virtumonde got me too

[Shaba]

Hi

Ok, let it be for now and just continue

 

[didymustoo]

Leaving for work now. Will continue when I return.

 

[didymustoo]

I decided to cancel work. My computer and I both have a virus.

Here is the Combofix log:
It is very long and will take 4 posts!

ComboFix 08-02-19.2 - fjw 2008-02-20 9:17:13.4 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.658 [GMT -6:00]
Running from: C:\Documents and Settings\fjw\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\fjw\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe.tmp
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\FolderShare
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\FolderShare\FolderShare .exe
C:\Program Files\QuickTime
C:\Program Files\QuickTime\PictureViewer.exe
C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\no.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\no.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\PictureViewer.dll
C:\Program Files\QuickTime\PictureViewer.Resources\PictureViewer.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\Plugins\nsIQTScriptablePlugin.xpt
C:\Program Files\QuickTime\PropertyPanels\annoanno.pdef
C:\Program Files\QuickTime\PropertyPanels\moovaudi.pdef
C:\Program Files\QuickTime\PropertyPanels\moovpres.pdef
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.qpa
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\da.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\de.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\en.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\es.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\it.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\no.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\PanelHelperBase.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropertyPanels.plist
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.qpa
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\no.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\PropPanelHelpers.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\rsrcrsrc.pdef
C:\Program Files\QuickTime\PropertyPanels\trakaudi.pdef
C:\Program Files\QuickTime\PropertyPanels\trakhint.pdef
C:\Program Files\QuickTime\PropertyPanels\trakothr.pdef
C:\Program Files\QuickTime\PropertyPanels\trakstrm.pdef
C:\Program Files\QuickTime\PropertyPanels\trakvisl.pdef
C:\Program Files\QuickTime\QTOControl.dll
C:\Program Files\QuickTime\QTOLibrary.dll
C:\Program Files\QuickTime\QTPlugin.ocx
C:\Program Files\QuickTime\QTSystem\CFCharacterSetBitmaps.bitmap
C:\Program Files\QuickTime\QTSystem\CFUniCharPropertyDatabase.data
C:\Program Files\QuickTime\QTSystem\CFUnicodeData-B.mapping
C:\Program Files\QuickTime\QTSystem\CFUnicodeData-L.mapping
C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\CoreVideo.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\no.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\Indeo4.qtx
C:\Program Files\QuickTime\QTSystem\Ir41_qc.dll
C:\Program Files\QuickTime\QTSystem\Ir41_qcx.dll
C:\Program Files\QuickTime\QTSystem\QTMLClient.dll
C:\Program Files\QuickTime\QTSystem\QTPluginInstaller.exe
C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
C:\Program Files\QuickTime\QTSystem\QuickTime.qts
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\no.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\no.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\es.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fr.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\it.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ja.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nl.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\no.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\no.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\QuickTime3GPPAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\QuickTime3GPPAuthoringLocalized.qtr

 

[Shaba]

Hi

Please post also the rest of combofix report and a fresh HijackThis log

 

[didymustoo]

C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\no.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\no.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\QuickTimeAudioSupport.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\no.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\no.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\QuickTimeAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\da.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\de.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\en.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\es.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fi.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fr.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\it.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ja.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ko.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nl.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\no.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\QuickTimeCapture.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\sv.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\da.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\de.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\en.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\es.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fi.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fr.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\it.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ja.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ko.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nl.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\no.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\QuickTimeEffects.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\sv.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\da.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\de.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\en.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\es.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\it.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\no.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\QuickTimeEssentials.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx

 

[didymustoo]

C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\no.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\no.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\no.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\no.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\no.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\no.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\no.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusicalInstruments.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\no.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\no.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\no.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx

 

[didymustoo]

C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\no.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\no.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\no.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\no.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\no.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\no.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\QTUIPanelControl.dll
C:\Program Files\QuickTime\QuickTime Read Me.htm
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Program Files\QuickTime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
C:\Program Files\QuickTime\Sample.mov
C:\Program Files\QuickTime\Sample.qtif
C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe.tmp

 

[didymustoo]

.
((((((((((((((((((((((((( Files Created from 2008-01-20 to 2008-02-20 )))))))))))))))))))))))))))))))
.

