shopica

View previous topic View next topic Go down

shopica

Post by angelaalicecrown on 10th August 2011, 12:34 am

OTL logfile created on: 8/9/2011 8:05:07 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\angela\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 552.28 Mb Available Physical Memory | 54.04% Memory free
2.41 Gb Paging File | 2.05 Gb Available in Paging File | 85.39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.84 Gb Total Space | 35.93 Gb Free Space | 50.72% Space Free | Partition Type: NTFS
Drive D: | 527.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: GERVAIS | User Name: angela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/09 20:04:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\angela\Desktop\OTL.com
PRC - [2011/04/29 12:12:20 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010/05/07 08:36:10 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2008/10/12 13:53:34 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/04 17:43:30 | 000,296,080 | ---- | M] () -- C:\Program Files\SealedMedia\sealmon.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/02/20 05:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2005/05/19 17:59:03 | 000,176,128 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Walgreens\Walgreens PhotoShow\data\Xtras\mssysmgr.exe
PRC - [2004/05/12 16:18:54 | 000,135,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
PRC - [2004/02/13 14:12:08 | 000,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe


========== Modules (SafeList) ==========

MOD - [2011/08/09 20:04:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\angela\Desktop\OTL.com
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2004/02/11 16:58:16 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\angela\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/05/07 08:36:10 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2004/10/25 17:01:52 | 000,421,888 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlbtcoms.exe -- (dlbt_device)


========== Driver Services (SafeList) ==========

DRV - [2008/09/19 11:28:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/09/19 11:28:43 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/09/17 15:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/06/16 04:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found



