My computer has a virus and won't boot up - Geeks to Go Forums

Jump to content

Log in Register Register Malware removal guide How it works

My computer has a virus and won't boot up Black Screen of Death

#1 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 12:29 PM

PLEASE HELP!!!! I was on Pirate bay downloading movies and my computer got infected with a virus of some sort (I believe it was a Trojan) my avast antivirus software was inabled and said it quarantined it but my computer was still infected. It kept prompting me to buy and download some kind of anti virus removal software. It had a grey & green shield on it (don't remember the name) I tried to run my malaware bytes removal software and it would not allow me to. I also tried to go to add/remove software and it was blocked. So after no luck I tried to restart my computer and BAM now it wont boot up at all and it goes into a black screen. I tried hitting F8 and running on safe mode but no luck. I do not have any of my recovery disk or XP software so i cannot do a recovery. Please help as I need this computer for work and its completely dead right now.
I have a Dell Optiplex 320 with windows XP on it. Thank You

#2 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 01:55 PM

Please print these instruction out so that you know what you are doing. I cannot guarantee that I will get your system back up and running but I will do my best

File details OTLPENet.exe
Bytes=126,850,486
MB=120.9
MD5=8A7C5BA1C92552ADDCC5E468D0AA069A

  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Download scan.txt and save to a USB drive

  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)


  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Drag and drop the USB scan.txt into the Custom scans and fixes box
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

#3 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 02:02 PM

I am using my room mates computer as I described mine will not boot up. Can I use these instuctions anyway?
From my understanding your instructions are for someone who has a functional computer.
The computer that has the problem will not boot at all

#4 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 03:03 PM

The instructions are for a functional computer to create the boot disc which we will then use on the non-functioning system. With the disc we wil be able to access the infected computer

#5 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 03:38 PM

okay, I am stuck in step 14.Drag and drop the USB scan.txt into the Custom scans and fixes box. I am getting an error message of: Not a valid fix file!
This is what I did:
I connected the USB drive to the desk top then I went to my computer opened the USB drive and dragged and dropped the scan.txt file into Custom Scan/Fixes then got the error message : Not a valid fix file!

By the way after step 8. I was never prompted for step 9 nor step 10. It went from step 8 to step 11 which I answered yes then it went to step 12 (at top it said select user profile)I made sure the box was checked and pressed ok. OTL then started and thats when I inserted the USB drive and opened it from my computer and tried to drag and drop it into Custom Scan/Fixes then got the error message: Not a valid fix file!

Please advise on what I am doing wrong.

#6 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 03:41 PM

OK double click on the custom scan and fixes box, select the scan.txt file when prompted, then press run scan

#7 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 03:45 PM

it wont let me drag and drop it into the Custom Scans and fixes box. Its giving me the error

#8 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 03:51 PM

Double click in the box at the bottom and click OK to this dialogue

Then select the scan.txt

#9 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 03:56 PM

Okay i believe I did it where do you want me to post the otl.txt file

#10 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 04:01 PM

Here please

#11 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 04:05 PM

Okay here you go. Now what happens from here? I hope you don't mind if I ask. Will you be able to tell what Virus I have? and can you help me remove it?

OTL logfile created on: 9/3/2010 6:48:21 PM - Run
OTLPE by OldTimer - Version 3.1.40.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

990.00 Mb Total Physical Memory | 752.00 Mb Available Physical Memory | 76.00% Memory free
882.00 Mb Paging File | 799.00 Mb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 50.46 Gb Free Space | 67.76% Space Free | Partition Type: NTFS
Drive D: | 3.72 Gb Total Space | 3.03 Gb Free Space | 81.28% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/23 16:40:44 | 000,046,080 | ---- | M] (Drive Headquarter) [Auto] -- C:\Program Files\DriveHQ\DriveHQ FileManager\DHQFMSvc.exe -- (DriveHQ FileManagerFun)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006/10/23 08:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Auto] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/06/02 14:00:06 | 000,027,008 | ---- | M] (CSR) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\csrbcxp_2_2.sys -- (CSRBC)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,020,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/08/31 15:20:04 | 000,198,528 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NdisWDM.sys -- (NdisWDM)
DRV - [2006/09/14 04:45:38 | 000,003,456 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atiide.sys -- (atiide)
DRV - [2006/09/06 06:13:42 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/22 09:40:54 | 000,230,400 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/05/17 04:03:24 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/03/17 11:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ezloan_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\Ezloan_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ezloan_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\Ezloan_ON_C\..\URLSearchHook: {a1ee78d5-fb0e-4b42-ae0e-25435699883c} - Reg Error: Key error. File not found
IE - HKU\Ezloan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Ezloan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Ezloan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070202
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=6070202
IE - HKU\Guest_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/25 19:20:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/26 14:26:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/26 14:26:17 | 000,000,000 | ---D | M]

