pos.tmp files on c drive and my doc

Computing.Net > Forums > Security and Virus > pos.tmp files on c drive and my doc

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

pos.tmp files on c drive and my doc

Name: iceburg23
Date: January 27, 2008 at 17:58:11 Pacific
OS: windows xp sp2
CPU/Ram: intel(r) t2080/448 mb
Product: toshiba satellite

Comment:

i'm having the same problem as a lot of the people with the red x on the my computer and the posXXX.tmp files filling up my c drive and my doc folder where XXX is random numbers and letters need help please

Sponsored Link

Ads by Google

Response Number 1

Name: jabuck
Date: January 28, 2008 at 14:28:33 Pacific

Reply:

Go to the this link:
Disable Realtime Protection
Follow their directions to disable any realtime protection that you have as it will interfere with the fix by reinstalling the corrupt files.
Please download Atribune's VundoFix.exe from the following site to your desktop:
Vundofix.exe

Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files,
click "yes".
Once you click yes, your desktop will go blank as it starts removing
Vundo.
When completed, it will prompt that it will reboot your computer,
click "ok".
Run Vundofix again.
Please download and install the latest version of HijackThis v2.0.2:

Download the "HijackThis" Installer from this link:
Hijack This

1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
Please download ComboFix to the desktop from one of the following links:
Link1
Link 2
Link 3

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)
Please post the log it produces.

Response Number 2

Name: iceburg23
Date: January 28, 2008 at 20:35:07 Pacific

Reply:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:13 PM, on 1/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\RTHDCPL.exe
C:\Program Files\Internet Download Manager\IDMan .exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM\aim .exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\HiJackThis_2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F3 - REG:win.ini: load=C:\WINDOWS\system32\ddcca.exe
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {2803275e-2319-48ce-8dd8-8c8bb683e071} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {B7911934-3BA1-4AB3-AD73-EA426C804D85} - C:\WINDOWS\system32\ddcca.dll (file missing)
O2 - BHO: (no name) - {E1759A31-E627-4758-9562-6899DF36C9C2} - C:\WINDOWS\system32\khffddb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan .exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim .exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: khffddb - khffddb.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
--
End of file - 6094 bytes

COMBOFIX LOG
ComboFix 08-01-29.3 - Alan 2008-01-28 22:31:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.149 [GMT -6:00]
Running from: C:\Documents and Settings\Alan\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\accdd.ini
C:\WINDOWS\system32\accdd.ini2
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete
C:\WINDOWS\system32\iyuemdei.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\spaxtmng.ini
C:\WINDOWS\system32\wnkqgkgn.ini
C:\WINDOWS\win32t4.dll
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_DOMAINSERVICE
-------\DomainService