O1 HOSTS File: ([2010/09/13 07:14:22 | 000,419,221 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14468 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {4A0BA746-D4D6-41a6-81EF-413E52B5F8D6} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [sealmon] C:\Program Files\SealedMedia\sealmon.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Walgreens\Walgreens PhotoShow\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [Search Protection] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] File not found
O4 - HKCU..\Run: [YSearchProtection] File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {00000162-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} [You must be registered and logged in to see this link.] (CamImage Class)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} [You must be registered and logged in to see this link.] (YahooYMailTo Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} [You must be registered and logged in to see this link.] (YAddBook Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\angela\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\angela\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/18 19:54:00 | 000,000,814 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/15 05:40:00 | 000,000,045 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - Reg Error: Value error.
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{BCA684BB-A081-4A0F-95EC-D2EA3B466B1F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/09 20:04:28 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\angela\Desktop\OTL.com
[2011/06/16 20:14:01 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\kwhoujPtBlUodn.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/09 20:04:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\angela\Desktop\OTL.com
[2011/08/09 19:54:40 | 000,023,485 | ---- | M] () -- C:\logfile
[2011/08/09 19:48:34 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/08/09 19:47:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/09 19:46:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/09 19:46:40 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/09 19:46:40 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/31 16:54:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/31 16:25:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/16 20:14:20 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\164A3.sys
[2008/10/18 09:00:32 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\angela\Application Data\MyPhrases.dta
[2008/06/14 08:41:37 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\d3d9prs.dat
[2007/09/18 06:31:25 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/15 22:09:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/12 23:22:32 | 000,039,749 | ---- | C] () -- C:\WINDOWS\System32\cpmrot-uninst.exe
[2007/01/01 20:46:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/11/16 22:24:50 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/10/08 23:09:38 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/25 15:22:48 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\angela\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/09 14:29:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/09 13:30:27 | 000,086,489 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2005/10/09 13:30:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2005/09/16 20:20:49 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\angela\Application Data\PFP120JPR.{PB
[2005/09/16 20:20:49 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\angela\Application Data\PFP120JCM.{PB
[2005/09/09 20:19:43 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/09/06 18:43:00 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/09/06 18:01:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/07/31 11:03:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/07/13 17:49:45 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\angela\Local Settings\Application Data\fusioncache.dat
[2005/07/13 17:44:16 | 000,000,973 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/07/13 17:43:15 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll
[2005/07/13 17:43:15 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll
[2005/07/13 17:42:35 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\dlbtih.exe
[2005/07/13 17:42:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll
[2005/07/13 17:42:32 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll
[2005/07/13 17:42:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll
[2005/07/13 17:42:26 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll
[2005/07/13 17:42:20 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll
[2005/07/07 21:20:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/07 21:11:30 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/07 21:08:33 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/07 20:44:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/07/07 20:44:30 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/07/07 20:44:12 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,405,310 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,063,860 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/01/02 16:45:38 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\angela\Desktop\install_flash_player.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2005/07/13 17:45:18 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 5.0 Sprint
[2011/02/06 20:28:21 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/07/07 20:51:42 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2008/05/27 14:34:54 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/04/29 19:24:29 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2011/05/21 14:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2011/06/24 18:42:15 | 000,000,000 | ---D | M] -- C:\Program Files\ATT