[2010/08/26 14:26:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Ezloan_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eqsvnayd] C:\Documents and Settings\Ezloan\Local Settings\Application Data\ippopuiya\orjlkhnshdw.exe (Security Suites Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ezloan_ON_C..\Run: [DriveHQ FileManager] C:\Program Files\DriveHQ\DriveHQ FileManager\FileManager.exe (DriveHQ)
O4 - HKU\Ezloan_ON_C..\Run: [eqsvnayd] C:\Documents and Settings\Ezloan\Local Settings\Application Data\ippopuiya\orjlkhnshdw.exe (Security Suites Corporation)
O4 - HKU\Ezloan_ON_C..\Run: [LaserAppUpdate] C:\Program Files\Laser App Enterprise\laupdate.exe File not found
O4 - HKU\Ezloan_ON_C..\Run: [richtx64.exe] C:\DOCUME~1\Ezloan\LOCALS~1\Temp\richtx64.exe File not found
O4 - HKU\Guest_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dynex Wireless Networking Utility.lnk = C:\Program Files\Dynex G USB Network Adapter\DynexWCUI.exe (Dynex)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr =
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage =
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage =
O7 - HKU\Ezloan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage =
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.taylorbe...criptx/smsx.cab (MeadCo ScriptX)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2....DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.3.cab (DLM Control)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {975F9329-0F5F-48D2-ADF8-AEFB19DEFB5F} http://meeting.zoho....ZohoMeeting.cab (ZohoMeeting Control)
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} http://reports.wfg-o...tivexviewer.cab (Crystal Report Viewer Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF05D910-DC8E-403A-93B0-5C866F3200D1} https://www.clickloa...PtClickLoan.cab (PtClickLoan Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/02 22:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/09/02 22:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/09/02 22:24:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\ippopuiya
[2010/09/01 15:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Vuze Downloads
[2010/09/01 15:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/09/01 15:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\Application Data\Azureus
[2010/09/01 15:44:10 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2010/08/28 15:10:32 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/08/28 15:10:31 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/08/28 15:10:30 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/08/28 15:10:28 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/08/28 15:10:25 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/08/28 15:10:25 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/08/28 15:10:24 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/28 15:10:09 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/08/28 15:10:08 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/08/28 15:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/08/28 04:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\EPASS
[2010/08/28 04:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Ebay Listings & Pictures
[2010/08/28 04:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\LA Fitness
[2010/08/28 04:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Gaby's Resume
[2010/08/28 04:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Gaby's Nutrion Plan
[2010/08/28 04:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Passport
[2010/08/28 04:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\P90X
[2010/08/28 04:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\My Documents\Traffic Citation
[2010/08/27 13:21:09 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/08/26 14:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\Mozilla
[2010/08/26 14:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\Application Data\Mozilla
[2010/08/26 14:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/19 19:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\Redtail Technology
[2010/08/14 01:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ezloan\Citrix
[2010/08/06 19:19:17 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/08/06 19:19:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/06 19:19:17 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/08/06 19:19:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/06 19:19:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/03 18:47:52 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/09/02 22:02:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/02 22:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/02 11:25:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/02 01:14:51 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Ezloan\ntuser.ini
[2010/09/02 01:14:12 | 011,809,168 | -H-- | M] () -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\IconCache.db
[2010/09/01 15:54:27 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\Ezloan\NTUSER.DAT
[2010/09/01 15:45:04 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\Ezloan\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/29 15:35:45 | 000,503,728 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/29 15:35:44 | 000,605,154 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/29 15:35:44 | 000,088,852 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/28 23:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/28 18:49:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/28 18:48:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/28 18:48:50 | 1038,192,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/28 18:48:10 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/08/28 18:48:10 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/08/28 15:10:26 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/28 05:02:50 | 000,018,944 | ---- | M] () -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/28 03:28:58 | 001,523,712 | ---- | M] () -- C:\Documents and Settings\Guest\NTUSER.DAT
[2010/08/27 15:38:52 | 000,000,054 | ---- | M] () -- C:\WINDOWS\winpoint.ini
[2010/08/26 14:26:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Ezloan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/20 17:30:07 | 000,103,720 | ---- | M] () -- C:\Documents and Settings\Ezloan\GoToAssistDownloadHelper.exe
[2010/08/14 01:37:58 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2010/08/12 20:38:51 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Ezloan\Desktop\mBackup.lnk
[2010/08/12 03:35:35 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 03:18:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/09 14:28:35 | 000,049,065 | ---- | M] () -- C:\VETlog.dmp
[2010/08/09 14:28:18 | 000,000,743 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/06 19:19:00 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/06 19:19:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/06 19:19:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/06 19:19:00 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/08/06 19:18:59 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/01 15:45:04 | 000,001,505 | ---- | C] () -- C:\Documents and Settings\Ezloan\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/27 15:38:52 | 000,000,054 | ---- | C] () -- C:\WINDOWS\winpoint.ini
[2010/08/26 14:26:22 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Ezloan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/14 01:37:58 | 000,000,081 | ---- | C] () -- C:\CTX.DAT
[2010/08/03 11:20:15 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Ezloan\g2mdlhlpx.exe
[2010/03/12 16:45:47 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Ezloan\PUTTY.RND
[2009/12/16 00:56:05 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/11/06 19:35:25 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/11/05 22:01:38 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/10/13 04:05:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/10/11 02:27:42 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/10/11 02:27:41 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/03/27 17:55:10 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/17 15:42:58 | 000,164,864 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2008/03/17 15:42:58 | 000,001,772 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/02/08 21:19:50 | 000,103,720 | ---- | C] () -- C:\Documents and Settings\Ezloan\GoToAssistDownloadHelper.exe
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2007/10/30 12:50:06 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\fusioncache.dat
[2007/10/30 12:50:05 | 001,523,712 | ---- | C] () -- C:\Documents and Settings\Guest\NTUSER.DAT
[2007/10/30 12:50:05 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat.LOG
[2007/10/30 12:50:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Guest\ntuser.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/06/12 13:57:44 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/14 13:26:19 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2007/03/14 13:26:19 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2007/03/14 13:26:18 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007/03/14 13:26:18 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2007/02/18 18:25:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/18 15:47:27 | 000,000,058 | ---- | C] () -- C:\WINDOWS\mchguid.ini
[2007/02/17 13:26:24 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Ezloan\Local Settings\Application Data\fusioncache.dat
[2007/02/17 13:26:23 | 006,291,456 | -H-- | C] () -- C:\Documents and Settings\Ezloan\NTUSER.DAT
[2007/02/17 13:26:23 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Ezloan\ntuser.dat.LOG
[2007/02/17 13:26:23 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Ezloan\ntuser.ini
[2007/02/02 21:13:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/02/02 21:13:13 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2007/02/02 21:10:02 | 000,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/02/02 20:44:22 | 000,262,144 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT
[2007/02/02 20:44:22 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
[2007/02/02 20:41:12 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 09:38:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/12 01:20:24 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2004/08/12 01:20:15 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2004/08/12 01:20:15 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:20:25 | 000,057,344 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2004/08/11 18:20:25 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2004/08/11 18:20:16 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2004/08/11 18:20:15 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2004/08/11 18:20:15 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2004/08/11 18:20:15 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/12/09 10:14:40 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\msioq32.dll
[1999/10/13 15:59:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\gns2kzip.dll