((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-29 )))))))))))))))))))))))))))))))
.
2008-01-28 22:34 . 2008-01-28 22:34 932 --a------ C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-28 17:10 . 2008-01-28 17:10 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-01-28 17:10 . 2007-12-06 18:12 110,592 --a------ C:\WINDOWS\system32\SynTPCo4.dll
2008-01-27 23:36 . 2008-01-27 23:36 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-01-27 23:36 . 2007-11-20 19:09 104,320 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-01-27 23:35 . 2008-01-27 23:35 <DIR> d-------- C:\Program Files\ATI Technologies
2008-01-27 23:32 . 2005-05-03 18:43 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-01-27 20:08 . 2008-01-27 23:30 <DIR> d-------- C:\Program Files\Driver Magician
2008-01-27 20:08 . 2004-09-28 11:13 526,184 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-01-27 20:08 . 2005-01-12 11:19 456,536 --a------ C:\WINDOWS\system32\XCEEDZIP.DLL
2008-01-27 20:08 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 152,848 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 132,880 --a------ C:\WINDOWS\system32\Msinet.ocx
2008-01-27 20:08 . 2004-08-11 15:55 110,602 --a------ C:\WINDOWS\system32\xcdsfx32.bin
2008-01-27 19:10 . 2008-01-27 19:10 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-27 18:45 . 2008-01-28 22:20 <DIR> d-------- C:\VundoFix Backups
2008-01-27 16:30 . 2008-01-27 16:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-27 14:59 . 2008-01-27 14:59 <DIR> d-------- C:\Program Files\Yahoo!
2008-01-27 14:59 . 2008-01-27 15:01 <DIR> d-------- C:\Program Files\CCleaner
2008-01-27 12:50 . 2008-01-27 12:50 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-27 12:50 . 2008-01-28 16:53 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\AVG7
2008-01-27 12:50 . 2008-01-27 12:50 86,144 --a------ C:\WINDOWS\system32\drivers\isapnpp.sys
2008-01-27 12:49 . 2008-01-27 12:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-27 12:49 . 2008-01-27 14:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-27 02:35 . 2008-01-27 16:25 336 --a------ C:\WINDOWS\wininit.ini
2008-01-27 00:42 . 2008-01-27 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-26 17:32 . 2008-01-26 17:32 <DIR> d-------- C:\Program Files\zAlternator
2008-01-22 22:14 . 2008-01-27 20:05 67 --a------ C:\WINDOWS\IDMan .INI
2008-01-20 22:00 . 2008-01-27 12:41 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\srchasst
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\Program Files\microsoft frontpage
2008-01-18 01:33 . 2008-01-18 01:33 <DIR> d-------- C:\Documents and Settings\Alan\Incomplete
2008-01-18 01:26 . 2008-01-18 01:35 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\FrostWire
2008-01-18 01:25 . 2008-01-18 01:26 <DIR> d-------- C:\Program Files\FrostWire
2008-01-17 20:08 . 2008-01-17 20:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-17 20:03 . 2008-01-17 20:03 <DIR> d-------- C:\Program Files\MediaMonkey
2008-01-14 21:00 . 2008-01-26 12:05 <DIR> d-------- C:\Program Files\PartyGaming
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_01005.Wdf
2008-01-13 13:22 . 2008-01-27 14:31 <DIR> d-------- C:\Program Files\Zune
2008-01-10 23:45 . 2008-01-10 23:45 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\Apple Computer
2008-01-08 17:38 . 2007-11-07 03:50 727,040 --a------ C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-01-08 17:38 . 2007-10-30 11:20 360,064 --a------ C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-06 17:39 . 2008-01-06 17:39 <DIR> d-------- C:\Program Files\Veoh Networks
2007-12-30 23:39 . 2000-05-22 22:58 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-12-30 23:38 . 2007-12-30 23:45 <DIR> d-------- C:\Program Files\Total Video Converter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-28 22:53 --------- d-----w C:\Documents and Settings\Alan\Application Data\DMCache
2008-01-28 21:17 --------- d-----w C:\Documents and Settings\Alan\Application Data\uTorrent
2008-01-28 05:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 05:36 --------- d-----w C:\Program Files\Realtek
2008-01-28 05:27 --------- d-----w C:\Documents and Settings\Alan\Application Data\IDM
2008-01-27 20:52 --------- d-----w C:\Documents and Settings\Alan\Application Data\mIRC
2008-01-27 20:50 --------- d-----w C:\Program Files\AIM
2008-01-27 20:31 --------- d-----w C:\Program Files\QuickTime
2008-01-27 20:31 --------- d-----w C:\Program Files\Internet Download Manager
2008-01-27 20:31 --------- d-----w C:\Program Files\DAEMON Tools
2008-01-22 05:55 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-24 19:34 --------- d-----w C:\Documents and Settings\Alan\Application Data\Wootalyzer
2007-12-08 05:30 --------- d-----w C:\Program Files\Symbian OS Tools
2007-12-08 05:30 --------- d-----w C:\Program Files\Common Files\Symbian
2007-12-08 05:29 --------- d-----w C:\Documents and Settings\Alan\Application Data\InstallShield
2007-12-06 23:41 220,032 ----a-w C:\WINDOWS\system32\drivers\SynTP.sys
2007-08-22 04:23 16,384 -csha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007082120070822\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
[code]
----a-w            67,112 2008-01-27 18:41:19  C:\Program Files\AIM\aim .exe
----a-w           167,368 2008-01-27 18:41:16  C:\Program Files\DAEMON Tools\daemon .exe
----a-w           878,848 2008-01-27 18:41:17  C:\Program Files\Internet Download Manager\IDMan .exe
----a-w           132,496 2008-01-27 18:41:13  C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
----a-w           286,720 2008-01-27 18:41:13  C:\Program Files\QuickTime\QTTask    .exe
----a-w         1,460,560 2008-01-27 18:41:25  C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
----a-w           774,233 2008-01-27 18:41:14  C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
----a-w         3,481,600 2008-01-27 18:41:23  C:\Program Files\Veoh Networks\Veoh\VeohClient .exe
----a-w           166,304 2008-01-27 18:41:14  C:\Program Files\Zune\ZuneLauncher .exe
----a-w            15,360 2008-01-27 18:41:17  C:\WINDOWS\system32\ctfmon .exe
[/code]

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7911934-3BA1-4AB3-AD73-EA426C804D85}]
C:\WINDOWS\system32\ddcca.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [ ]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan .exe" [2008-01-27 12:41 878848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [2008-01-27 12:41 286720]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-27 12:49 579072]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 15:52 16841216 C:\WINDOWS\RTHDCPL.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 17:20 1024000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-27 12:49 219136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2007-10-10 17:47 124928 C:\WINDOWS\system32\advpack.dll]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khffddb]
khffddb.dll
R1 isapnpp;isapnpp;C:\WINDOWS\system32\drivers\isapnpp.sys [2008-01-27 12:50]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2007-11-15 21:38]
R2 ZuneBusEnum;Zune Bus Enumerator;c:\WINDOWS\system32\ZuneBusEnum.exe [2007-11-15 21:51]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2007-11-15 21:51]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6b21553-5067-11dc-a332-0016d4f9717c}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6b21554-5067-11dc-a332-0016d4f9717c}]
\Shell\AutoRun\command - G:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-27 14:07:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-28 22:35:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
r Running Proce
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\RTHDCPL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Internet Download Manager\IDMan .exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
.
**************************************************************************
.
Completion time: 2008-01-28 22:36:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-29 04:36:55
.
2008-01-14 21:30:44 --- E O F ---

Response Number 3

Name: jabuck
Date: January 29, 2008 at 18:08:14 Pacific

Reply:

