Logs
Hello Broni. Thanks for taking on this project... now let's annihilate some malware!
I tried to follow your instructions to the letter, but ran into some computer behavioral problems detailed below:
1) Flash Disinfector would not run on the infected computer. After clicking it multiple times, "WinRAR self-extracting archive" windows popped up with the following messages: Cannot create nircmd.exe, Cannot create pv.exe, Cannot create Flash_Disinfector.exe. Also, Flash Disinfector behaved a little strangely on my friends clean computer. After double-clicking, I was asked to insert drive. Inserted drive, screen went blank, screen returned, but I never got an option to "exit the program". Ran it a second time and got a dialogue box saying it had finished. Please advise as to whether I've inadvertantly infected friend's PC.
2) Avira scan said it found nothing but the log would not save, saying I could not access the drive. I worked around by pasting the contents of the .txt file into a new notepad file and saving. Also, after the scan, I got the following message: Avira Guard: Malware found 'TR/Dropper.Gen was found in file 'C:\Program Files\Common Files\... \0000NAV~.TMP'
3) GMER would not run, giving me the following message: LoadDriver( "C:\DOCUME~1\SAMUEL~1.SAU\LOCALS~1\Temp\fxliqpow.sys") erroe 0x0000022: Acess is denied. I worked around it by running GMER in Safe Mode.
4) At the end of the DDS run I got the following error on top of the logs: Windows Script Host Can Not find script file "C:\Documents and Settings\User Name\Local Settings\Temp\MSGB.PIF"
That just about does it. So without further ado, here are the logs:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
12/7/2010 9:59:13 PM
mbam-log-2010-12-07 (21-59-13).txt
Scan type: Quick scan
Objects scanned: 143542
Time elapsed: 12 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15530 -
http://www.gmer.net
Rootkit quick scan 2010-12-07 22:31:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 ST340014A rev.3.16
Running: r86rzteq.exe; Driver: C:\DOCUME~1\SAMUEL~1.SAU\LOCALS~1\Temp\fxliqpow.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00 (MBR): rootkit-like behavior; TDL4 <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 10: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sectors 78124744 (+255): rootkit-like behavior;
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 82F30292
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 82F30292
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 82F30292
Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST340014A_______________________________3.16____#4a33375857534245202020202020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-05.01) - NTFSx86
Run by Samuel M. Saunders at 22:52:50.54 on Tue 12/07/2010
Internet Explorer: 6.0.2900.5512
============== Running Processes ===============
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Web assistant: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Symantec NetDriver Monitor] c:\progra~1\symnet~1\SNDMon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [CLRHost] c:\blp\api\office~1\bbxlcmd.exe
uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [EPSON Stylus NX400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiega.exe /fu "c:\windows\temp\E_SE1.tmp" /EF "HKCU"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [URLLSTCK.exe] c:\program files\norton internet security\UrlLstCk.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launch~1.lnk - c:\program files\whitesmoke translator\WSTrayDictMode.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wna3100\WNA3100.exe
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=67633
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} - hxxp://protect.microsoft.com/security/protect/wsa/shared/CAB/x86/msSecAdv.cab?1095036083890
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156591399140
DPF: {6F750200-1362-4815-A476-88533DE61D0C} - hxxp://adobe.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38128.5721643519
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://sigremote.com/dana-cached/setup/JuniperSetupSP1.cab
TCP: {9210EE3C-4238-4ADD-A7BC-EAC1DB945ED7} = 156.154.70.22,156.154.71.22
TCP: {ABCCC484-D4E5-441D-84AE-52ADC2261EF3} = 156.154.70.22,156.154.71.22
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 91.212.127.226 osguardpro.microsoft.com
Hosts: 91.212.127.226 os-guardpro.com
Hosts: 91.212.127.226 www.os-guardpro.com
============= SERVICES / DRIVERS ===============
=============== Created Last 30 ================
2010-12-06 21:29:27 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-12-06 21:29:27 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-12-06 21:29:20 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-12-06 21:29:20 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-12-06 21:13:56 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-06 21:13:53 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-06 21:13:51 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-06 21:13:48 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-06 21:13:32 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-06 21:13:00 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-06 21:12:54 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-06 21:12:48 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-12-06 21:12:28 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-12-06 21:12:26 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-12-06 21:12:22 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-12-06 21:12:12 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-12-06 21:12:07 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-12-06 21:12:04 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-12-06 21:12:03 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-12-06 21:12:02 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-12-06 21:10:58 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2010-12-06 21:09:59 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-12-06 21:08:56 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-06 21:07:58 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-06 21:06:57 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2010-12-06 21:05:54 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2010-12-06 21:04:59 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2010-12-06 21:03:57 179264 -c--a-w- c:\windows\system32\dllcache\s3sav3d.dll
2010-12-06 21:02:54 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2010-12-06 21:01:59 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2010-12-06 21:00:57 20480 -c--a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-12-06 21:00:54 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-12-06 21:00:51 116736 -c--a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-12-06 21:00:49 31872 -c--a-w- c:\windows\system32\dllcache\ovce.sys
2010-12-06 21:00:46 28032 -c--a-w- c:\windows\system32\dllcache\ovcd.sys
2010-12-06 21:00:43 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-12-06 21:00:40 25088 -c--a-w- c:\windows\system32\dllcache\ovca.sys
2010-12-06 21:00:38 54186 -c--a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-12-06 21:00:35 43689 -c--a-w- c:\windows\system32\dllcache\otceth5.sys
2010-12-06 21:00:32 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-06 21:00:29 54528 -c--a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-12-06 21:00:25 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-12-06 21:00:02 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2010-12-06 20:58:57 59104 -c--a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-12-06 20:57:56 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-12-06 20:57:54 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2010-12-06 20:57:53 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-12-06 20:57:43 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2010-12-06 20:57:40 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2010-12-06 20:57:19 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-12-06 20:57:09 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2010-12-06 20:57:08 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2010-12-06 20:57:07 34304 -c--a-w- c:\windows\system32\dllcache\migisol.exe
2010-12-06 20:57:03 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2010-12-06 20:57:01 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2010-12-06 20:57:00 92416 -c--a-w- c:\windows\system32\dllcache\mga.sys
2010-12-06 20:57:00 92032 -c--a-w- c:\windows\system32\dllcache\mga.dll
2010-12-06 20:55:58 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-06 20:54:59 35328 -c--a-w- c:\windows\system32\dllcache\iprip.dll
2010-12-06 20:53:58 38528 -c--a-w- c:\windows\system32\dllcache\ibmvcap.sys
2010-12-06 20:52:59 150239 -c--a-w- c:\windows\system32\dllcache\hsf_amos.sys
2010-12-06 20:51:57 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2010-12-06 20:50:58 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys
2010-12-06 20:49:59 241206 -c--a-w- c:\windows\system32\dllcache\el656se5.sys
2010-12-06 20:48:59 103044 -c--a-w- c:\windows\system32\dllcache\digidxb.sys
2010-12-06 20:47:59 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2010-12-06 20:46:53 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-12-06 20:45:58 96128 -c--a-w- c:\windows\system32\dllcache\ati.dll
2010-12-06 20:44:57 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2010-12-06 19:25:47 388096 ----a-r- c:\docume~1\samuel~1.sau\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-12-06 19:25:46 -------- d-----w- c:\program files\Trend Micro
2010-12-05 01:25:28 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-12-05 01:25:28 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-12-05 01:25:28 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-12-05 01:25:28 13312 ----a-w- c:\windows\system32\irclass.dll
2010-12-04 17:04:49 -------- d-----w- c:\windows\Dell
2010-11-30 08:12:57 -------- d-----w- c:\windows\java
2010-11-30 05:12:37 348160 ----a-w- c:\windows\system32\msvc5364.rra
2010-11-29 20:55:53 -------- d-----w- c:\docume~1\samuel~1.sau\applic~1\Avira
2010-11-28 06:35:22 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-11-28 06:35:22 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-28 06:33:36 -------- d-----w- c:\program files\iTunes
2010-11-24 23:26:11 -------- d-----w- c:\program files\iTunes(3)
==================== Find3M ====================
2010-09-11 07:41:40 285480 ----a-w- c:\windows\system32\guard32.dll
2009-08-13 15:11:17 17260 ----a-w- c:\program files\common files\malyle.bin
============= FINISH: 22:55:02.26 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-05.01)
==== Disk Partitions =========================
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe® Photoshop® Album Starter Edition 3.0
Adobe® Photoshop® Album Starter Edition 3.0.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Banctec Service Agreement
Bonjour
BUM
Business Contact Manager for Outlook 2003
CC_ccProxyMSI
CC_ccStart
ccCommon
COMODO Internet Security
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Dell Networking Guide
Digital Line Detect
EPSON Scan
EPSON Stylus NX400 Series Printer Uninstall
Google Earth Plug-in
Google Update Helper
Help and Support Customization
HiJackThis
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
Internet Explorer Default Page
iTunes
Java 2 Runtime Environment, SE v1.4.2
KODAK EASYSHARE Gallery Easy Upload, v2.0
KODAK EASYSHARE Gallery Upload ActiveX Control
LiveReg (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft ActiveSync 4.0
Microsoft Data Access Components KB870669
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Modem Helper
MSRedist
NETGEAR WNA3100 wireless USB 2.0 adapter
NetWaiting
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security (Symantec Corporation)
NVIDIA Windows 2000/XP Display Drivers
OGA Notifier 2.0.0048.0
Panda ActiveScan 2.0
QuickTime
RealPlayer
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
SUPERAntiSpyware
Symantec Script Blocking Installer
TD AMERITRADE StrategyDesk 3.4
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WebFldrs XP
Whitesmoke Translator
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 11
==== End Of File ===========================