========== LOP Check ==========

[2010/09/02 22:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\Azureus
[2010/02/25 22:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\DriveHQ
[2010/06/07 12:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\DriveHQHOOK
[2010/05/16 03:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2008/10/04 15:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\GARMIN
[2007/02/17 14:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\Leadertech
[2007/05/14 11:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\PDS
[2007/03/19 09:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\Viewpoint
[2009/10/13 21:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\Windows Desktop Search
[2009/11/04 13:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ezloan\Application Data\Windows Search
[2007/11/02 19:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Viewpoint
[2009/11/12 19:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Windows Desktop Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2007/06/18 14:41:15 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2007/06/18 14:41:15 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2009/11/06 15:14:44 | 000,000,056 | ---- | M] () -- C:\aptreg.log
[2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2007/02/17 14:13:40 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/11/06 15:14:44 | 000,002,603 | ---- | M] () -- C:\cossreg.log
[2010/08/14 01:37:58 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2007/02/02 20:42:02 | 000,004,738 | RH-- | M] () -- C:\dell.sdr
[2009/11/05 22:35:18 | 004,220,704 | ---- | M] () -- C:\Gabriel Corrected Information1Cpy1.QDF
[2010/08/28 18:48:50 | 1038,192,640 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/11 14:50:56 | 000,001,209 | ---- | M] () -- C:\hpfr5550.log
[2009/10/11 14:50:56 | 000,000,524 | ---- | M] () -- C:\hpfr5550.xml
[2007/02/17 14:21:27 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/11/04 15:02:35 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/03 18:45:33 | 000,075,636 | ---- | M] () -- C:\OTL.Txt
[2010/08/28 18:48:42 | 1560,281,088 | -HS- | M] () -- C:\pagefile.sys
[2010/08/09 14:28:35 | 000,049,065 | ---- | M] () -- C:\VETlog.dmp
[2010/08/09 14:28:35 | 002,024,168 | ---- | M] () -- C:\VETlog.txt
[2009/11/05 22:31:44 | 000,941,504 | ---- | M] () -- C:\xyz.QDF


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/11 18:14:22 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/08/14 21:49:20 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2005/11/14 02:43:58 | 000,029,152 | R--- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\FSPPMFP.DLL
[2008/08/12 10:58:10 | 000,314,880 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp082.dll
[2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2009/08/14 18:02:46 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

Invalid Environment Variable: %APPDATA%\Adobe\Update\*.*

Invalid Environment Variable: %ALLUSERSPROFILE%\Favorites\*.*

Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %PROGRAMFILES%\*.* >
[2009/11/06 15:14:40 | 000,001,772 | ---- | M] () -- C:\Program Files\INSTALL.LOG
[2001/09/28 19:00:28 | 000,164,864 | ---- | M] () -- C:\Program Files\UNWISE.EXE

Invalid Environment Variable: %APPDATA%\Update\*.*

< %systemroot%\*. /mp /s >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2004/08/11 18:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/11 18:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/11 18:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

Invalid Environment Variable: %ALLUSERSPROFILE%\Start Menu\*.lnk

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

Invalid Environment Variable: %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

Invalid Environment Variable: %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %systemroot%\ADDINS\*.* >
[2004/08/04 06:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

Invalid Environment Variable: %USERPROFILE%\Favorites\*.url

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

Invalid Environment Variable: %ALLUSERSPROFILE%\*.dat

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

Invalid Environment Variable: %USERPROFILE%\Cookies\*.txt

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2009/01/30 17:40:22 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 07:19:00
< End of report >

Attached File(s)

  • Attached File  OTL.Txt (95.61K)
    Number of downloads: 39

#12 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 03 September 2010 - 04:16 PM

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

#13 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 03 September 2010 - 04:38 PM

By the way I really appreciate all your help thus far, I wanted to ask if its okay if you could be a little more detailed on your instructions as I am not to computer savy.

You completely lost me after -Then click the Run Fix button at the top

It's the last two steps im not sure about

Here is what I did:

I dragged and dropped it with no problem into the Custom scans and fixes box then I hit the red run fix at the top. It asked me if I wanted to see the log and I said yes so now I have a new text log on my screen and I do not know what to do from here. You said to let the program run unhindered, then reboot when it is done to normal mode if possible (Reboot what? Not sure what you mean by that)
Then post a new OTL log (Where is this OTL log coming from, the very first one I created) don't check the boxes beside LOP Check or Purity this time (Not sure what you mean by that, I see where I can uncheck the boxes but don't understand the action you are asking me to do in sequence the the prior step)

#14 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,467
  • Joined: 31-May 06

Posted 04 September 2010 - 04:33 AM

No problem on this . Post the log produced from the fix run here.

Then reboot the computer and attempt to get into normal windows again.
During the reboot when the system states press any key to boot from CD just leave it and it will try to boot to normal windows, let me know if it achieves that.
Once in normal windows run an OTL scan again and also post that log here

#15 littleneo

  • Group: Member
  • Posts: 20
  • Joined: 03-September 10

Posted 04 September 2010 - 11:00 AM

Okay i have done as you said and the computer did not boot up the normal way into windows, it is stil doing the black screen as before.

Actually I just got an error code when I tried posting the fix run log on here saying I am not allowed to post that kind of file here. The name of the file is: 09032010_192908.log

By the way when I ran the Run Fix it only took half a second before it gave me a log. Reason why I bring it up is you said to let it run unhindered and the run was not long at all. i don't know if that has anything to do with it.

I also just tried to redo it for a second time exactly as you posted above and it did not work again.

Please advide on what to do

Thank You, NEO

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3