Open Notepad and copy/paste everything between the X"s into it and make sure "RenV::" is at the very top of the page.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RenV::
----a-w 67,112 2008-01-27 18:41:19 C:\Program Files\AIM\aim .exe
----a-w 167,368 2008-01-27 18:41:16 C:\Program Files\DAEMON Tools\daemon .exe
----a-w 878,848 2008-01-27 18:41:17 C:\Program Files\Internet Download Manager\IDMan .exe
----a-w 132,496 2008-01-27 18:41:13 C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
----a-w 286,720 2008-01-27 18:41:13 C:\Program Files\QuickTime\QTTask .exe
----a-w 1,460,560 2008-01-27 18:41:25 C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
----a-w 774,233 2008-01-27 18:41:14 C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
----a-w 3,481,600 2008-01-27 18:41:23 C:\Program Files\Veoh Networks\Veoh\VeohClient .exe
----a-w 166,304 2008-01-27 18:41:14 C:\Program Files\Zune\ZuneLauncher .exe
----a-w 15,360 2008-01-27 18:41:17 C:\WINDOWS\system32\ctfmon .exe
File::
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\khffddb.dll
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\drivers\isapnpp.sys

Driver::
khffddb
isapnpp
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7911934-3BA1-4AB3-AD73-EA426C804D85}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khffddb]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red X on your desktop) if combofix does not auto start click "run".
Post a new Combofix log.

Response Number 4

Name: iceburg23
Date: January 31, 2008 at 21:47:21 Pacific

Reply:

ComboFix 08-01-29.3 - Alan 2008-01-31 23:46:35.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.98 [GMT -6:00]
Running from: C:\Documents and Settings\Alan\My Documents\ComboFix.exe
Command switches used :: C:\Documents and Settings\Alan\My Documents\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
FILE
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\isapnpp.sys
C:\WINDOWS\system32\khffddb.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\isapnpp.sys
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\isapnpp.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_ISAPNPP
-------\isapnpp

((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))
.
2008-01-28 17:10 . 2007-12-06 18:12 110,592 --a------ C:\WINDOWS\system32\SynTPCo4.dll
2008-01-27 23:36 . 2008-01-27 23:36 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-01-27 23:36 . 2007-11-20 19:09 104,320 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-01-27 23:35 . 2008-01-27 23:35 <DIR> d-------- C:\Program Files\ATI Technologies
2008-01-27 23:32 . 2005-05-03 18:43 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-01-27 20:08 . 2008-01-27 23:30 <DIR> d-------- C:\Program Files\Driver Magician
2008-01-27 20:08 . 2004-09-28 11:13 526,184 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-01-27 20:08 . 2005-01-12 11:19 456,536 --a------ C:\WINDOWS\system32\XCEEDZIP.DLL
2008-01-27 20:08 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 152,848 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 132,880 --a------ C:\WINDOWS\system32\Msinet.ocx
2008-01-27 20:08 . 2004-08-11 15:55 110,602 --a------ C:\WINDOWS\system32\xcdsfx32.bin
2008-01-27 19:10 . 2008-01-27 19:10 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-27 18:45 . 2008-01-28 22:20 <DIR> d-------- C:\VundoFix Backups
2008-01-27 16:30 . 2008-01-27 16:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-27 14:59 . 2008-01-27 14:59 <DIR> d-------- C:\Program Files\Yahoo!
2008-01-27 14:59 . 2008-01-27 15:01 <DIR> d-------- C:\Program Files\CCleaner
2008-01-27 12:50 . 2008-01-27 12:50 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-27 12:50 . 2008-01-31 19:56 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\AVG7
2008-01-27 12:49 . 2008-01-27 12:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-27 12:49 . 2008-01-27 14:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-27 02:35 . 2008-01-27 16:25 336 --a------ C:\WINDOWS\wininit.ini
2008-01-27 00:42 . 2008-01-27 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-26 17:32 . 2008-01-26 17:32 <DIR> d-------- C:\Program Files\zAlternator
2008-01-22 22:14 . 2008-01-27 20:05 67 --a------ C:\WINDOWS\IDMan .INI
2008-01-20 22:00 . 2008-01-27 12:41 15,360 --a------ C:\WINDOWS\system32\dllcache\ctfmon.exe
2008-01-20 22:00 . 2008-01-27 12:41 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\srchasst
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\Program Files\microsoft frontpage
2008-01-18 01:33 . 2008-01-18 01:33 <DIR> d-------- C:\Documents and Settings\Alan\Incomplete
2008-01-18 01:26 . 2008-01-18 01:35 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\FrostWire
2008-01-18 01:25 . 2008-01-18 01:26 <DIR> d-------- C:\Program Files\FrostWire
2008-01-17 20:08 . 2008-01-17 20:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-17 20:03 . 2008-01-17 20:03 <DIR> d-------- C:\Program Files\MediaMonkey
2008-01-14 21:00 . 2008-01-26 12:05 <DIR> d-------- C:\Program Files\PartyGaming
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_01005.Wdf
2008-01-13 13:22 . 2008-01-29 22:17 <DIR> d-------- C:\Program Files\Zune
2008-01-10 23:45 . 2008-01-10 23:45 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\Apple Computer
2008-01-08 17:38 . 2007-11-07 03:50 727,040 --a------ C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-01-08 17:38 . 2007-10-30 11:20 360,064 --a------ C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-06 17:39 . 2008-01-06 17:39 <DIR> d-------- C:\Program Files\Veoh Networks
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-01 01:56 --------- d-----w C:\Documents and Settings\Alan\Application Data\DMCache
2008-01-30 04:23 102,400 ----a-w C:\WINDOWS\DUMPbb8f.tmp
2008-01-30 04:17 --------- d-----w C:\Program Files\Internet Download Manager
2008-01-30 04:17 --------- d-----w C:\Program Files\DAEMON Tools
2008-01-30 04:17 --------- d-----w C:\Program Files\AIM
2008-01-28 21:17 --------- d-----w C:\Documents and Settings\Alan\Application Data\uTorrent
2008-01-28 05:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 05:36 --------- d-----w C:\Program Files\Realtek
2008-01-28 05:27 --------- d-----w C:\Documents and Settings\Alan\Application Data\IDM
2008-01-27 20:52 --------- d-----w C:\Documents and Settings\Alan\Application Data\mIRC
2008-01-27 20:31 --------- d-----w C:\Program Files\QuickTime
2008-01-22 05:55 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-31 05:45 --------- d-----w C:\Program Files\Total Video Converter
2007-12-24 19:34 --------- d-----w C:\Documents and Settings\Alan\Application Data\Wootalyzer
2007-12-08 05:30 --------- d-----w C:\Program Files\Symbian OS Tools
2007-12-08 05:30 --------- d-----w C:\Program Files\Common Files\Symbian
2007-12-08 05:29 --------- d-----w C:\Documents and Settings\Alan\Application Data\InstallShield
2007-12-06 23:41 220,032 ----a-w C:\WINDOWS\system32\drivers\SynTP.sys
2007-12-06 23:20 147,456 ----a-w C:\WINDOWS\system32\SynTPAPI.dll
2007-12-06 23:09 196,608 ----a-w C:\WINDOWS\system32\SynCtrl.dll
2007-12-06 23:08 163,840 ----a-w C:\WINDOWS\system32\SynCOM.dll
2007-11-16 03:51 80,288 ----a-w C:\WINDOWS\system32\ZuneIpTransport.dll
2007-11-16 03:51 72,608 ----a-w C:\WINDOWS\system32\ZuneUsbTransport.dll
2007-11-16 03:51 59,296 ----a-w C:\WINDOWS\system32\ZuneBusEnum.exe
2007-11-16 03:51 45,472 ----a-w C:\WINDOWS\system32\ZuneUsbConnection.dll
2007-11-16 03:51 245,664 ----a-w C:\WINDOWS\system32\ZuneWlanCfgSvc.exe
2007-11-16 03:51 155,552 ----a-w C:\WINDOWS\system32\ZuneMTPZ.dll
2007-11-07 09:50 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-08-22 04:23 16,384 -csha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007082120070822\index.dat
2007-08-22 04:23 32,768 -csha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
[code]
----a-w           286,720 2008-01-27 18:41:13  C:\Program Files\QuickTime\QTTask    .exe
[/code]