[2010/11/14 10:54:02 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2006/03/24 22:37:45 | 000,000,000 | ---D | M] -- C:\Program Files\bama
[2009/08/16 01:55:58 | 000,000,000 | ---D | M] -- C:\Program Files\BroadJump
[2011/04/29 19:24:54 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/10 14:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2011/06/24 18:43:13 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2005/09/09 20:19:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2005/07/13 17:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Computer
[2005/07/07 21:07:32 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2005/07/13 17:43:15 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Photo AIO Printer 922
[2005/07/13 11:45:36 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2011/01/02 16:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/03/19 12:31:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dl_cats
[2009/08/16 13:38:19 | 000,000,000 | ---D | M] -- C:\Program Files\Error Fixer
[2009/02/16 22:37:43 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/08/16 01:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\GrandBilliards
[2005/10/09 13:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2005/10/09 13:35:38 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2008/02/26 22:51:27 | 000,000,000 | ---D | M] -- C:\Program Files\IKEA HomePlanner
[2011/06/24 18:46:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/17 18:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/01/02 15:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/07/07 21:10:19 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2011/08/06 07:27:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2006/07/27 12:57:21 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2011/08/06 07:27:51 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2005/07/13 17:46:15 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2009/04/16 15:01:28 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/06/20 21:03:43 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2010/09/13 06:59:46 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2011/07/29 10:19:17 | 000,000,000 | ---D | M] -- C:\Program Files\LeapFrog
[2009/07/12 09:38:11 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2008/10/18 10:52:28 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/07/15 22:08:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2004/08/10 14:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/07/15 22:06:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/07/07 21:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/07/07 21:05:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2010/04/09 12:20:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2007/07/15 22:06:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/10/18 10:48:09 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2007/09/22 20:52:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 14:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/11/15 04:00:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2005/09/09 20:18:43 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2005/07/07 21:07:33 | 000,000,000 | ---D | M] -- C:\Program Files\MyWaySA
[2008/10/18 10:46:06 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2004/08/10 14:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/08/12 22:46:16 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2007/04/17 18:55:19 | 000,000,000 | ---D | M] -- C:\Program Files\PatentWizard, LLC
[2007/05/15 21:46:25 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2005/07/07 21:09:24 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2011/04/29 19:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\Sanyo
[2005/11/05 22:04:05 | 000,000,000 | ---D | M] -- C:\Program Files\SBC Self Support Tool
[2005/09/06 18:01:27 | 000,000,000 | ---D | M] -- C:\Program Files\SBC Yahoo!
[2007/09/13 21:48:33 | 000,000,000 | ---D | M] -- C:\Program Files\SealedMedia
[2010/06/06 08:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\Shared
[2005/07/07 21:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2011/07/29 10:47:59 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/01/27 23:17:48 | 000,000,000 | ---D | M] -- C:\Program Files\Stamps.com Internet Postage
[2009/01/22 16:28:28 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2007/01/01 20:47:06 | 000,000,000 | ---D | M] -- C:\Program Files\The Learning Company
[2008/04/16 10:41:09 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
[2009/05/21 20:10:01 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
[2009/05/21 20:10:39 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2007/07/08 21:00:19 | 000,000,000 | R--D | M] -- C:\Program Files\TypingMaster
[2004/08/10 14:08:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/09/13 06:54:16 | 000,000,000 | ---D | M] -- C:\Program Files\Upromise
[2005/07/07 21:09:41 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2006/01/01 12:32:03 | 000,000,000 | ---D | M] -- C:\Program Files\Walgreens
[2008/10/18 10:46:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/10/18 10:46:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/10 14:02:52 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/07/07 21:03:47 | 000,000,000 | ---D | M] -- C:\Program Files\WordPerfect Office 12
[2004/08/10 14:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2011/05/25 21:04:20 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2005/07/07 21:03:29 | 000,000,000 | ---D | M] -- C:\Program Files\Your Company Name


< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/10/18 10:39:36 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/04 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-08-18 13:57:24

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 07:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/02/22 15:53:25 | 000,024,576 | ---- | M] ()(C:\Documents and Settings\angela\My Documents\??vein notes.doc) -- C:\Documents and Settings\angela\My Documents\��vein notes.doc
[2009/02/22 15:53:25 | 000,024,576 | ---- | C] ()(C:\Documents and Settings\angela\My Documents\??vein notes.doc) -- C:\Documents and Settings\angela\My Documents\��vein notes.doc

< End of report >

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

shopica

Post by angelaalicecrown on 10th August 2011, 12:35 am

aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-09 20:25:09
-----------------------------
20:25:09.546 OS Version: Windows 5.1.2600 Service Pack 3
20:25:09.546 Number of processors: 1 586 0x401
20:25:09.546 ComputerName: GERVAIS UserName: angela
20:25:10.796 Initialize success
20:25:28.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:25:28.125 Disk 0 Vendor: WDC_WD800BB-75JHC0 06.01C06 Size: 76293MB BusType: 3
20:25:30.140 Disk 0 MBR read successfully
20:25:30.140 Disk 0 MBR scan
20:25:30.140 Disk 0 unknown MBR code
20:25:30.140 Disk 0 scanning sectors +156232125
20:25:30.218 Disk 0 scanning C:\WINDOWS\system32\drivers
20:25:46.515 File: C:\WINDOWS\system32\drivers\volsnap.sys **SUSPICIOUS**
20:25:47.062 Service scanning
20:25:47.843 Service VolSnap C:\WINDOWS\System32\Drivers\VolSnap.sys **LOCKED** 32
20:25:48.359 Modules scanning
20:25:49.328 Module: C:\WINDOWS\System32\Drivers\VolSnap.sys **SUSPICIOUS**
20:25:56.906 Disk 0 trace - called modules:
20:25:56.937 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86efe1ed]<<
20:25:56.937 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fa1ab8]
20:25:56.937 3 CLASSPNP.SYS[f75d7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f6cd98]
20:25:56.953 \Driver\atapi[0x86f8e6c0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x86efe1ed
20:25:56.953 Scan finished successfully
20:26:11.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\angela\Desktop\MBR.dat"
20:26:11.515 The log file has been saved successfully to "C:\Documents and Settings\angela\Desktop\aswMBR.txt"



angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

shopica

Post by angelaalicecrown on 10th August 2011, 12:37 am

OTL Extras logfile created on: 8/9/2011 8:05:07 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\angela\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 552.28 Mb Available Physical Memory | 54.04% Memory free
2.41 Gb Paging File | 2.05 Gb Available in Paging File | 85.39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.84 Gb Total Space | 35.93 Gb Free Space | 50.72% Space Free | Partition Type: NTFS
Drive D: | 527.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: GERVAIS | User Name: angela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{028814FB-D05F-495E-81D7-636A87321025}" = CreativeProjectsTemplates
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{11680998-6792-4DE9-8DE1-D6D041418B26}" = SkinsHP1
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3662AF19-6E4B-4F6D-A61C-F3CB6D67097D}" = QuickProjects
"{36C3A0DA-07E0-4173-A406-D9308C1CBDAB}" = ArcSoft VideoImpression 2
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3E8C2BA2-F4CA-4A1D-A690-6B9A411DAF8B}" = ArcSoft PhotoImpression 5
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{55937F00-A69B-4049-8D3A-1C7729742B6F}" = BUM
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{696C94BC-44BC-4B8E-ABAA-6FFC0F11A6D3}" = PhotoGallery
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7107A761-B2F7-4BB0-84DA-CD90B562A72D}" = Director
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{827ECAB7-3F8E-4A66-A663-67A8F678536C}" = CreativeProjects
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A10A14F5-DF18-4151-9EB0-B79ABBFE6863}" = WebReg
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B3A77A42-DCF7-4830-AE0E-8CEE34A76200}" = CueTour
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E5AE37EB-0847-4164-A070-BC0394658712}" = HP Photosmart Cameras 4.0
"{E613ECA8-7C74-4F7D-98B8-D8C1426A8A2F}" = SealedMedia Unsealer 5.2.25
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E889F95A-B9E3-4580-B3D7-43DBC9C9CD43}" = TrayApp
"{E9C42C2D-1984-41B4-A294-4F7DF8B48ABE}" = CameraDrivers
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF5506ED-4D15-41F1-8588-E097B18124F2}" = BufferChm
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922
"DellSupport" = Dell Support 5.0.0 (630)
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"IrfanView" = IrfanView (remove only)
"LimeWire" = LimeWire 4.8.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"SBC Yahoo! Applications" = SBC Yahoo! Applications
"SBC.MCCInstall" = SBC Self Support Tool
"TomTom HOME" = TomTom HOME 2.7.4.1962
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" = KODAK EASYSHARE Gallery Easy Upload, v2.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/24/2011 6:52:34 PM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00037453.

Error - 7/29/2011 9:25:08 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18812, fault address 0x00026037.

Error - 7/29/2011 12:48:47 PM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000049.

Error - 7/30/2011 7:55:27 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18812, fault address 0x0009b1a9.

Error - 7/30/2011 9:49:31 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00028c0b.

Error - 7/30/2011 11:44:22 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00028c0b.

Error - 7/31/2011 10:44:05 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10n.ocx, version 10.2.152.32, fault address 0x00066b80.

Error - 7/31/2011 8:30:25 PM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18812, fault address 0x000678a8.

Error - 8/6/2011 7:25:08 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.

Error - 8/6/2011 7:39:04 AM | Computer Name = GERVAIS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18812, fault address 0x00049ead.

[ System Events ]
Error - 8/6/2011 7:28:28 AM | Computer Name = GERVAIS | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 8/9/2011 7:09:12 PM | Computer Name = GERVAIS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 0013202F9A31.

Error - 8/9/2011 7:09:20 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/9/2011 7:09:20 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 8/9/2011 7:09:35 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/9/2011 7:09:35 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 8/9/2011 7:09:51 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/9/2011 7:09:51 PM | Computer Name = GERVAIS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 8/9/2011 7:26:42 PM | Computer Name = GERVAIS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 8/9/2011 7:48:18 PM | Computer Name = GERVAIS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd


< End of report >

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by Belahzur on 10th August 2011, 4:05 pm

Hi,


Download Combofix from any of the links below, and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.


Refer to this image:

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [You must be registered and logged in to see this link.] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click PCHelpForum.exe to run it.

    You will see the following image:


Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

re.shopica.....combofixlog

Post by angelaalicecrown on 11th August 2011, 12:52 am

somtimes I am redirected to starfeeds mixer too, also tons of security alerts popping up........I really appreciate your time!!!