2008-02-18 07:19 . 2008-02-18 07:19 <DIR> d--hs---- C:\FOUND.000
2008-02-16 21:09 . 2008-02-16 21:09 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-16 14:48 . 2008-02-16 14:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-16 14:47 . 2008-02-16 14:47 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-02-15 09:04 . 2008-02-18 13:10 6,014 --a------ C:\WINDOWS\BMd711e700.xml
2008-02-15 09:04 . 2008-02-19 07:11 22 --a------ C:\WINDOWS\pskt.ini
2008-02-15 08:33 . 2008-02-15 08:33 <DIR> d-------- C:\mGame
2008-02-07 18:15 . 2008-02-07 18:15 67 --a------ C:\WINDOWS\101_ASB.INI
2008-02-07 18:14 . 2008-02-07 18:14 <DIR> d-------- C:\DISNEY
2008-02-02 21:39 . 2008-02-02 21:39 <DIR> d-------- C:\Documents and Settings\fjw\DoctorWeb
2008-01-31 22:34 . 2008-01-31 22:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-25 16:27 . 2008-01-25 16:27 110 --a------ C:\WINDOWS\HandySnap.INI
2008-01-22 22:01 . 2008-01-22 22:01 <DIR> d-------- C:\OutputFolder
2008-01-22 21:59 . 2008-01-22 21:59 <DIR> d-------- C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-16 14:39 186,000 ----a-w C:\Documents and Settings\fjw\Application Data\GDIPFONTCACHEV1.DAT
2008-01-14 13:49 155,648 ----a-w C:\WINDOWS\SYSTEM32\NeroCheck.exe
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\SYSTEM32\dllcache\pngfilt.dll
2007-12-26 05:07 8,413 ----a-w C:\WINDOWS\system32\drivers\mcstrm.sys
2007-12-26 05:07 --------- d-----w C:\Program Files\Common Files\Real
2007-12-26 05:03 --------- d-----w C:\Program Files\Best Buy Rhapsody
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\SYSTEM32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mrxdav.sys
2007-12-14 17:32 12,632 ----a-w C:\WINDOWS\SYSTEM32\lsdelete.exe
2007-12-08 05:21 3,592,192 ------w C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll
2007-12-06 11:01 625,664 ------w C:\WINDOWS\SYSTEM32\dllcache\iexplore.exe
2007-12-06 11:00 70,656 ------w C:\WINDOWS\SYSTEM32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\SYSTEM32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\SYSTEM32\dllcache\ieakui.dll
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\SYSTEM32\dllcache\oleaut32.dll
2007-12-04 18:38 550,912 ------w C:\WINDOWS\SYSTEM32\oleaut32.dll
2006-12-23 16:04 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-01-11 02:13 159,312 ----a-w C:\Documents and Settings\Jeremy\Application Data\GDIPFONTCACHEV1.DAT
2005-11-05 03:58 33,750 ----a-w C:\WINDOWS\Internet Logs\GLB98_2nd_2005_11_04_21_58_33.dmp.zip
2005-11-05 03:58 33,668 ------w C:\WINDOWS\Internet Logs\GLB8F_2nd_2005_11_04_21_57_55.dmp.zip
2005-10-05 00:50 89,304 ------w C:\WINDOWS\Internet Logs\vsmon_2nd_2005_10_04_18_41_53_small.dmp.zip
2005-10-05 00:50 79,592 ------w C:\WINDOWS\Internet Logs\vsmon_2nd_2005_10_04_18_41_35_small.dmp.zip
2005-10-05 00:50 79,542 ------w C:\WINDOWS\Internet Logs\vsmon_2nd_2005_10_04_18_42_35_small.dmp.zip
2005-10-05 00:40 12,377,066 ------w C:\WINDOWS\Internet Logs\ZLCLIENT_2nd_2005_10_04_17_59_25_full.dmp.zip
2005-04-04 22:23 0 ---h--w C:\Program Files\AppUpdate.log
2004-09-21 20:07 86,016 ----a-w C:\Program Files\SPInstall.exe
2004-09-21 16:54 975 ----a-w C:\Program Files\ReadMe.txt
2004-09-21 16:05 1,841 ----a-w C:\Program Files\PackingList.txt
2004-09-21 15:36 908 ----a-w C:\Program Files\Setup.ini
2004-09-21 15:36 19,443,744 ----a-w C:\Program Files\Data1.cab
2004-09-21 15:36 1,591,952 ----a-w C:\Program Files\SundayPlus.msi
2004-09-21 15:35 225,280 ----a-w C:\Program Files\SPSetupHelper.exe
2004-09-15 02:35 49,152 ----a-w C:\Program Files\EnglishUI.dll
2004-04-23 00:02 560 ----a-w C:\Program Files\Global.sw
2004-01-10 02:34 266 --sh--w C:\Program Files\desktop.ini
2003-02-25 15:04 4,632 ----a-w C:\Program Files\0x0409.ini
2006-03-27 03:50 3,766 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
2006-03-27 03:50 88 --sh--r C:\WINDOWS\SYSTEM32\D4B12B0226.sys
.

<pre>
----a-w         1,743,360 2008-01-14 22:45:08  C:\RECYCLED\Dc6\StyleXP .exe
----a-w         1,372,160 2008-01-17 13:35:48  C:\RECYCLED\Dc6\StyleXP  .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]
@={7D688A77-C613-11D0-999B-00C04FD655E1}

[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]
2007-10-25 21:34 8460288 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:07 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 16:22 7618560]
"nwiz"="nwiz.exe" [2006-06-01 16:22 1519616 C:\WINDOWS\SYSTEM32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 16:22 86016]
"Tweak UI"="TWEAKUI.CPL" [2000-06-18 14:03 106544 C:\WINDOWS\SYSTEM32\TWEAKUI.CPL]
"ATIPTA"="atiptaxx.exe" [2001-09-27 01:39 245760 C:\WINDOWS\SYSTEM32\atiptaxx.exe]

C:\Documents and Settings\fjw\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2007-01-08 21:22:17 2746104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 00000000
"NoFavoritesMenu"= 01000000
"NoLogoff"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 00000000
"NoFavoritesMenu"= 01000000
"NoActiveDesktopChanges"= 0 (0x0)
"NoLogoff"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonuiX.exe"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel MEDIA FOLDERS INDEXER 8.LNK]
backup=C:\WINDOWS\pss\Corel MEDIA FOLDERS INDEXER 8.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Encoder Agent.lnk]
backup=C:\WINDOWS\pss\Encoder Agent.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Cody^Start Menu^Programs^Startup^LimeWire On Startup.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2001-09-27 01:39 245760 C:\WINDOWS\SYSTEM32\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AuthConsoleStart]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopIconToy]
--a------ 2006-10-26 21:03 278528 C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESP]
--a------ 2006-07-30 12:09 63008 C:\Program Files\Cox\Applications\app\start.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FolderShare]
C:\Program Files\FolderShare\FolderShare .exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2004-09-13 15:49 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2003-03-26 05:34 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-06-10 10:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-06-10 10:44 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogonStudio]
C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobipocket Reader Notifications]
--a------ 2006-06-20 16:54 57344 C:\Program Files\Mobipocket.com\Mobipocket Reader\readernotify.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-02-13 18:24 2226688 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2008-01-14 07:49 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask .exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2008-02-16 14:49 2441216 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StarSkin]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP .exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TheMonitor]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-05-14 17:22 35328 C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UPS"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
"LogitechSoftwareUpdate"="C:\PROGRAM FILES\LOGITECH\VIDEO\MANIFESTENGINE.EXE" boot

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"Tweak UI"=RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
"SiS Tray"=C:\WINDOWS\SYSTEM32\sistray.exe
"StillImageMonitor"=C:\WINDOWS\SYSTEM32\stimon.exe