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2008-01-27 12:41 67112]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-01-27 12:41 878848]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-27 12:41 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [2008-01-27 12:41 286720]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-27 12:49 579072]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 15:52 16841216 C:\WINDOWS\RTHDCPL.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-27 12:41 774233]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-27 12:49 219136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2007-10-10 17:47 124928 C:\WINDOWS\system32\advpack.dll]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2007-11-15 21:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6b21553-5067-11dc-a332-0016d4f9717c}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
"2007-11-27 14:07:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 23:48:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-31 23:50:27
ComboFix-quarantined-files.txt 2008-02-01 05:50:02
ComboFix2.txt 2008-01-29 04:36:58
.
2008-01-14 21:30:44 --- E O F ---

Response Number 5

Name: ritzyritz928
Date: February 2, 2008 at 15:58:09 Pacific

Reply:

HELLO CAN YOU PLEASE HELP, I FOLLOWED ALL YOUR PREVIOUS INSTRUCTIONS FOLLOWING IS MY LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:40 PM, on 2/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.exe
C:\Documents and Settings\Yaritza Acosta\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://mail.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0D1ADCFE-30BF-421D-8AC3-3AD76FC3FC43} - C:\WINDOWS\system32\jkhfg.dll (file missing)
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\strCodec\isaddon.dll (file missing)
O2 - BHO: (no name) - {38FE6B7B-9A16-03E1-8E72-66557FDA2836} - C:\WINDOWS\System32\egojzby.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: {0174af00-67e4-167b-1604-b4328d6106a7} - {7a6016d8-234b-4061-b761-4e7600fa4710} - C:\WINDOWS\system32\aiwhuirh.dll (file missing)
O2 - BHO: (no name) - {EECEE9B4-5F41-4C8E-90DD-52A1F9BD281E} - C:\WINDOWS\system32\kbdru32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Mot8RTN4T] zipycl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_8 -reboot 1
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\strCodec\isamonitor.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Documents and Settings\Yaritza Acosta\Desktop\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppc...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocach...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/re...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/g...
O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/dlac...
O20 - Winlogon Notify: wvuspon - wvuspon.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Ndcwriecnpd - Network Associates, Inc. - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Soxsv_ve - Sony Corporation - (no file)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 8823 bytes
best

will compressing my c drive slow my computer? internet explorer location on c drive tmp files on ram drive windows xp	bitmap c++ enumerate dictionary c++ documents in foldr on c drive all users network why read only
See More

Response Number 6

Name: jabuck
Date: February 3, 2008 at 15:02:14 Pacific

Reply:

yaritza, please start your own thread (post) as posting in smoeone elses post clutters their post and makes it impossible to locate you to help you with your post.
And you are not suppose to post any logs without being requested to, so only state your problem when you start your own thread, no logs please.