ComboFix 11-08-10.03 - angela 08/10/2011 19:41:05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.625 [GMT -4:00]
Running from: c:\documents and settings\angela\Desktop\PCHelpForum.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\kwhoujPtBlUodn.exe
c:\program files\Common Files\Uninstall
c:\program files\MyWaySA
c:\program files\Shared
c:\program files\Shared\lib.sig
c:\windows\system32\bszip.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-07-10 to 2011-08-10 )))))))))))))))))))))))))))))))
.
.
2011-07-29 14:16 . 2011-07-29 14:19 -------- d-----w- c:\windows\C6359569E03E4CDC98E8CDD080C6EEB5.TMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 00:14 . 2011-06-17 00:14 73728 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\991A2.tmp
2011-06-17 00:14 . 2011-06-17 00:14 120832 ----a-w- c:\windows\system32\drivers\164A3.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-04-29 16:12 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-04-29 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-04-29 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhotoShow Deluxe Media Manager"="c:\progra~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe" [2005-05-19 176128]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-10 290816]
"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"sealmon"="c:\program files\SealedMedia\sealmon.exe" [2007-06-04 296080]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-12 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-04-29 395144]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-2-20 282624]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-13 16423]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [5/7/2010 8:36 AM 92008]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2009-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]
.
2009-08-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-14 23:54]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
Trusted Zone: musicmatch.com\online
TCP: DhcpNameServer = 192.168.1.254
DPF: Microsoft XML Parser for Java
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
HKCU-Run-YSearchProtection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
HKCU-Run-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
AddRemove-WinZip - c:\documents and settings\macho\Desktop\WinZip\WINZIP32.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-10 19:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-08-10 19:48:37
ComboFix-quarantined-files.txt 2011-08-10 23:48
.
Pre-Run: 38,409,056,256 bytes free
Post-Run: 38,427,856,896 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - B005A159BCABEEDD7869105BDF8FA9F7

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by Belahzur on 13th August 2011, 12:29 am

Hello.
Before continuing, please uninstall this list of programs.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Adobe Reader 8.1.3
    Java(TM) 6 Update 7
    Java(TM) 6 Update 13
    J2SE Runtime Environment 5.0 Update 12
    Java 2 Runtime Environment, SE v1.4.2_03
    LimeWire 4.8.1
    Viewpoint Media Player

Let me know once you have done that.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

shopica

Post by angelaalicecrown on 13th August 2011, 6:12 pm

All suggested files have been removed....thanks again for your help!!!! Smile

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by Belahzur on 13th August 2011, 10:41 pm

Hello.


  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:
    Code:

    KILLALL::

    File::
    c:\windows\system32\drivers\164A3.sys

    Folder::
    c:\program files\Ask.com

    Registry::
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ApnUpdater"=-
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: shopica

Post by angelaalicecrown on 14th August 2011, 5:39 pm

Here it is.......

ComboFix 11-08-15.01 - angela 08/14/2011 13:06:53.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.605 [GMT -4:00]
Running from: c:\documents and settings\angela\Desktop\PCHelpForum.exe
Command switches used :: c:\documents and settings\angela\Desktop\CFScript.txt.txt
.
FILE ::
"c:\windows\system32\drivers\164A3.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_1c8.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\system32\drivers\164A3.sys
.
.
((((((((((((((((((((((((( Files Created from 2011-07-14 to 2011-08-14 )))))))))))))))))))))))))))))))
.
.
2011-08-10 23:36 . 2011-08-10 23:48 -------- d-----w- C:\PCHelpForum
2011-07-29 14:16 . 2011-07-29 14:19 -------- d-----w- c:\windows\C6359569E03E4CDC98E8CDD080C6EEB5.TMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 00:14 . 2011-06-17 00:14 73728 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\991A2.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhotoShow Deluxe Media Manager"="c:\progra~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe" [2005-05-19 176128]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-10 290816]
"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"sealmon"="c:\program files\SealedMedia\sealmon.exe" [2007-06-04 296080]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-12 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-2-20 282624]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-13 16423]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [5/7/2010 8:36 AM 92008]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2009-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]
.
2009-08-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-14 23:54]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
Trusted Zone: musicmatch.com\online
TCP: DhcpNameServer = 192.168.1.254
DPF: Microsoft XML Parser for Java
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-14 13:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3176)
c:\windows\system32\WININET.dll
c:\docume~1\angela\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\Dell Photo AIO Printer 922\dlbtbmon.exe
.
**************************************************************************
.
Completion time: 2011-08-14 13:27:43 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-14 17:27
ComboFix2.txt 2011-08-10 23:48
.
Pre-Run: 38,275,194,880 bytes free
Post-Run: 38,350,217,216 bytes free
.
- - End Of File - - 71787A84018DB376D7DFD31363D2907E

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by Belahzur on 15th August 2011, 6:26 pm

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Re: shopica

Post by angelaalicecrown on 16th August 2011, 2:48 pm

i ran the above suggested scan...but I cannot find a log anywhere?? it did not display one and i cannot find it saved in my c drive??????

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by angelaalicecrown on 18th August 2011, 10:17 pm

hello.......I am wondering what to do next????? No log appears i have run it several times.....

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

shopica ...belahzur

Post by angelaalicecrown on 21st August 2011, 2:40 pm

Have you given up on me? I really need help as to what to do next please:)

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

shopica scan log part 1

Post by angelaalicecrown on 22nd August 2011, 12:37 am

Scan Log
Version of virus signature database: 6398 (20110821)
Date: 8/21/2011 Time: 11:10:23 AM
Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\idatx.cab » CAB » internalList.zip » ZIP » internalList.dat - error - password-protected file
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\idatx.cab » CAB » internalList.zip » ZIP » info.enc - error - password-protected file
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\idatx.cab » CAB » internalList.zip » ZIP » v=258;l=languageIndependent;t=3 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\lng_usx.cab » CAB » avgsbfree_us.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\SrchSrfx.cab » CAB » lschrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup\Toolbarx.cab » CAB » AVGToolbarInstall.exe » INNO » file0025.bin » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10idatx1153bs.bin » CAB » data » CAB » internalList.zip » ZIP » internalList.dat - error - password-protected file
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10idatx1153bs.bin » CAB » data » CAB » internalList.zip » ZIP » info.enc - error - password-protected file
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10idatx1153bs.bin » CAB » data » CAB » internalList.zip » ZIP » v=258;l=languageIndependent;t=3 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10lng_usx1153xg.bin » CAB » data » BZ2 » data.bin » CAB » avgsbfree_us.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10srchsrfx1153gj.bin » CAB » data » BZ2 » data.bin » CAB » lschrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\MFAData\pack\bins\f10toolbarx1153fr.bin » CAB » data » BZ2 » data.bin » CAB » AVGToolbarInstall.exe » INNO » file0025.bin » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCA.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCA.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudPersonalAntivirus.zip » ZIP » Uninstall.lnk - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudPersonalAntivirus.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudPersonalAntivirus1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechPowerScan.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechPowerScan.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB2.zip » ZIP » ysbactivex.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ISearchTechYSB2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinKillAVKQ.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinKillAVKQ.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinKillAVKQ1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinKillAVKQ1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinSmallih.zip » ZIP » PROGRAM.exe - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinSmallih.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/history - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherStartup.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/Links - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/radar-big.jpg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/radar-small - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/satellite-big.jpg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/satellite-small - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/WeatherPreferences - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/Weather_XML/Default - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/Weather_XML/Genera1 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/Weather_XML/General - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/Weather_XML/Display - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/Weather_XML/Loading - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » Documents and Settings/macho/Application Data/Seekmo/Weather/WeatherDPA/Weather_XML/screen2 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango2.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango3.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango3.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango4.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango4.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango5.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango5.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango6.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango6.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoWeatherDPA.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoWeatherDPA.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\angela\Cookies\angela@carnival[3].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@dmiemail.gurneys[2].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@idx.realtyview[2].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@lyrics.messaging-unlimited[2].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@madisonwi.idx.pru-midwest[1].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@newsletters.active[2].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@rutlandvt.idx.prudentialgreenmountain[1].txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Cookies\angela@[You must be registered and logged in to see this link.] » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\angela\Local Settings\Application Data\Identities\{DFF16927-88E6-4EAA-A097-460B7E65289B}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\angela\My Documents\My PSP8 Files\Scripts-Restricted\BoundScript9.PspScript » MIME - is OK (internal scanning not performed)
C:\i386\COMPDATA\MSMQCOMP.TXT » MIME - is OK (internal scanning not performed)
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\wtsetup.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{24C8EE9E-CACE-4C60-8B1F-E2317BC2B510}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{24F30DB9-CBD0-420A-B39D-3BB5655E5334}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{542A04D2-5975-4FE3-9B47-8A708648CEA9}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{6BA84DD0-959B-47F3-A69E-908FA76FB07A}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{7034285D-DFC3-42E5-B957-93A2622BC737}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{8FDE0001-5FA4-45E6-8BD8-61EDEFE3EFDC}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{932A7BED-387F-440F-9C95-F77FC6A4B843}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{A8E7834D-5B28-4D4A-8B33-AB30A9A2CB9E}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{B661BAD0-C7B4-40A0-AA2E-64612316D766}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{BEF6363C-7A4A-421D-903C-24D785FF7B7B}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\games\{E98B553D-C3DD-440C-AB4C-DA61E6AF72F4}.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\plugin\WildTangent\onplay.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\progfile\gcpostuninstall.exe » NSIS - unsupported option
C:\Program Files\Dell\Media Experience\Plugins\WildTangent\progfile\onplay.exe » NSIS - unsupported option
C:\Program Files\Google\Google Updater\swg-3.1.807.1746\SearchWithGoogleUpdate.exe - error opening [4]
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Default.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Round 05.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Round 10.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Round 25.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Round 50.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Square 01.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Square 05.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Square 10.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Square 25.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_+Square 50.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Bead string.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Calligraphy tablet pen.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Camel Hair.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Chalk large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Chalk medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Chalk small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Coarse hair twist.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Dry brush angle.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Fat bristle.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Fine hair.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Fuzz soft.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Line horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Line left.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Line Right.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Line vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Marker fade large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Marker fade medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Marker fade small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pastel chromatic.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil edge large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil edge medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil edge small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil hard.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil soft large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil soft medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Pencil soft small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Rake fading.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Rake hard.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Small bristles hard.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Smoke puff.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Smoke wisp large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Smoke wisp medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Smoke wisp small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Spiky twirl large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Spiky twirl medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Spiky twirl small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Sponge round large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Sponge round medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Sponge round small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Straight bristle.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Thumbprint smear.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Van Gogh large.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Van Gogh medium.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Brushes\BrushTip_Van Gogh small.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_AutoColorBalance_6900.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Blue Eye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Brown eye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Brushed metal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Chocolate swirl.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Christmas ornament.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Concrete ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Crumpled foil.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Distressed metal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Doorknob.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Earth.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Electric.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Factory Defaults.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Galvanized.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Ghostly.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Gold ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Gold filigree.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Gold nugget.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Golden sprinkles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Golf ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Green bubbles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Green eye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Grey eye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Hubcap.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Ink splatter.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Jitter bubbles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Molecules.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Orange.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Pattern texture bump.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Pearls.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Pink facets.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Red bumpy bubbles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Reflecting ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Reflecting copper.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Rusty ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Sepia.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Snowfall.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Soap bubbles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Space bubbles.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Swirling plastic.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Tracery.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Violet eye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Water drops.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BallsAndBubbles_Woven ball.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BrushStrokes_Impasto.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BrushStrokes_Large drybrush.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BrushStrokes_Small thin oil.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_BrushStrokes_Water color.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Custom 4.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Light .PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_ColoredFoil_Neon glow.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Contours_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Contours_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Contours_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Contours_Ink Outline.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Contours_White outline.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_10 x 15 cm horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_10 x 15 cm vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_13 x 18 cm horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_13 x 18 cm vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_20 x 30 cm horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_20 x 30 cm vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_3.5 x 5 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_3.5 x 5 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_4 x 6 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_4 x 6 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_5 x 7 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_5 x 7 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_8 x 10 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_8 x 10 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_9 x 13 cm horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_9 x 13 cm vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Business Card horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Business Card vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_CD Insert.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Japanese Postcard horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Japanese Postcard vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Panorama.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Postcard horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Postcard vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Crop_Square.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 4.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 5.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Enamel_Custom 6.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Feedback_feedback 5s.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_Custom 6.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_More Cracks.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_FineLeather_Small Cracks.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Angled.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Bead.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Frame.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Groove.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Metallic.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Pillow.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Round.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_InnerBevel_Soft edge.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_LayerProperties_layer properties lighten.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_LayerProperties_rttyd.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_LayerProperties_test layer properties.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_LayerProperties_test6.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_1 Up.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_4 Corner Lights.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_5 Down.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_5 Up.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Blue Fill.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Flash.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Flood.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Lamp.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Red Fill.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_RGB Light.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Blue.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(bottom).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(left).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(lower left).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(lower right).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(right).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(top).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(upper left).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Soft Light(upper right).PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Spotlights.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Star.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Sunset.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_Lights_Yellow Fill.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Aluminum.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Backlit transparency.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Black wire.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Blue filter.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Brown bottle.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Bullseye.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Collander.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Copper.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Electric neon.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Factory Defaults.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Ghostly.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Green bottle.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Ground edges.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Inner tube.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Multiply.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Night vision.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Opalescent.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Peephole.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Pink inset.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Purple enamel.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Rear view mirror.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Red anodized aluminum.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Red gold.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Rings.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Rose blur.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Spotlight.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Stainless.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Underwater.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Watercolor lens.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Wavy glass.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_MagnifyingLens_Yellow gold.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_1024 x 768.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_120 x 240 vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_1200 x 800.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_125 x 125 Square Button.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_234 x 60 Half Banner.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_3.5 x 5 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_3.5 x 5 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_4 x 6 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_4 x 6 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_468 x 60 Full Banner.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_5 x 7 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_5 x 7 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_640 x 480.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_72 x 392 Full Vertical Navbar.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_8 x 10 in horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_8 x 10 in vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_800 x 600.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_88 x 31 Micro Button.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Business Card horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Business Card vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_CD Insert.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Japanese Postcard horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Japanese Postcard vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Panorama.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Postcard horizontal.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Postcard vertical.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_NewFile_Square.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Angled.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Bead.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Frame.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Groove.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Metallic.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Pillow.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Round.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_OuterBevel_Soft edge.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_PolishedStone_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_PolishedStone_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_PolishedStone_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_PolishedStone_Custom 4.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_RoughLeather_Custom 1.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_RoughLeather_Custom 2.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_RoughLeather_Custom 3.PspScript » MIME - is OK (internal scanning not performed)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Presets\Preset_RoughLeather_Custom

angelaalicecrown
Novice
Novice

Posts Posts : 10
Joined Joined : 2011-08-09
OS OS : ??
Points Points : 19611
# Likes # Likes : 0

View user profile

Back to top Go down

Re: shopica

Post by Dr Jay on 23rd August 2011, 11:30 am

Not sure where Belahzur is, but please update me on how your computer is running...


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13757
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302262
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum