for the Windows platform.
W32/Stration-AJ includes functionality to download, install and run
new software.
Advanced
W32/Stration-AJ is a worm for the Windows platform.
W32/Stration-AJ includes functionality to download, install and run
new software.
When first run W32/Stration-AJ copies itself to \cserv32.exe
and creates the following files:
\cserv32.dat
\e1.dll
The file e1.dll is detected as W32/Strati-Gen.
The following registry entry is created to run cserv32.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
cserv32
\cserv32.exe s
The following registry entry is set:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
e1.dll
Name Troj/QQRob-ABA
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Turns off anti-virus applications
* Installs itself in the Registry
Aliases
* Trojan-PSW.Win32.QQRob.is
* PAK_Generic.001
Prevalence (1-5) 2
Description
Troj/QQRob-ABA is a Trojan for the Windows platform.
Advanced
Troj/QQRob-ABA is a Trojan for the Windows platform.
When first run Troj/QQRob-ABA copies itself to:
\.exe
\System\.dat
\Help\adsal.chm
and creates the file \System\.dll.
This file is also detected as Troj/QQRob-ABA.
The file .dll is registered as a COM object and
ShellExecute hook, creating registry entries under:
HKCR\CLSID\(random CLSID)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
ShellExecuteHooks\(randome CLSID)
The following registry entries are also created, disabling certain
anti-virus and security processes:
HKLM\SYSTEM\CurrentControlSet\Services\AVP
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\FireSvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\KPfwSvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\KVSrvXP
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\KVWSC
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\KWatchSvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\McAfeeFramework
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\McShield
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\McTaskManager
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\MskService
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\NPFMntor
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\RfwService
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\RsCCenter
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\RsRavMon
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\SKNFW
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\SPBBCSvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\SkyProcs
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\Symantec Core LC
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\ccEvtMgr
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\ccProxy
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\ccSetMgr
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\kavsvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\navapsvc
Start
4
HKLM\SYSTEM\CurrentControlSet\Services\wscsvc
Start
4
Name W32/Looked-AY
Type
* Virus
How it spreads
* Network shares
* Infected files
Affected operating systems
* Windows
Side effects
* Steals information
* Downloads code from the internet
* Installs itself in the Registry
Aliases
* W32/HLLP.Philis.bt
Prevalence (1-5) 2
Description
W32/Looked-AY is a virus and worm for the Windows platform.
W32/Looked-AY spreads to other network computers.
W32/Looked-AY includes functionality to access the internet and
communicate with a remote server via HTTP.
Advanced
W32/Looked-AY is a virus and worm for the Windows platform.
W32/Looked-AY spreads to other network computers.
W32/Looked-AY includes functionality to access the internet and
communicate with a remote server via HTTP.
When first run W32/Looked-AY copies itself to
\uninstall\rundl132.exe and creates the following files:
\RichDll.dll - detected as W32/Looked-AY
The following registry entry is created to run rundl132.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
load
\uninstall\rundl132.exe
Registry entries are created under:
HKLM\SOFTWARE\Soft\DownloadWWW\
Name Troj/Dloadr-AQK
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
Aliases
* Win32/TrojanDownloader.Agent.AXS
Prevalence (1-5) 2
Description
Troj/Dloadr-AQK is a downloading Trojan for the Windows platform.
Advanced
Troj/Dloadr-AQK is a downloading Trojan for the Windows platform.
Troj/Dloadr-AQK includes functionality to connect to the internet and
communicate with a remote server via HTTP.
Registry entries are created under:
HKCU\Software\unker\\main\
Name W32/Dref-Q
Type
* Worm
How it spreads
* Email attachments
Affected operating systems
* Windows
Side effects
* Turns off anti-virus applications
* Sends itself to email addresses found on the infected computer
* Drops more malware
* Forges the sender's email address
* Uses its own emailing engine
* Installs itself in the Registry
Aliases
* Win32/Nuwar.gen
Prevalence (1-5) 2
Description
W32/Dref-Q is a mass-mailing worm for the Windows platform.
Messages sent by the worm have the following characteristics:
Subject: taken from a list including
Urgent News!
Attn
News!
Incredible news!
Read and resend asap!
or a headline retrieved from a news website.
Attached filename: taken from a list including
read me.exe
CNN latest news.exe
CNN news reader.exe
cnn.exe
news reader.exe
Advanced
W32/Dref-Q is a mass-mailing worm for the Windows platform.
Messages sent by the worm have the following characteristics:
Subject: one of
Urgent News!
Attn
News!
Incredible news!
Read and resend asap!
Attn to everybody!
Urg
White house news!
or a headline retrieved from a news website.
Attached filename: one of
read me.exe
CNN latest news.exe
CNN news reader.exe
cnn.exe
news reader.exe
cnn site explorer.exe
www-CNN-COM.exe
news agent.exe
webnews agent.exe
cnn agent.exe
When first run, W32/Dref-Q will open a browser displaying a news
website.
W32/Dref-Q copies itself to \wservice.exe and
creates the a randomly-named executable in the current folder. This
randomly named executable is detected as Troj/DownLdr-QK.
The following registry entries are created to run wservice.exe on
startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
UpdateService
\wservice.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
UpdateService
\wservice.exe
W32/Dref-Q sets the following registry entries, disabling the
automatic startup of other software:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
4
Note: disabling autostart for the SharedAccess service deactivates
the Microsoft Internet Connection Firewall (ICF).
Name Troj/Adload-KB
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
Aliases
* Trojan-Downloader.Win32.Adload.hw
* TROJ_ADLOAD.RG
Prevalence (1-5) 2
Description
Troj/Adload-KB ia a Trojan for the Windows platform.
The Trojan includes functionality to access the internet and
communicate with a remote server via HTTP.
Name Troj/Clagger-AL
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
Prevalence (1-5) 2
Description
Troj/Clagger-AL is a downloading Trojan for the Windows platform.
Advanced
Troj/Clagger-AL is a downloading Trojan for the Windows platform.
Troj/Clagger-AL downloads files from a list of preconfigured URLs to
the Windows folder and executes them.
Name Troj/Clagger-AM
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
Aliases
* Trojan.Schoeberl.D
Prevalence (1-5) 2
Description
Troj/Clagger-AM is a Trojan for the Windows platform.
Name W32/Sdbot-CUJ
Type
* Worm
How it spreads
* Network shares
Affected operating systems
* Windows
Side effects
* Turns off anti-virus applications
* Allows others to access the computer
* Installs itself in the Registry
* Exploits system or software vulnerabilities
Aliases
* Backdoor.Win32.SdBot.azd
* W32/Backdoor.PVO
Prevalence (1-5) 2
Description
W32/Sdbot-CUJ is a network worm for the Windows platform.
W32/Sdbot-CUJ runs continuously in the background, providing a
backdoor server which allows a remote intruder to gain access and
control over the computer via IRC channels.
W32/Sdbot-CUJ spreads to other network computers by exploiting common
buffer overflow vulnerabilities.
Advanced
W32/Sdbot-CUJ is a network worm for the Windows platform.
W32/Sdbot-CUJ runs continuously in the background, providing a
backdoor server which allows a remote intruder to gain access and
control over the computer via IRC channels.
W32/Sdbot-CUJ spreads to other network computers by exploiting common
buffer overflow vulnerabilities.
When first run W32/Sdbot-CUJ copies itself to \directx.exe.
The file directx.exe is registered as a new system driver service
named "directx.exe", with a display name of "directx.exe" and a
startup type of automatic, so that it is started automatically during
system startup. Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Services\directx.exe\
The worm disables the Windows System File Checker by changing the
following registry entry:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
SFCDisable
ffffff9d
(the default value for this entry is 0)
W32/Sdbot-CUJ overwrites the following system files:
\sfc_os.dll
\ftp.exe
\tftp.exe
Name W32/Looked-AZ
Type
* Virus
How it spreads
* Network shares
* Infected files
Affected operating systems
* Windows
Side effects
* Steals information
* Downloads code from the internet
* Installs itself in the Registry
* Leaves non-infected files on computer
Prevalence (1-5) 2
Description
W32/Looked-AZ is a virus.
W32/Looked-AZ infects EXE files found on the infected computer and
attempts to spread to remote network shares with weak passwords.
The virus includes functionality to access the internet and
communicate with a remote server via HTTP.
Advanced
W32/Looked-AZ is a virus.
W32/Looked-AZ infects EXE files found on the infected computer and
attempts to spread to remote network shares with weak passwords.
The virus includes functionality to access the internet and
communicate with a remote server via HTTP.
When first run W32/Looked-AZ copies itself to
\uninstall\rundl132.exe and \logo1_.exe and creates
files \RichDll.dll, which is also detected as W32/Looked-AZ.
Many files with the name "_desktop.ini" are also created, in various
folders on the infected computer. These files are harmless text files.
The following registry entry is created to run rundl132.exe on startup:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
\uninstall\rundl132.exe
Registry entries are created under:
HKLM\SOFTWARE\Soft\DownloadWWW\
Name Troj/Clagger-AN
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Downloads code from the internet
Aliases
* Downloader-ATM
Prevalence (1-5) 2
Description
Troj/Clagger-AN is a downloading Trojan for the Windows platform.
Troj/Clagger-AN downloads files from preconfigured URLs to the
Windows folder and executes them.
Name Troj/Lineag-AEO
Type
* Spyware Trojan
Affected operating systems
* Windows
Side effects
* Steals information
* Drops more malware
* Records keystrokes
* Installs itself in the Registry
Aliases
* Trojan-PSW.Win32.Hangame.cl
* Trojan-PSW.Win32.Nilage.ajk
Prevalence (1-5) 2
Description
Troj/Lineag-AEO is a password stealing Trojan for the Windows platform.
Troj/Lineag-AEO includes functionality to access the internet and
communicate with a remote server via HTTP.
Advanced
Troj/Lineag-AEO is a password stealing Trojan for the Windows platform.
Troj/Lineag-AEO includes functionality to access the internet and
communicate with a remote server via HTTP.
When Troj/Lineag-AEO is installed the following files are created:
\ri.exe
\t2.exe
\Internet Explorer\explorer.exe
\ccdll.dll
The files explorer.exe and ri.exe are detected as Troj/Hangame-AF.
The files t2.exe and ccdll.dll are also detected as Troj/Lineag-AEO.
The following registry entry is created to run explorer.exe on startup:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
\INTERN~1\explorer.exe
Name Troj/WowPWS-AJ
Type
* Spyware Trojan
Affected operating systems
* Windows
Side effects
* Steals information
* Downloads code from the internet
* Installs itself in the Registry
Prevalence (1-5) 2
Description
Troj/WowPWS-AJ is a Trojan for the Windows platform.
Troj/WowPWS-AJ includes functionality to access the internet and
communicate with a remote server via HTTP.
Advanced
Troj/WowPWS-AJ is a Trojan for the Windows platform.
Troj/WowPWS-AJ includes functionality to access the internet and
communicate with a remote server via HTTP.
Troj/WowPWS-AJ includes functionality to steal passwords for certain
online games.
When first run Troj/WowPWS-AJ copies itself to
\Download\svhost32.exe and creates the following files:
\a.dll
\xydll.dll
The following registry entry is created to run svhost32.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
xy
\Download\svhost32.exe
Name Troj/Nebuler-N
Type
* Trojan
Affected operating systems
* Windows
Side effects
* Drops more malware
* Installs itself in the Registry
Aliases
* Trojan-Dropper.Win32.Agent.azn
Prevalence (1-5) 2
Description
Troj/Nebuler-N is a Trojan for the Windows platform.
Advanced
Troj/Nebuler-N is a Trojan for the Windows platform.
When Troj/Nebuler-N is installed the following files are created:
\mst1.bat
\mst1.tmp
\mit.bat
\winool32.dll
The files winool32.dll and mst1.tmp are detected as Troj/Nebule-Gen.
The files mst1.bat and mit.bat are clean scripts to delete
Troj/Nebuler-N files.
The following registry entries are created to run code exported by
winool32.dll on startup:
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\winool32
DllName
winool32.dll
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\winool32
Impersonate
0
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\winool32
Startup
EvtStartup
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\MSSMGR\
Troj/Nebuler-N may create files in the following folders:
\Application Data\Microsoft\Crypto\rsa
\Application Data\Microsoft\Protect
--- MultiMail/Win32 v0.43
* Origin: Try Our Web Based QWK: DOCSPLACE.ORG (1:123/140)SEEN-BY: 633/267 270 @PATH: 123/140 500 379/1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.