Response Number 7

Name: jabuck
Date: February 3, 2008 at 15:17:28 Pacific

Reply:

Make sure realtime protection you have is disabled.
Open Notepad and copy/paste everything between the X"s into it and make sure "File::" is at the very top of the page.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
File::
C:\WINDOWS\DUMPbb8f.tmp
C:\Program Files\QuickTime\QTTask .exe

Folder::
C:\Program Files\QuickTime

Registry::

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red X on your desktop) if combofix does not auto start click "run".
Post a new Combofix log and a new Hijack This log please.

Response Number 8

Name: iceburg23
Date: February 4, 2008 at 21:06:17 Pacific

Reply:

ComboFix 08-01-29.3 - Alan 2008-02-04 23:04:09.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.144 [GMT -6:00]
Running from: C:\Documents and Settings\Alan\My Documents\ComboFix.exe
Command switches used :: C:\Documents and Settings\Alan\My Documents\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
FILE
C:\Program Files\QuickTime\QTTask .exe
C:\WINDOWS\DUMPbb8f.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\QuickTime
C:\Program Files\QuickTime\PictureViewer.exe
C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\nb.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\nb.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\PictureViewer.dll
C:\Program Files\QuickTime\PictureViewer.Resources\PictureViewer.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\ru.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\ru.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.dll
C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.qtr
C:\Program Files\QuickTime\Plugins\npqtplugin.dll
C:\Program Files\QuickTime\Plugins\npqtplugin2.dll
C:\Program Files\QuickTime\Plugins\npqtplugin3.dll
C:\Program Files\QuickTime\Plugins\npqtplugin4.dll
C:\Program Files\QuickTime\Plugins\npqtplugin5.dll
C:\Program Files\QuickTime\Plugins\npqtplugin6.dll
C:\Program Files\QuickTime\Plugins\npqtplugin7.dll
C:\Program Files\QuickTime\Plugins\nsIQTScriptablePlugin.xpt
C:\Program Files\QuickTime\Plugins\QuickTimePlugin.class
C:\Program Files\QuickTime\PropertyPanels\annoanno.pdef
C:\Program Files\QuickTime\PropertyPanels\moovaudi.pdef
C:\Program Files\QuickTime\PropertyPanels\moovpres.pdef
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.qpa
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\da.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\de.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\en.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\es.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\it.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nb.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\PanelHelperBase.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ru.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\PanelHelperBaseLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropertyPanels.plist
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.qpa
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nb.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\PropPanelHelpers.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ru.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\PropPanelHelpersLocalized.qtr
C:\Program Files\QuickTime\PropertyPanels\rsrcrsrc.pdef
C:\Program Files\QuickTime\PropertyPanels\trakaudi.pdef
C:\Program Files\QuickTime\PropertyPanels\trakhint.pdef
C:\Program Files\QuickTime\PropertyPanels\trakothr.pdef
C:\Program Files\QuickTime\PropertyPanels\trakstrm.pdef
C:\Program Files\QuickTime\PropertyPanels\trakvisl.pdef
C:\Program Files\QuickTime\QTInfo.exe
C:\Program Files\QuickTime\QTOControl.dll
C:\Program Files\QuickTime\QTOLibrary.dll
C:\Program Files\QuickTime\QTPlugin.ocx
C:\Program Files\QuickTime\QTSystem\CFCharacterSetBitmaps.bitmap
C:\Program Files\QuickTime\QTSystem\CFUniCharPropertyDatabase.data
C:\Program Files\QuickTime\QTSystem\CFUnicodeData-B.mapping
C:\Program Files\QuickTime\QTSystem\CFUnicodeData-L.mapping
C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\CoreVideo.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nb.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ru.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\CoreVideoLocalized.qtr
C:\Program Files\QuickTime\QTSystem\ExportController.exe
C:\Program Files\QuickTime\QTSystem\ExportControllerPS.dll
C:\Program Files\QuickTime\QTSystem\Indeo4.qtx
C:\Program Files\QuickTime\QTSystem\Ir41_qc.dll
C:\Program Files\QuickTime\QTSystem\Ir41_qcx.dll
C:\Program Files\QuickTime\QTSystem\QTJava.zip
C:\Program Files\QuickTime\QTSystem\QTJavaNative.dll
C:\Program Files\QuickTime\QTSystem\QTJNative.dll
C:\Program Files\QuickTime\QTSystem\QTMLClient.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
C:\Program Files\QuickTime\QTSystem\QuickTime.qts
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nb.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nb.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.icxs
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ru.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ru.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\es.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fr.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\it.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ja.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nb.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nl.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ru.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nb.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\QuickTime3GPPAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ru.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\QuickTime3GPPAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nb.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nb.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\QuickTimeAudioSupport.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ru.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ru.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nb.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nb.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\QuickTimeAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ru.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ru.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\da.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\de.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\en.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\es.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fi.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fr.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\it.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ja.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ko.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nb.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nl.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\QuickTimeCapture.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ru.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\sv.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\QuickTimeCaptureLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\da.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\de.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\en.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\es.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fi.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fr.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\it.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ja.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ko.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nb.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nl.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\QuickTimeEffects.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ru.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\sv.