R2 ppsio2;PPDevice;C:\WINDOWS\system32\drivers\ppsio2.sys [1999-04-01 19:16]
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2001-09-27 00:32]
S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;C:\WINDOWS\system32\DRIVERS\bcm42xx5.sys [2001-08-17 12:11]
S3 dump_wmimmc;dump_wmimmc;C:\Program Files\Gpotato\Flyff\GameGuard\dump_wmimmc.sys []
S3 PhilCam8116;Logitech QuickCam Pro 3000 (08B0);C:\WINDOWS\system32\DRIVERS\CamDrO21.sys [2001-08-17 14:05]
S3 XDva090;XDva090;C:\WINDOWS\system32\XDva090.sys []


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\MmoptPreferredAudioDevices]
rundll32.exe shell32.dll,Control_RunDLL mmsys.cpl,@0,SUSB\VID_046D&PID_08B0&MI_01\1USB&VID_046D&PID_08B0&INST_0

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 09:19:47
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-20 9:20:14
ComboFix-quarantined-files.txt 2008-02-20 15:20:14
ComboFix4.txt 2008-02-19 14:55:02
ComboFix3.txt 2008-02-19 18:44:16
ComboFix2.txt 2008-02-19 19:16:22
.
2008-02-15 05:58:29 --- E O F ---

 

[didymustoo]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:01:25 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\didymustoo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\FJW\Application Data\Mozilla\Profiles\default\brw22mi9.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll (file missing)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} (AuthWebWizardMain.DHTMLPage1) - http://www3.authentium.com/cssrelease/bin/WizMain.exe
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - c:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5688 bytes

 

[Shaba]

Hi

1. Please download and install CCleaner Slim.
2. Once installed, double click on the desktop shortcut created.
3. On the leftmost column, click on Tools.
4. On the middle column, click on Uninstall.
5. At the bottom right hand corner, click on the Save to text file... button.
6. By default, it saves this file to C:\Program Files\CCleaner named install.txt. You may want to save it to your desktop to find it easily. Click Save.
7. Close CCleaner.

 

[didymustoo]

You didn't say but I'm guessing you want a copy of install.txt posted.

101 Dalmatians StoryBook
3D Morris 2.02
ABC Coloring Book
ACDSee Classic
Ad-Aware 2007
Add-Remove Manager
Adobe Flash Player 9 ActiveX
Adobe MPEG Encoder
Adobe Photoshop Elements 2.0
ATI Display Driver
Audacity 1.2.4
Authentium
AVG Anti-Spyware 7.5
Browser Mouse
BufferChm
Business Cards & Certificates
CameraDrivers
CCleaner (remove only)
Church Helpmate 2006
Cleanse Uninstaller 2.57
ClearType Tuning Control Panel Applet
Coloring Book - SHAREWARE
Creative Painter
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Direct WAV MP3 Splitter 2.4
Director
DivX Codec
DivX Converter
dMap
East-Tec Eraser 2007 Version 8.5
Elprime Media Recovery 1.0
ESP
EVEREST Home Edition v2.20
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.9.1108
Font-Effects 2
FreeRIP v2.951
G-Force
Google Earth
Google Video Player
HijackThis 2.0.2
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB914440)
hp deskjet 5100
HP Image Zone 4.5
HP Photosmart Cameras 4.5
HP Product Assistant
HPSystemDiagnostics
Hyplay
IcePattern 1.22 for Adobe Photoshop
iCorrect Entrée 4.0
InstantShare
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_01
Java 2 Runtime Environment, SE v1.4.2_04
JPGVideo 1.05.0.0
Kaspersky Online Scanner
Kids Colouring Book 2006
K-Lite Codec Pack 2.85 Full
Liquid Story Binder XE 1.71
Logitech ImageStudio
Macromedia Shockwave Player
Melody Assistant
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Access 2002 Runtime
Microsoft Bootvis
Microsoft IntelliPoint 4.1
Microsoft Office 2000 Disc 2
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
Microsoft Office XP Web Components
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
Mobipocket Reader 5.2
Monkey's Audio
Mozilla Firefox (2.0.0.12)
MSN Messenger 6.2
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Nero 6 Ultra Edition
neroxml
NVIDIA Drivers
ObjectDock
Opera 9.24
PanoStandAlone
PhotoGallery
Pocket e-Sword (2003)
QFolder
Real Alternative 1.50
Registry Commander v1.04
RIP v1.1.0
RoAClient
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
SkinsHP1
SmartFTP Client
SmartSound Quicktracks Plugin
Sonic RecordNow DX
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Spyware Terminator
StopTime
SundayPlus
SundayPlus Media
SWiSHmax
System Requirements Lab
TextAloud
The Battle for Middle-earth (tm)
TrayApp
Tux Paint 0.9.16
Tux Paint Stamps 2006-10-21
Unload
Unreal Tournament G.O.T.Y. Edition
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VideoLAN VLC media player 0.8.6a
Visioneer 3300 Scanner Driver
WebFldrs XP
WebReg
Win2PDF 2.80
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 7
Windows Media Player Firefox Plugin
WINTREB
WIRELESS NETWORKER
WisePixel HandySnap 1.2
Xilisoft FLV Converter
Zoner Draw 3

 

[Shaba]

Hi

Oops, my bad

Uninstall these via Ccleaner (Tools - Uninstall):

Authentium
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_01
Java 2 Runtime Environment, SE v1.4.2_04

After that, install one antivirus from below:

Looking over your log, it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:

1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.
2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.
3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Post back a fresh HijackThis log.

 

[didymustoo]

I uninstalled the programs you indicated. It asked if I wanted the computer restarted and I said No to each instance.

I then downloaded Antivir and ran it. I chose to let it update but the update failed and I closed the program without running it.

I have just run HJT. Here is the log. Note: I have not restarted the computer yet.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:49 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\didymustoo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\FJW\Application Data\Mozilla\Profiles\default\brw22mi9.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll (file missing)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} (AuthWebWizardMain.DHTMLPage1) - http://www3.authentium.com/cssrelease/bin/WizMain.exe
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - c:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6663 bytes

 

[Shaba]

Hi

Please reboot computer and post back after that a fresh HijackThis log

 

[didymustoo]

Rebooted and here is the fresh HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:28 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\didymustoo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\FJW\Application Data\Mozilla\Profiles\default\brw22mi9.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll (file missing)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZJfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} (AuthWebWizardMain.DHTMLPage1) - http://www3.authentium.com/cssrelease/bin/WizMain.exe
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - c:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6596 bytes

 

[Shaba]

Hi

Ok Command antivirus removal wasn't complete

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll (file missing)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O8 - Extra context menu item: &Search - ?p=ZJfox000
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - c:\Program Files\Common Files\Command Software\dvpapi.exe

Close all windows including browser and press fix checked.

Reboot.

Delete if present:

c:\Program Files\Common Files\Command Software

Empty Recycle Bin.

Post back a fresh HijackThis log.

 

[didymustoo]

Command Software folder is present after reboot. When I attempt to delete it error message says, "Cannot delete dvpapi.exe: Access is denied. When I check folder all items are still present.:sad:

 

[didymustoo]

Latest HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:52 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\didymustoo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\FJW\Application Data\Mozilla\Profiles\default\brw22mi9.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} (AuthWebWizardMain.DHTMLPage1) - http://www3.authentium.com/cssrelease/bin/WizMain.exe
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - c:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6402 bytes

 

[didymustoo]

I ran Antivir. It found 6 viruses and quarantined them. I then tried to delete Command Software and failed. I then went to Windows Task Manager and shut down dvpapi.exe process. I was then able to delete Command Software. I then ran Hijackthis and here is the log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:49:54 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE
C:\WINDOWS\SYSTEM32\LVCOMSX.EXE
C:\Program Files\Trend Micro\HijackThis\didymustoo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\FJW\Application Data\Mozilla\Profiles\default\brw22mi9.slt\prefs.js)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} (AuthWebWizardMain.DHTMLPage1) - http://www3.authentium.com/cssrelease/bin/WizMain.exe
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authentium.com/cssrelease/bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4692/mcfscan.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Unknown owner - c:\Program Files\Common Files\Command Software\dvpapi.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6300 bytes

 

[Shaba]

Hi

Yes, services can be stubborn


Please click Start > Run and type in: services.msc
Click OK
In the Services window find: DvpApi (dvpapi)
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK

Now, go to Start > Run, and copy/paste the following into the Open box:
sc delete dvpapi
Click: OK

Reboot.

Post back a fresh HijackThis log.