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\QuickTimeEffectsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\da.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\de.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\en.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\es.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\it.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nb.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\QuickTimeEssentials.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ru.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nb.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ru.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nb.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ru.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nb.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ru.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeJavaExtras.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nb.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ru.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nb.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ru.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nb.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ru.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nb.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ru.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeMusicalInstruments.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nb.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ru.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nb.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ru.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nb.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ru.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nb.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ru.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nb.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ru.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.qtx
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.dll
C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTUIPanelControl.dll
C:\Program Files\QuickTime\QuickTime Read Me.htm
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Program Files\QuickTime\QuickTimePlayer.Resources\da.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\de.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\en.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\es.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\fi.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\fr.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\it.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\ja.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\ko.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\nb.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\nl.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\ru.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\sv.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_CN.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_TW.lproj\QuickTimePlayerLocalized.qtr
C:\Program Files\QuickTime\Sample.mov
C:\Program Files\QuickTime\Sample.qtif
C:\WINDOWS\DUMPbb8f.tmp
.
((((((((((((((((((((((((( Files Created from 2008-01-05 to 2008-02-05 )))))))))))))))))))))))))))))))
.
2008-02-04 23:01 . 2008-02-04 23:01 360,064 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-02-04 22:55 . 2008-02-04 23:06 <DIR> d-------- C:\Program Files\PeerGuardian2
2008-01-28 17:10 . 2007-12-06 18:12 110,592 --a------ C:\WINDOWS\system32\SynTPCo4.dll
2008-01-27 23:36 . 2008-01-27 23:36 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-01-27 23:36 . 2007-11-20 19:09 104,320 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-01-27 23:35 . 2008-01-27 23:35 <DIR> d-------- C:\Program Files\ATI Technologies
2008-01-27 23:32 . 2005-05-03 18:43 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-01-27 20:08 . 2008-01-27 23:30 <DIR> d-------- C:\Program Files\Driver Magician
2008-01-27 20:08 . 2004-09-28 11:13 526,184 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-01-27 20:08 . 2005-01-12 11:19 456,536 --a------ C:\WINDOWS\system32\XCEEDZIP.DLL
2008-01-27 20:08 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 152,848 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2008-01-27 20:08 . 2004-03-09 00:00 132,880 --a------ C:\WINDOWS\system32\Msinet.ocx
2008-01-27 20:08 . 2004-08-11 15:55 110,602 --a------ C:\WINDOWS\system32\xcdsfx32.bin
2008-01-27 19:10 . 2008-01-27 19:10 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-27 18:45 . 2008-01-28 22:20 <DIR> d-------- C:\VundoFix Backups
2008-01-27 16:30 . 2008-01-27 16:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-27 14:59 . 2008-01-27 14:59 <DIR> d-------- C:\Program Files\Yahoo!
2008-01-27 14:59 . 2008-01-27 15:01 <DIR> d-------- C:\Program Files\CCleaner
2008-01-27 12:50 . 2008-01-27 12:50 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-27 12:50 . 2008-02-03 13:05 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\AVG7
2008-01-27 12:49 . 2008-01-27 12:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-27 12:49 . 2008-01-27 14:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-27 02:35 . 2008-01-27 16:25 336 --a------ C:\WINDOWS\wininit.ini
2008-01-27 00:42 . 2008-01-27 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-26 17:32 . 2008-01-26 17:32 <DIR> d-------- C:\Program Files\zAlternator
2008-01-22 22:14 . 2008-01-27 20:05 67 --a------ C:\WINDOWS\IDMan .INI
2008-01-20 22:00 . 2008-01-27 12:41 15,360 --a------ C:\WINDOWS\system32\dllcache\ctfmon.exe
2008-01-20 22:00 . 2008-01-27 12:41 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\WINDOWS\srchasst
2008-01-20 21:58 . 2008-01-20 21:58 <DIR> d-------- C:\Program Files\microsoft frontpage
2008-01-18 01:33 . 2008-01-18 01:33 <DIR> d-------- C:\Documents and Settings\Alan\Incomplete
2008-01-18 01:26 . 2008-01-18 01:35 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\FrostWire
2008-01-18 01:25 . 2008-01-18 01:26 <DIR> d-------- C:\Program Files\FrostWire
2008-01-17 20:08 . 2008-01-17 20:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-17 20:03 . 2008-01-17 20:03 <DIR> d-------- C:\Program Files\MediaMonkey
2008-01-14 21:00 . 2008-01-26 12:05 <DIR> d-------- C:\Program Files\PartyGaming
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-01-13 13:24 . 2008-01-13 13:24 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_01005.Wdf
2008-01-13 13:22 . 2008-01-29 22:17 <DIR> d-------- C:\Program Files\Zune
2008-01-10 23:45 . 2008-01-10 23:45 <DIR> d-------- C:\Documents and Settings\Alan\Application Data\Apple Computer
2008-01-08 17:38 . 2007-11-07 03:50 727,040 --a------ C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-01-08 17:38 . 2008-02-04 23:01 360,064 --a------ C:\WINDOWS\system32\dllcache\TCPIP.SYS
2008-01-06 17:39 . 2008-01-06 17:39 <DIR> d-------- C:\Program Files\Veoh Networks
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-05 05:04 --------- d-----w C:\Documents and Settings\Alan\Application Data\uTorrent
2008-02-05 05:01 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-02-04 06:42 --------- d-----w C:\Documents and Settings\Alan\Application Data\DMCache
2008-01-30 04:17 --------- d-----w C:\Program Files\Internet Download Manager
2008-01-30 04:17 --------- d-----w C:\Program Files\DAEMON Tools
2008-01-30 04:17 --------- d-----w C:\Program Files\AIM
2008-01-28 05:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-28 05:36 --------- d-----w C:\Program Files\Realtek
2008-01-28 05:27 --------- d-----w C:\Documents and Settings\Alan\Application Data\IDM
2008-01-27 20:52 --------- d-----w C:\Documents and Settings\Alan\Application Data\mIRC
2008-01-22 05:55 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-31 05:45 --------- d-----w C:\Program Files\Total Video Converter
2007-12-24 19:34 --------- d-----w C:\Docume

Response Number 9

Name: jabuck
Date: February 5, 2008 at 03:46:05 Pacific

Reply:

Looks much better.
Run an online scan with Kaspersky from the following link:
Kaspersky Online Scanner
Note: If you have used this particular scanner before, you MAY HAVE YO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component
Click Yes, when prompted to install its ActiveX component.
(Note.. for Internet Explorer 7 users: If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
The program launches and downloads the latest definition files.
Once the files are downloaded click on Next
Click on Scan Settings and configure as follows:
Scan using the following Anti-Virus database:
Extended
Scan Options:
Scan Archives
Scan Mail Base
Click OK and, under select a target to scan, select My Computer
When the scan is done, in the Scan is completed window (below), any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.
To obtain the report:
Click on: Save Report As (above - red blinking arrow)
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar
In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.

Response Number 10

Name: XeMa
Date: February 6, 2008 at 04:33:04 Pacific

Reply:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29:24, on 2008. 02. 06.
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\MSN Messenger\MsnMsgr .exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\totalcmd\TOTALCMD.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemonsearch.com/intl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC .exe" /hideme
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%SystemRoot%\System32\dllcache" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Crystal Clear\pack-it.exe" --unsetvs (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Crystal Clear\pack-it.exe" --unsetvs (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Crystal Clear\pack-it.exe" --unsetvs (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportálás a Microsoft Excel programba - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/no...
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
--
End of file - 6400 bytes

Response Number 11

Name: kash786
Date: February 6, 2008 at 18:28:49 Pacific

Reply:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:19:56, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWSC\System32\smss.exe
C:\WINDOWSC\system32\winlogon.exe
C:\WINDOWSC\system32\services.exe
C:\WINDOWSC\system32\lsass.exe
C:\WINDOWSC\system32\Ati2evxx.exe
C:\WINDOWSC\system32\svchost.exe
C:\WINDOWSC\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWSC\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWSC\system32\PnkBstrA.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWSC\Explorer.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWSC\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWSC\stsystra.exe
C:\WINDOWSC\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWSC\mrofinu572.exe
C:\WINDOWSC\system32\rundll32.exe
C:\WINDOWSC\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\MANTEC~1\logonui.exe
C:\Documents and Settings\kash\My Documents\??pPatch\?ttrib.exe
C:\Program Files\Drmupgds\Drmupgds.exe
C:\PROGRA~1\SYMNET~1\SNDWarn.exe
C:\Program Files\WinZip\WZQKPICK.exe
C:\WINDOWSC\system32\wuauclt.exe
C:\WINDOWSC\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\Documents and Settings\kash\Local Settings\Temporary Internet Files\Content.IE5\7466EUA1\HiJackThis[1].exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: {5dda91ee-30d1-f259-01e4-44b73d398520} - {025893d3-7b44-4e10-952f-1d03ee19add5} - C:\WINDOWSC\system32\wgrfbisr.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWSC\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {6510B9C6-7370-0FDF-0A14-5800B6BB80C8} - C:\WINDOWSC\system32\ijvctmc.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CF62E146-CEFD-4779-95E4-D2D035B185C4} - C:\WINDOWSC\system32\jkklm.dll
O2 - BHO: (no name) - {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - C:\WINDOWSC\system32\iiffcyw.dll
O2 - BHO: (no name) - {EF560378-2088-484D-8777-FF5ECC3FBE39} - C:\WINDOWSC\system32\ddabx.dll (file missing)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\kash\LOCALS~1\Temp\UIUCU.exe -CLEAN_UP -S
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWSC\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [runner1] C:\WINDOWSC\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM\..\Run: [NI.UGA6P_0001_N122M2210] "C:\DOCUME~1\kash\LOCALS~1\Temp\winvsnet.exe"
O4 - HKLM\..\Run: [ecf40c60] rundll32.exe "C:\WINDOWSC\system32\xmaacdqi.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWSC\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Aabm] "C:\PROGRA~1\MANTEC~1\logonui.exe" -vt yazb
O4 - HKCU\..\Run: [Aaef] "C:\Documents and Settings\kash\My Documents\??pPatch\?ttrib.exe"
O4 - HKCU\..\Run: [Drmupgds] C:\Program Files\Drmupgds\Drmupgds.exe
O4 - HKCU\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWSC\system32\CTFMON.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWSC\system32\CTFMON.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWSC\system32\CTFMON.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWSC\system32\CTFMON.exe (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Drive...
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWSC\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWSC\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWSC\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
--
End of file - 9394 bytes

Response Number 12

Name: jabuck
Date: February 6, 2008 at 19:43:20 Pacific

Reply:

kash786 and XeMa please start you own threads (post) and do not post any log until ask as it is against forum rules. Only state the problem.

Response Number 13

Name: iceburg23
Date: February 7, 2008 at 21:06:35 Pacific

Reply:

---------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 07, 2008 11:08:44 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 7/02/2008
Kaspersky Anti-Virus database records: 552970
---------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 36100
Number of viruses found: 3
Number of infected objects: 14
Number of suspicious objects: 0
Duration of the scan process: 01:13:18
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Alan\Application Data\Aim\swelrtpx\lilaznboi2311\cert8.db Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Aim\swelrtpx\lilaznboi2311\key3.db Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\cert8.db Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\history.dat Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\key3.db Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\parent.lock Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Alan\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Mozilla\Firefox\Profiles\vx08cc3n.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\My Documents\Downloads\AVG--Anti-Virus-Professional-Edition-Latest v7.5.516[Inc Key]\avg75avwt_516a1225.exe/data0000.cab/is151287.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.dwi skipped
C:\Documents and Settings\Alan\My Documents\Downloads\AVG--Anti-Virus-Professional-Edition-Latest v7.5.516[Inc Key]\avg75avwt_516a1225.exe/data0000.cab Infected: not-a-virus:AdWare.Win32.Virtumonde.dwi skipped
C:\Documents and Settings\Alan\My Documents\Downloads\AVG--Anti-Virus-Professional-Edition-Latest v7.5.516[Inc Key]\avg75avwt_516a1225.exe Rsrc-Package: infected - 2 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\MediaMonkey.Gold.v3.0.1.1127.Multilingual.Incl.Keymaker-CORE\Setup.exe/data0000.cab/is151247.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\Alan\My Documents\Downloads\MediaMonkey.Gold.v3.0.1.1127.Multilingual.Incl.Keymaker-CORE\Setup.exe/data0000.cab Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\Alan\My Documents\Downloads\MediaMonkey.Gold.v3.0.1.1127.Multilingual.Incl.Keymaker-CORE\Setup.exe Rsrc-Package: infected - 2 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\mIRC 6.3 + keygen\mIRC - English.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\mIRC 6.3 + keygen.rar/mIRC 6.3 + keygen/mIRC - English.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\mIRC 6.3 + keygen.rar RAR: infected - 1 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\mirc63.exe/stream/data0001/stream/data0014 Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\mirc63.exe/stream/data0001/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\mirc63.exe/stream/data0001 Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\mirc63.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Programs\mirc63.exe NSIS: infected - 4 skipped
C:\Documents and Settings\Alan\My Documents\Downloads\Rambo.IV.2008.WP.XviD-THS\~uTorrentPartFile_2D61EC98.dat Object is locked skipped
C:\Documents and Settings\Alan\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Alan\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\PeerGuardian2\history.db Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A28AB8F1-971A-41C9-B00A-49D87B3D6FE1}\RP10\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{3E8C62E5-C1CE-4899-B58D-F917E22B6D7E}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.

Response Number 14

Name: jabuck
Date: February 8, 2008 at 19:59:25 Pacific

Reply:

Other that the cracks you are clean, remember many crack sites are loaded with viri and spyware, you should stay away from them.
Your log is clean, how is the computer operating?

Sponsored Link

Ads by Google

Red X on C Drive + Proces...

world's first cracker?

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: pos.tmp files on c drive and my doc

pos tmp files on c, red x,slow,dll

Summary

www.computing.net/answers/security/pos-tmp-files-on-c-red-xslowdll-/22492.html

POS. tmp files in C drive, Red X ic

Summary

www.computing.net/answers/security/pos-tmp-files-in-c-drive-red-x-ic/22790.html

pos.tmp files on my C: drive

Summary

www.computing.net/answers/security/postmp-files-on-my-c-drive/22200.html

From the Geek Dictionary
pr0n - Leet slang for pornography. This is a deliberately inaccurate spelling/pron...

Ask a Question!

Weekly Poll
What do you think of the new preview of Chrome OS?

Poll Finishes In 3 Days.
Discuss in The Lounge
Poll History

Recent Posts
Computer turns on, runs in circles.

Send document via file-send to

Outlook 2007 Attachments

Web site access https and shtml

Windows Live Login

All Awaiting Reply

Tom's News
U.S. Air Force Buying 2,200 PlayStation 3s

LittleBigPlanet Playing Part in Obama's STEM Plan

Facebook Worm Sends Users to Porn

New iPhone Ads Back AT&T in 3G Coverage War

Large Hadron Collider Sees First Particle Collisions

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE