Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit.Boot.Pihar.b - Unable to get internet connection - Winsock might be damaged


  • This topic is locked This topic is locked
191 replies to this topic

#1 Iceyburnz

Iceyburnz

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 18 September 2012 - 06:43 PM

Fixing a friends computer. Issue seems very similar to this thread (i will PM Oh My in case he wants to continue the work he did with opticalwreck) : http://www.bleepingcomputer.com/forums/topic467081.html


I received this computer from a friend and was asked to fix it. Not sure what the original malwares were or what they did to fix them (I titled this Rootkit.Boot.Pihar.b as thats what TDSSkiller came up with)

I can usually fix just about anything with a pc but this one just wont work. I did try a bunch of stuff(some of which i cant seem to undo <sigh>) and will list as much as I can remember


Current issues:

1. Can't run Combofix - Just noticed in one of the logs that the computer thinks that it is running Windows Server 2008 R2. When I go to Computer > System Properties, it shows Windows 7 Professional. Not sure why a couple of the logs show Windows Server 2008 R2

2. Can't get an IP address - I believe Winsock is damaged. The internet stopped working at some point during the cleanup. It was working when I started but there was issues with some sites

When I go to MSinfo32 > Components > Network > Protocol, it shows up blank.
in an elevated command prompt, I get the following responses when doing the following commands:
netsh winsock reset
The system cannot find the file specified.

netsh int ipv4 reset
Reseting Interface, OK!
Restart the computer to complete this action.

netsh int ipv6 reset
There's no user specified settings to be reset.

Current IP info:

C:\Windows\system32>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Nishbell-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet
 NIC
   Physical Address. . . . . . . . . : 00-16-76-C0-91-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d05d:17c3:7082:4da9%15(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.77.169(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 301995638
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4F-71-71-00-16-76-C0-91-11

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{9F37C8A6-F7E3-45EE-9CCD-37A3C7624D49}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Windows\system32>




I uninstalled the following from the network adapter and cant get them to reinstall back:
Client for Microsoft Networks
QoS Packet Scheduler
File and Printer Sharing for Microsoft Networks
Link-layer Topology Discovery Mapper I/O Driver
Link-layer Topology Discovery Responder
trying to follow this post to resolve the winsock issue - http://www.tomshardware.com/forum/39223-42-nbtstat-wont-purge-remote-netbios-names-home-workgroup


3. Windows Firewall was damaged and not starting (Resolved) - I used the following post by narenxp to resolve the Firewall issue
http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/5366225a-46e7-4d6c-a389-8bd18a5c3aad



Rkill by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/13/2012 09:14:07 AM in x86 mode.
Windows Version: Windows Server 2008 R2

Checking for Windows services to stop.

 * No malware services found to stop.

Checking for processes to terminate.

 * No malware processes found to kill.

Checking Registry for malware related settings.

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

 * No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 09/13/2012 09:14:19 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)

09:26:42.0675 3624	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
09:26:42.0753 3624	============================================================
09:26:42.0753 3624	Current date / time: 2012/09/13 09:26:42.0753
09:26:42.0753 3624	SystemInfo:
09:26:42.0753 3624	
09:26:42.0753 3624	OS Version: 6.1.7600 ServicePack: 0.0
09:26:42.0753 3624	Product type: Server
09:26:42.0753 3624	ComputerName: NISHBELL-PC
09:26:42.0753 3624	UserName: Nishbell
09:26:42.0753 3624	Windows directory: C:\Windows
09:26:42.0753 3624	System windows directory: C:\Windows
09:26:42.0753 3624	Processor architecture: Intel x86
09:26:42.0753 3624	Number of processors: 2
09:26:42.0753 3624	Page size: 0x1000
09:26:42.0753 3624	Boot type: Normal boot
09:26:42.0753 3624	============================================================
09:26:45.0300 3624	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x5686, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
09:26:45.0363 3624	Drive \Device\Harddisk5\DR5 - Size: 0xF4380000 (3.82 Gb), SectorSize: 0x200, Cylinders: 0x1F2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:26:45.0363 3624	============================================================
09:26:45.0363 3624	\Device\Harddisk0\DR0:
09:26:45.0363 3624	MBR partitions:
09:26:45.0363 3624	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:26:45.0363 3624	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
09:26:45.0363 3624	\Device\Harddisk5\DR5:
09:26:45.0363 3624	MBR partitions:
09:26:45.0363 3624	\Device\Harddisk5\DR5\Partition0: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0x7A1BC0
09:26:45.0363 3624	============================================================
09:26:45.0394 3624	C: <-> \Device\Harddisk0\DR0\Partition1
09:26:45.0394 3624	============================================================
09:26:45.0394 3624	Initialize success
09:26:45.0394 3624	============================================================
09:26:46.0269 3656	============================================================
09:26:46.0269 3656	Scan started
09:26:46.0269 3656	Mode: Manual; 
09:26:46.0269 3656	============================================================
09:26:47.0738 3656	1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
09:26:47.0738 3656	1394ohci - ok
09:26:47.0800 3656	ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
09:26:47.0816 3656	ACPI - ok
09:26:47.0832 3656	AcpiPmi         (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
09:26:47.0847 3656	AcpiPmi - ok
09:26:47.0910 3656	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:26:47.0925 3656	adp94xx - ok
09:26:47.0972 3656	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:26:47.0988 3656	adpahci - ok
09:26:48.0019 3656	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:26:48.0035 3656	adpu320 - ok
09:26:48.0066 3656	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:26:48.0082 3656	AeLookupSvc - ok
09:26:48.0175 3656	AFD             (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
09:26:48.0191 3656	AFD - ok
09:26:48.0238 3656	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
09:26:48.0238 3656	agp440 - ok
09:26:48.0269 3656	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:26:48.0285 3656	aic78xx - ok
09:26:48.0316 3656	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:26:48.0332 3656	ALG - ok
09:26:48.0347 3656	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
09:26:48.0347 3656	aliide - ok
09:26:48.0378 3656	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
09:26:48.0394 3656	amdagp - ok
09:26:48.0410 3656	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
09:26:48.0410 3656	amdide - ok
09:26:48.0441 3656	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:26:48.0457 3656	AmdK8 - ok
09:26:48.0472 3656	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:26:48.0488 3656	AmdPPM - ok
09:26:48.0519 3656	amdsata         (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
09:26:48.0535 3656	amdsata - ok
09:26:48.0566 3656	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:26:48.0582 3656	amdsbs - ok
09:26:48.0597 3656	amdxata         (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
09:26:48.0613 3656	amdxata - ok
09:26:48.0644 3656	AppID           (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
09:26:48.0660 3656	AppID - ok
09:26:48.0707 3656	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:26:48.0707 3656	AppIDSvc - ok
09:26:48.0769 3656	Appinfo         (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
09:26:48.0769 3656	Appinfo - ok
09:26:48.0847 3656	Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:26:48.0847 3656	Apple Mobile Device - ok
09:26:48.0894 3656	AppMgmt         (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
09:26:48.0910 3656	AppMgmt - ok
09:26:48.0957 3656	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:26:48.0957 3656	arc - ok
09:26:48.0988 3656	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:26:48.0988 3656	arcsas - ok
09:26:49.0019 3656	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:26:49.0019 3656	AsyncMac - ok
09:26:49.0050 3656	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
09:26:49.0050 3656	atapi - ok
09:26:49.0128 3656	Ati External Event Utility (86fb6b8ddbcb6e025ce8a90f77af1ff1) C:\Windows\system32\Ati2evxx.exe
09:26:49.0160 3656	Ati External Event Utility - ok
09:26:49.0425 3656	atikmdag        (a23efb72057fed7128eb558866055fdf) C:\Windows\system32\DRIVERS\atikmdag.sys
09:26:49.0550 3656	atikmdag - ok
09:26:50.0847 3656	AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
09:26:50.0878 3656	AudioEndpointBuilder - ok
09:26:50.0894 3656	Audiosrv        (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
09:26:50.0894 3656	Audiosrv - ok
09:26:50.0941 3656	AxInstSV        (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
09:26:50.0957 3656	AxInstSV - ok
09:26:51.0050 3656	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:26:51.0082 3656	b06bdrv - ok
09:26:51.0128 3656	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:26:51.0160 3656	b57nd60x - ok
09:26:51.0207 3656	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:26:51.0207 3656	BDESVC - ok
09:26:51.0238 3656	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:26:51.0238 3656	Beep - ok
09:26:51.0285 3656	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:26:51.0285 3656	blbdrive - ok
09:26:51.0394 3656	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
09:26:51.0394 3656	Bonjour Service - ok
09:26:51.0441 3656	bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
09:26:51.0441 3656	bowser - ok
09:26:51.0472 3656	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:26:51.0472 3656	BrFiltLo - ok
09:26:51.0488 3656	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:26:51.0503 3656	BrFiltUp - ok
09:26:51.0535 3656	Browser         (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
09:26:51.0550 3656	Browser - ok
09:26:51.0582 3656	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:26:51.0597 3656	Brserid - ok
09:26:51.0628 3656	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:26:51.0660 3656	BrSerWdm - ok
09:26:51.0707 3656	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:26:51.0707 3656	BrUsbMdm - ok
09:26:51.0738 3656	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:26:51.0738 3656	BrUsbSer - ok
09:26:51.0847 3656	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:26:51.0894 3656	BTHMODEM - ok
09:26:52.0003 3656	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:26:52.0003 3656	bthserv - ok
09:26:52.0050 3656	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:26:52.0066 3656	cdfs - ok
09:26:52.0113 3656	cdrom           (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
09:26:52.0128 3656	cdrom - ok
09:26:52.0175 3656	CertPropSvc     (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
09:26:52.0191 3656	CertPropSvc - ok
09:26:52.0253 3656	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:26:52.0253 3656	circlass - ok
09:26:52.0332 3656	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:26:52.0347 3656	CLFS - ok
09:26:52.0550 3656	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:26:52.0644 3656	clr_optimization_v2.0.50727_32 - ok
09:26:52.0753 3656	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:26:52.0753 3656	clr_optimization_v4.0.30319_32 - ok
09:26:52.0800 3656	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:26:52.0800 3656	CmBatt - ok
09:26:52.0847 3656	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
09:26:52.0847 3656	cmdide - ok
09:26:52.0910 3656	CNG             (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
09:26:52.0941 3656	CNG - ok
09:26:52.0957 3656	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:26:52.0957 3656	Compbatt - ok
09:26:53.0003 3656	CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:26:53.0003 3656	CompositeBus - ok
09:26:53.0019 3656	COMSysApp - ok
09:26:53.0050 3656	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:26:53.0050 3656	crcdisk - ok
09:26:53.0113 3656	CryptSvc        (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
09:26:53.0113 3656	CryptSvc - ok
09:26:53.0191 3656	CSC             (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
09:26:53.0222 3656	CSC - ok
09:26:53.0300 3656	CscService      (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll
09:26:53.0332 3656	CscService - ok
09:26:53.0394 3656	DcomLaunch      (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
09:26:53.0425 3656	DcomLaunch - ok
09:26:53.0457 3656	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:26:53.0472 3656	defragsvc - ok
09:26:53.0550 3656	DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
09:26:53.0566 3656	DfsC - ok
09:26:53.0628 3656	Dhcp            (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
09:26:53.0644 3656	Dhcp - ok
09:26:53.0660 3656	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:26:53.0660 3656	discache - ok
09:26:54.0019 3656	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:26:54.0050 3656	Disk - ok
09:26:54.0910 3656	Dnscache        (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
09:26:54.0972 3656	Dnscache - ok
09:26:56.0238 3656	dot3svc         (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
09:26:56.0300 3656	dot3svc - ok
09:26:56.0566 3656	DPS             (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
09:26:56.0582 3656	DPS - ok
09:26:56.0628 3656	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:26:56.0628 3656	drmkaud - ok
09:26:56.0738 3656	DXGKrnl         (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
09:26:56.0800 3656	DXGKrnl - ok
09:26:57.0066 3656	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:26:57.0097 3656	EapHost - ok
09:27:01.0785 3656	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:27:01.0925 3656	ebdrv - ok
09:27:03.0269 3656	EFS             (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
09:27:03.0269 3656	EFS - ok
09:27:03.0441 3656	ehRecvr         (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
09:27:03.0519 3656	ehRecvr - ok
09:27:03.0628 3656	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:27:03.0660 3656	ehSched - ok
09:27:04.0597 3656	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:27:04.0644 3656	elxstor - ok
09:27:04.0691 3656	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
09:27:04.0691 3656	ErrDev - ok
09:27:04.0847 3656	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:27:04.0878 3656	EventSystem - ok
09:27:04.0988 3656	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:27:04.0988 3656	exfat - ok
09:27:05.0097 3656	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:27:05.0113 3656	fastfat - ok
09:27:05.0253 3656	Fax             (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
09:27:05.0285 3656	Fax - ok
09:27:05.0316 3656	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:27:05.0316 3656	fdc - ok
09:27:05.0347 3656	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:27:05.0347 3656	fdPHost - ok
09:27:05.0363 3656	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:27:05.0363 3656	FDResPub - ok
09:27:05.0410 3656	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:27:05.0410 3656	FileInfo - ok
09:27:05.0457 3656	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:27:05.0457 3656	Filetrace - ok
09:27:05.0503 3656	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:27:05.0503 3656	flpydisk - ok
09:27:05.0535 3656	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:27:05.0550 3656	FltMgr - ok
09:27:05.0738 3656	FontCache       (151258fc2ec8c48bdf8a53350ae0a676) C:\Windows\system32\FntCache.dll
09:27:05.0785 3656	FontCache - ok
09:27:05.0910 3656	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:27:05.0941 3656	FontCache3.0.0.0 - ok
09:27:05.0972 3656	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:27:05.0972 3656	FsDepends - ok
09:27:06.0003 3656	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
09:27:06.0003 3656	Fs_Rec - ok
09:27:06.0050 3656	fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
09:27:06.0066 3656	fvevol - ok
09:27:06.0113 3656	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:27:06.0113 3656	gagp30kx - ok
09:27:06.0144 3656	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:27:06.0144 3656	GEARAspiWDM - ok
09:27:06.0253 3656	gpsvc           (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
09:27:06.0285 3656	gpsvc - ok
09:27:06.0332 3656	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:27:06.0332 3656	hcw85cir - ok
09:27:06.0425 3656	HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
09:27:06.0457 3656	HdAudAddService - ok
09:27:06.0550 3656	HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:27:06.0550 3656	HDAudBus - ok
09:27:06.0566 3656	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:27:06.0566 3656	HidBatt - ok
09:27:06.0597 3656	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:27:06.0597 3656	HidBth - ok
09:27:06.0644 3656	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:27:06.0660 3656	HidIr - ok
09:27:06.0691 3656	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:27:06.0707 3656	hidserv - ok
09:27:06.0738 3656	HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
09:27:06.0738 3656	HidUsb - ok
09:27:06.0769 3656	hkmsvc          (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
09:27:06.0785 3656	hkmsvc - ok
09:27:06.0816 3656	HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
09:27:06.0832 3656	HomeGroupListener - ok
09:27:06.0878 3656	HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
09:27:06.0894 3656	HomeGroupProvider - ok
09:27:06.0925 3656	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
09:27:06.0925 3656	HpSAMD - ok
09:27:07.0035 3656	HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
09:27:07.0097 3656	HTTP - ok
09:27:07.0113 3656	hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
09:27:07.0113 3656	hwpolicy - ok
09:27:07.0160 3656	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
09:27:07.0160 3656	i8042prt - ok
09:27:07.0207 3656	iaStorV         (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
09:27:07.0222 3656	iaStorV - ok
09:27:07.0378 3656	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:27:07.0394 3656	IDriverT - ok
09:27:07.0660 3656	idsvc           (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:27:07.0738 3656	idsvc - ok
09:27:07.0941 3656	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:27:07.0941 3656	iirsp - ok
09:27:08.0082 3656	IKEEXT          (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
09:27:08.0113 3656	IKEEXT - ok
09:27:08.0144 3656	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
09:27:08.0144 3656	intelide - ok
09:27:08.0191 3656	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:27:08.0191 3656	intelppm - ok
09:27:08.0238 3656	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:27:08.0238 3656	IPBusEnum - ok
09:27:08.0269 3656	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:27:08.0285 3656	IpFilterDriver - ok
09:27:08.0300 3656	IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:27:08.0300 3656	IPMIDRV - ok
09:27:08.0347 3656	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:27:08.0347 3656	IPNAT - ok
09:27:08.0472 3656	iPod Service    (0ca8c2e721617aa2f923a8151c96fb33) C:\Program Files\iPod\bin\iPodService.exe
09:27:08.0535 3656	iPod Service - ok
09:27:08.0566 3656	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:27:08.0566 3656	IRENUM - ok
09:27:08.0597 3656	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
09:27:08.0597 3656	isapnp - ok
09:27:08.0628 3656	iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
09:27:08.0644 3656	iScsiPrt - ok
09:27:08.0675 3656	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:27:08.0675 3656	kbdclass - ok
09:27:08.0707 3656	kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
09:27:08.0707 3656	kbdhid - ok
09:27:08.0753 3656	KeyIso          (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
09:27:08.0753 3656	KeyIso - ok
09:27:08.0800 3656	KSecDD          (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
09:27:08.0816 3656	KSecDD - ok
09:27:08.0847 3656	KSecPkg         (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
09:27:08.0863 3656	KSecPkg - ok
09:27:08.0925 3656	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:27:08.0957 3656	KtmRm - ok
09:27:09.0050 3656	LanmanServer    (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
09:27:09.0066 3656	LanmanServer - ok
09:27:09.0113 3656	LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
09:27:09.0113 3656	LanmanWorkstation - ok
09:27:09.0769 3656	LeapFrog Connect Device Service (24a7d535bd9e58e5bc1ac52ef7e2ec8e) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
09:27:09.0910 3656	LeapFrog Connect Device Service - ok
09:27:10.0191 3656	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:27:10.0191 3656	lltdio - ok
09:27:10.0238 3656	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:27:10.0238 3656	lltdsvc - ok
09:27:10.0285 3656	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:27:10.0285 3656	lmhosts - ok
09:27:10.0332 3656	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:27:10.0347 3656	LSI_FC - ok
09:27:10.0378 3656	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:27:10.0378 3656	LSI_SAS - ok
09:27:10.0425 3656	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:27:10.0441 3656	LSI_SAS2 - ok
09:27:10.0457 3656	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:27:10.0472 3656	LSI_SCSI - ok
09:27:10.0503 3656	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:27:10.0503 3656	luafv - ok
09:27:10.0566 3656	Mcx2Svc         (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
09:27:10.0566 3656	Mcx2Svc - ok
09:27:10.0582 3656	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:27:10.0597 3656	megasas - ok
09:27:10.0628 3656	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:27:10.0644 3656	MegaSR - ok
09:27:10.0769 3656	Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:27:10.0769 3656	Microsoft Office Groove Audit Service - ok
09:27:10.0800 3656	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:27:10.0800 3656	MMCSS - ok
09:27:10.0832 3656	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:27:10.0847 3656	Modem - ok
09:27:10.0863 3656	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:27:10.0863 3656	monitor - ok
09:27:10.0894 3656	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:27:10.0894 3656	mouclass - ok
09:27:10.0925 3656	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:27:10.0925 3656	mouhid - ok
09:27:11.0003 3656	mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
09:27:11.0003 3656	mountmgr - ok
09:27:11.0035 3656	mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
09:27:11.0050 3656	mpio - ok
09:27:11.0082 3656	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:27:11.0082 3656	mpsdrv - ok
09:27:11.0144 3656	MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
09:27:11.0144 3656	MRxDAV - ok
09:27:11.0191 3656	mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:27:11.0207 3656	mrxsmb - ok
09:27:11.0285 3656	mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:27:11.0300 3656	mrxsmb10 - ok
09:27:11.0347 3656	mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:27:11.0363 3656	mrxsmb20 - ok
09:27:11.0410 3656	msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
09:27:11.0410 3656	msahci - ok
09:27:11.0425 3656	msdsm           (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
09:27:11.0441 3656	msdsm - ok
09:27:11.0472 3656	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:27:11.0488 3656	MSDTC - ok
09:27:11.0535 3656	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:27:11.0535 3656	Msfs - ok
09:27:11.0550 3656	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:27:11.0550 3656	mshidkmdf - ok
09:27:11.0566 3656	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
09:27:11.0566 3656	msisadrv - ok
09:27:11.0644 3656	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:27:11.0644 3656	MSiSCSI - ok
09:27:11.0660 3656	msiserver - ok
09:27:11.0691 3656	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:27:11.0691 3656	MSKSSRV - ok
09:27:11.0722 3656	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:27:11.0738 3656	MSPCLOCK - ok
09:27:11.0769 3656	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:27:11.0769 3656	MSPQM - ok
09:27:11.0816 3656	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:27:11.0832 3656	MsRPC - ok
09:27:11.0863 3656	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
09:27:11.0863 3656	mssmbios - ok
09:27:11.0910 3656	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:27:11.0910 3656	MSTEE - ok
09:27:11.0941 3656	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:27:11.0941 3656	MTConfig - ok
09:27:11.0957 3656	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:27:11.0957 3656	Mup - ok
09:27:12.0035 3656	napagent        (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
09:27:12.0066 3656	napagent - ok
09:27:12.0113 3656	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:27:12.0128 3656	NativeWifiP - ok
09:27:12.0207 3656	NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
09:27:12.0238 3656	NDIS - ok
09:27:12.0300 3656	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:27:12.0316 3656	NdisCap - ok
09:27:12.0347 3656	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:27:12.0347 3656	NdisTapi - ok
09:27:12.0378 3656	Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
09:27:12.0394 3656	Ndisuio - ok
09:27:12.0410 3656	NdisWan         (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
09:27:12.0425 3656	NdisWan - ok
09:27:12.0441 3656	NDProxy         (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
09:27:12.0441 3656	NDProxy - ok
09:27:12.0488 3656	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:27:12.0488 3656	NetBIOS - ok
09:27:12.0519 3656	NetBT           (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
09:27:12.0535 3656	NetBT - ok
09:27:12.0597 3656	Netlogon        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
09:27:12.0597 3656	Netlogon - ok
09:27:12.0644 3656	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:27:12.0660 3656	Netman - ok
09:27:12.0707 3656	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:27:12.0738 3656	netprofm - ok
09:27:12.0832 3656	NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:27:12.0832 3656	NetTcpPortSharing - ok
09:27:12.0863 3656	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:27:12.0863 3656	nfrd960 - ok
09:27:12.0925 3656	NlaSvc          (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
09:27:12.0941 3656	NlaSvc - ok
09:27:12.0957 3656	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:27:12.0972 3656	Npfs - ok
09:27:12.0988 3656	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:27:12.0988 3656	nsi - ok
09:27:13.0019 3656	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:27:13.0019 3656	nsiproxy - ok
09:27:13.0175 3656	Ntfs            (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
09:27:13.0238 3656	Ntfs - ok
09:27:13.0269 3656	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:27:13.0269 3656	Null - ok
09:27:13.0316 3656	nvraid          (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
09:27:13.0332 3656	nvraid - ok
09:27:13.0363 3656	nvstor          (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
09:27:13.0378 3656	nvstor - ok
09:27:13.0410 3656	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
09:27:13.0425 3656	nv_agp - ok
09:27:13.0550 3656	odserv          (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:27:13.0566 3656	odserv - ok
09:27:13.0628 3656	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
09:27:13.0628 3656	ohci1394 - ok
09:27:13.0675 3656	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:27:13.0691 3656	ose - ok
09:27:13.0753 3656	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:27:13.0785 3656	p2pimsvc - ok
09:27:13.0878 3656	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:27:13.0925 3656	p2psvc - ok
09:27:13.0972 3656	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:27:13.0988 3656	Parport - ok
09:27:14.0003 3656	partmgr         (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
09:27:14.0019 3656	partmgr - ok
09:27:14.0035 3656	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:27:14.0050 3656	Parvdm - ok
09:27:14.0113 3656	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:27:14.0113 3656	PcaSvc - ok
09:27:14.0144 3656	pci             (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
09:27:14.0160 3656	pci - ok
09:27:14.0191 3656	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
09:27:14.0191 3656	pciide - ok
09:27:14.0253 3656	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:27:14.0253 3656	pcmcia - ok
09:27:14.0378 3656	PCToolsSSDMonitorSvc (3fb1936494b3ce2180789acc30487795) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
09:27:14.0410 3656	PCToolsSSDMonitorSvc - ok
09:27:14.0441 3656	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:27:14.0441 3656	pcw - ok
09:27:14.0550 3656	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:27:14.0582 3656	PEAUTH - ok
09:27:14.0753 3656	PeerDistSvc     (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
09:27:14.0800 3656	PeerDistSvc - ok
09:27:15.0082 3656	pla             (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
09:27:15.0128 3656	pla - ok
09:27:15.0300 3656	PlugPlay        (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
09:27:15.0332 3656	PlugPlay - ok
09:27:15.0363 3656	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:27:15.0363 3656	PNRPAutoReg - ok
09:27:15.0410 3656	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:27:15.0410 3656	PNRPsvc - ok
09:27:15.0472 3656	PolicyAgent     (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
09:27:15.0488 3656	PolicyAgent - ok
09:27:15.0519 3656	Power           (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
09:27:15.0535 3656	Power - ok
09:27:15.0613 3656	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:27:15.0628 3656	PptpMiniport - ok
09:27:15.0644 3656	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:27:15.0660 3656	Processor - ok
09:27:15.0691 3656	ProfSvc         (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
09:27:15.0707 3656	ProfSvc - ok
09:27:15.0738 3656	ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
09:27:15.0738 3656	ProtectedStorage - ok
09:27:15.0800 3656	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:27:15.0816 3656	Psched - ok
09:27:15.0988 3656	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:27:16.0066 3656	ql2300 - ok
09:27:16.0363 3656	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:27:16.0394 3656	ql40xx - ok
09:27:16.0425 3656	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:27:16.0441 3656	QWAVE - ok
09:27:16.0457 3656	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:27:16.0457 3656	QWAVEdrv - ok
09:27:16.0488 3656	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:27:16.0488 3656	RasAcd - ok
09:27:16.0535 3656	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:27:16.0535 3656	RasAgileVpn - ok
09:27:16.0566 3656	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:27:16.0597 3656	RasAuto - ok
09:27:16.0613 3656	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:27:16.0628 3656	Rasl2tp - ok
09:27:16.0691 3656	RasMan          (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
09:27:16.0722 3656	RasMan - ok
09:27:16.0769 3656	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:27:16.0800 3656	RasPppoe - ok
09:27:16.0832 3656	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:27:16.0832 3656	RasSstp - ok
09:27:16.0894 3656	rdbss           (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
09:27:16.0910 3656	rdbss - ok
09:27:16.0925 3656	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:27:16.0941 3656	rdpbus - ok
09:27:16.0957 3656	RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:27:16.0957 3656	RDPCDD - ok
09:27:17.0035 3656	RDPDR           (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
09:27:17.0050 3656	RDPDR - ok
09:27:17.0097 3656	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:27:17.0097 3656	RDPENCDD - ok
09:27:17.0144 3656	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:27:17.0144 3656	RDPREFMP - ok
09:27:17.0175 3656	RDPWD           (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
09:27:17.0191 3656	RDPWD - ok
09:27:17.0222 3656	rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
09:27:17.0238 3656	rdyboost - ok
09:27:17.0269 3656	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:27:17.0285 3656	RemoteAccess - ok
09:27:17.0316 3656	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:27:17.0332 3656	RemoteRegistry - ok
09:27:17.0363 3656	RimUsb          (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
09:27:17.0363 3656	RimUsb - ok
09:27:17.0378 3656	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:27:17.0378 3656	RpcEptMapper - ok
09:27:17.0410 3656	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:27:17.0410 3656	RpcLocator - ok
09:27:17.0488 3656	RpcSs           (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
09:27:17.0488 3656	RpcSs - ok
09:27:17.0535 3656	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:27:17.0535 3656	rspndr - ok
09:27:17.0566 3656	RTL8023xp       (166911eada13cd34dd8f8c667707be94) C:\Windows\system32\DRIVERS\Rtnicxp.sys
09:27:17.0582 3656	RTL8023xp - ok
09:27:17.0613 3656	s3cap           (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
09:27:17.0628 3656	s3cap - ok
09:27:17.0660 3656	SamSs           (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
09:27:17.0660 3656	SamSs - ok
09:27:17.0707 3656	sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
09:27:17.0722 3656	sbp2port - ok
09:27:17.0769 3656	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:27:17.0785 3656	SCardSvr - ok
09:27:17.0816 3656	scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
09:27:17.0816 3656	scfilter - ok
09:27:17.0910 3656	Schedule        (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
09:27:17.0957 3656	Schedule - ok
09:27:18.0019 3656	SCPolicySvc     (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
09:27:18.0019 3656	SCPolicySvc - ok
09:27:18.0144 3656	SDRSVC          (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
09:27:18.0144 3656	SDRSVC - ok
09:27:18.0191 3656	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:27:18.0191 3656	secdrv - ok
09:27:18.0207 3656	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:27:18.0222 3656	seclogon - ok
09:27:18.0238 3656	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:27:18.0253 3656	SENS - ok
09:27:18.0300 3656	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:27:18.0300 3656	SensrSvc - ok
09:27:18.0332 3656	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:27:18.0332 3656	Serenum - ok
09:27:18.0363 3656	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:27:18.0378 3656	sermouse - ok
09:27:18.0441 3656	SessionEnv      (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
09:27:18.0441 3656	SessionEnv - ok
09:27:18.0488 3656	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
09:27:18.0488 3656	sffdisk - ok
09:27:18.0503 3656	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:27:18.0503 3656	sffp_mmc - ok
09:27:18.0535 3656	sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:27:18.0535 3656	sffp_sd - ok
09:27:18.0582 3656	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:27:18.0582 3656	sfloppy - ok
09:27:18.0660 3656	ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
09:27:18.0691 3656	ShellHWDetection - ok
09:27:18.0722 3656	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
09:27:18.0722 3656	sisagp - ok
09:27:18.0769 3656	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:27:18.0769 3656	SiSRaid2 - ok
09:27:18.0800 3656	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:27:18.0800 3656	SiSRaid4 - ok
09:27:18.0847 3656	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:27:18.0847 3656	Smb - ok
09:27:18.0894 3656	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:27:18.0894 3656	SNMPTRAP - ok
09:27:18.0925 3656	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:27:18.0925 3656	spldr - ok
09:27:18.0988 3656	Spooler         (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
09:27:19.0019 3656	Spooler - ok
09:27:19.0753 3656	sppsvc          (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
09:27:19.0847 3656	sppsvc - ok
09:27:20.0082 3656	sppuinotify     (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
09:27:20.0113 3656	sppuinotify - ok
09:27:20.0191 3656	srv             (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
09:27:20.0222 3656	srv - ok
09:27:20.0285 3656	srv2            (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
09:27:20.0316 3656	srv2 - ok
09:27:20.0378 3656	SrvHsfPCI       (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS
09:27:20.0394 3656	SrvHsfPCI - ok
09:27:20.0535 3656	SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:27:20.0597 3656	SrvHsfV92 - ok
09:27:20.0675 3656	SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:27:20.0707 3656	SrvHsfWinac - ok
09:27:20.0753 3656	srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
09:27:20.0785 3656	srvnet - ok
09:27:20.0847 3656	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:27:20.0863 3656	SSDPSRV - ok
09:27:20.0894 3656	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:27:20.0910 3656	SstpSvc - ok
09:27:20.0941 3656	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:27:20.0941 3656	stexstor - ok
09:27:21.0066 3656	StiSvc          (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
09:27:21.0097 3656	StiSvc - ok
09:27:21.0144 3656	storflt         (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
09:27:21.0144 3656	storflt - ok
09:27:21.0175 3656	StorSvc         (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
09:27:21.0191 3656	StorSvc - ok
09:27:21.0207 3656	storvsc         (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
09:27:21.0222 3656	storvsc - ok
09:27:21.0269 3656	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
09:27:21.0269 3656	swenum - ok
09:27:21.0347 3656	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:27:21.0363 3656	swprv - ok
09:27:21.0519 3656	SysMain         (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
09:27:21.0582 3656	SysMain - ok
09:27:21.0628 3656	TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
09:27:21.0644 3656	TabletInputService - ok
09:27:21.0675 3656	TapiSrv         (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
09:27:21.0691 3656	TapiSrv - ok
09:27:21.0738 3656	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:27:21.0738 3656	TBS - ok
09:27:21.0941 3656	Tcpip           (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
09:27:22.0019 3656	Tcpip - ok
09:27:22.0050 3656	TCPIP6          (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
09:27:22.0066 3656	TCPIP6 - ok
09:27:22.0191 3656	tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
09:27:22.0191 3656	tcpipreg - ok
09:27:22.0207 3656	TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
09:27:22.0222 3656	TDPIPE - ok
09:27:22.0238 3656	TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
09:27:22.0238 3656	TDTCP - ok
09:27:22.0269 3656	tdx             (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
09:27:22.0285 3656	tdx - ok
09:27:22.0316 3656	TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
09:27:22.0316 3656	TermDD - ok
09:27:22.0410 3656	TermService     (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
09:27:22.0457 3656	TermService - ok
09:27:22.0488 3656	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:27:22.0488 3656	Themes - ok
09:27:22.0519 3656	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:27:22.0519 3656	THREADORDER - ok
09:27:22.0582 3656	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:27:22.0582 3656	TrkWks - ok
09:27:22.0660 3656	TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
09:27:22.0660 3656	TrustedInstaller - ok
09:27:22.0707 3656	tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:27:22.0707 3656	tssecsrv - ok
09:27:22.0738 3656	tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
09:27:22.0738 3656	tunnel - ok
09:27:22.0769 3656	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:27:22.0769 3656	uagp35 - ok
09:27:22.0800 3656	udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
09:27:22.0832 3656	udfs - ok
09:27:22.0878 3656	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:27:22.0878 3656	UI0Detect - ok
09:27:22.0910 3656	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
09:27:22.0925 3656	uliagpkx - ok
09:27:22.0957 3656	umbus           (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
09:27:22.0957 3656	umbus - ok
09:27:22.0988 3656	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:27:23.0003 3656	UmPass - ok
09:27:23.0066 3656	UmRdpService    (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll
09:27:23.0082 3656	UmRdpService - ok
09:27:23.0238 3656	Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
09:27:23.0238 3656	Updater Service for StartNow Toolbar - ok
09:27:23.0285 3656	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:27:23.0300 3656	upnphost - ok
09:27:23.0347 3656	USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
09:27:23.0347 3656	USBAAPL - ok
09:27:23.0394 3656	usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
09:27:23.0394 3656	usbccgp - ok
09:27:23.0441 3656	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
09:27:23.0441 3656	usbcir - ok
09:27:23.0457 3656	usbehci         (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
09:27:23.0472 3656	usbehci - ok
09:27:23.0519 3656	usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
09:27:23.0535 3656	usbhub - ok
09:27:23.0566 3656	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
09:27:23.0566 3656	usbohci - ok
09:27:23.0582 3656	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:27:23.0582 3656	usbprint - ok
09:27:23.0628 3656	USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:27:23.0628 3656	USBSTOR - ok
09:27:23.0644 3656	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
09:27:23.0644 3656	usbuhci - ok
09:27:23.0675 3656	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:27:23.0691 3656	UxSms - ok
09:27:23.0722 3656	VaultSvc        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
09:27:23.0738 3656	VaultSvc - ok
09:27:23.0769 3656	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
09:27:23.0769 3656	vdrvroot - ok
09:27:23.0832 3656	vds             (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
09:27:23.0863 3656	vds - ok
09:27:23.0910 3656	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:27:23.0910 3656	vga - ok
09:27:23.0925 3656	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:27:23.0925 3656	VgaSave - ok
09:27:23.0957 3656	vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
09:27:23.0972 3656	vhdmp - ok
09:27:24.0003 3656	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
09:27:24.0019 3656	viaagp - ok
09:27:24.0050 3656	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:27:24.0066 3656	ViaC7 - ok
09:27:24.0082 3656	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
09:27:24.0082 3656	viaide - ok
09:27:24.0160 3656	vmbus           (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
09:27:24.0191 3656	vmbus - ok
09:27:24.0207 3656	VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
09:27:24.0207 3656	VMBusHID - ok
09:27:24.0253 3656	volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
09:27:24.0253 3656	volmgr - ok
09:27:24.0300 3656	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:27:24.0316 3656	volmgrx - ok
09:27:24.0347 3656	volsnap         (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
09:27:24.0363 3656	volsnap - ok
09:27:24.0425 3656	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
09:27:24.0425 3656	vsmraid - ok
09:27:24.0550 3656	VSS             (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
09:27:24.0597 3656	VSS - ok
09:27:24.0628 3656	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
09:27:24.0628 3656	vwifibus - ok
09:27:24.0707 3656	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:27:24.0722 3656	W32Time - ok
09:27:24.0769 3656	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
09:27:24.0769 3656	WacomPen - ok
09:27:24.0785 3656	WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
09:27:24.0832 3656	WANARP - ok
09:27:24.0832 3656	Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
09:27:24.0847 3656	Wanarpv6 - ok
09:27:24.0988 3656	WatAdminSvc     (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:27:25.0066 3656	WatAdminSvc - ok
09:27:25.0363 3656	wbengine        (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
09:27:25.0425 3656	wbengine - ok
09:27:25.0457 3656	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:27:25.0472 3656	WbioSrvc - ok
09:27:25.0519 3656	wcncsvc         (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
09:27:25.0566 3656	wcncsvc - ok
09:27:25.0597 3656	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:27:25.0597 3656	WcsPlugInService - ok
09:27:25.0660 3656	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
09:27:25.0660 3656	Wd - ok
09:27:25.0707 3656	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:27:25.0722 3656	Wdf01000 - ok
09:27:25.0785 3656	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:27:25.0800 3656	WdiServiceHost - ok
09:27:25.0800 3656	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:27:25.0816 3656	WdiSystemHost - ok
09:27:25.0894 3656	WebClient       (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
09:27:25.0910 3656	WebClient - ok
09:27:25.0941 3656	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:27:25.0957 3656	Wecsvc - ok
09:27:25.0972 3656	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:27:25.0988 3656	wercplsupport - ok
09:27:26.0003 3656	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:27:26.0019 3656	WerSvc - ok
09:27:26.0035 3656	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:27:26.0050 3656	WfpLwf - ok
09:27:26.0082 3656	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:27:26.0082 3656	WIMMount - ok
09:27:26.0097 3656	WinHttpAutoProxySvc - ok
09:27:26.0191 3656	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:27:26.0191 3656	Winmgmt - ok
09:27:26.0378 3656	WinRM           (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
09:27:26.0425 3656	WinRM - ok
09:27:26.0535 3656	WinUsb          (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
09:27:26.0535 3656	WinUsb - ok
09:27:26.0660 3656	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:27:26.0722 3656	Wlansvc - ok
09:27:26.0753 3656	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:27:26.0769 3656	WmiAcpi - ok
09:27:26.0847 3656	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:27:26.0863 3656	wmiApSrv - ok
09:27:27.0082 3656	WMPNetworkSvc   (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:27:27.0144 3656	WMPNetworkSvc - ok
09:27:27.0191 3656	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:27:27.0207 3656	WPCSvc - ok
09:27:27.0238 3656	WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
09:27:27.0238 3656	WPDBusEnum - ok
09:27:27.0300 3656	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:27:27.0300 3656	ws2ifsl - ok
09:27:27.0332 3656	WSearch - ok
09:27:27.0363 3656	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
09:27:27.0363 3656	WudfPf - ok
09:27:27.0394 3656	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:27:27.0410 3656	WUDFRd - ok
09:27:27.0472 3656	wudfsvc         (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
09:27:27.0472 3656	wudfsvc - ok
09:27:27.0519 3656	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:27:27.0519 3656	WwanSvc - ok
09:27:27.0566 3656	MBR (0x1B8)     (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
09:27:27.0597 3656	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
09:27:27.0597 3656	\Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
09:27:27.0613 3656	MBR (0x1B8)     (973e9ba32fdbb305c552ed3e1ebf0686) \Device\Harddisk5\DR5
09:27:32.0253 3656	\Device\Harddisk5\DR5 - ok
09:27:32.0285 3656	Boot (0x1200)   (28642a88f5472623aeece3fa2779aa50) \Device\Harddisk0\DR0\Partition0
09:27:32.0285 3656	\Device\Harddisk0\DR0\Partition0 - ok
09:27:32.0300 3656	Boot (0x1200)   (0ac75224cbb69c088e2bc652da143f8e) \Device\Harddisk0\DR0\Partition1
09:27:32.0332 3656	\Device\Harddisk0\DR0\Partition1 - ok
09:27:32.0347 3656	Boot (0x1200)   (ce64b60d1559241ced20e8bc406fe8bd) \Device\Harddisk5\DR5\Partition0
09:27:32.0347 3656	\Device\Harddisk5\DR5\Partition0 - ok
09:27:32.0347 3656	============================================================
09:27:32.0347 3656	Scan finished
09:27:32.0347 3656	============================================================
09:27:32.0394 3648	Detected object count: 1
09:27:32.0394 3648	Actual detected object count: 1
09:27:44.0535 3648	\Device\Harddisk0\DR0\# - copied to quarantine
09:27:44.0535 3648	\Device\Harddisk0\DR0 - copied to quarantine
09:27:44.0597 3648	\Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
09:27:44.0613 3648	\Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
09:27:44.0613 3648	\Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
09:27:44.0628 3648	\Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
09:27:44.0628 3648	\Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
09:27:44.0660 3648	\Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
09:27:44.0660 3648	\Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
09:27:44.0707 3648	\Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
09:27:44.0707 3648	\Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
09:27:44.0707 3648	\Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
09:27:44.0707 3648	\Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
09:27:44.0722 3648	\Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
09:27:44.0785 3648	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
09:27:44.0785 3648	\Device\Harddisk0\DR0 - ok
09:27:44.0894 3648	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 
09:27:49.0566 3600	Deinitialize success

RogueKiller V8.0.3 [09/13/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Server 2008 R2 (6.1.7600 ) 32 bits version
Started in : Normal mode
User : Nishbell [Admin rights]
Mode : Scan -- Date : 09/13/2012 14:42:04

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 203 ¤¤¤
[TASK][SUSP PATH] At18.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At17.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At16.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At15.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At14.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At13.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At12.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At11.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At10.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At1.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At27.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At26.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At25.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At24.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At23.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At22.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At21.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At20.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At2.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At19.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At36.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At35.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At34.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At33.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At32.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At31.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At30.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At3.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At29.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At28.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At45.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At44.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At43.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At42.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At41.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At40.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At4.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At39.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At38.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At37.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At54.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At53.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At52.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At51.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At50.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At5.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At49.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At48.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At47.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At46.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At63.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At62.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At61.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At60.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At6.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At59.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At58.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At57.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At56.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At55.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At72.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At71.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At70.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At7.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At69.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At68.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At67.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At66.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At65.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At64.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At81.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At80.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At8.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At79.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At78.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At77.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At76.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At75.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At74.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At73.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At90.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At9.job : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At89.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At88.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At87.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At86.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At85.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At84.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At83.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At82.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At96.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At95.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At94.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At93.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At92.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At91.job : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At1 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At10 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At11 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At12 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At13 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At14 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At15 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At16 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At17 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At18 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At19 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At2 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At20 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At21 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At22 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At23 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At24 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At25 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At26 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At27 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At28 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At29 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At3 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At30 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At31 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At32 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At33 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At34 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At35 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At36 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At37 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At38 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At39 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At4 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At40 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At41 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At42 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At43 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At44 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At45 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At46 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At47 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At48 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At49 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At5 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At50 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At51 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At52 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At53 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At54 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At55 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At56 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At57 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At58 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At59 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At6 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At60 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At61 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At62 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At63 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At64 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At65 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At66 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At67 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At68 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At69 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At7 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At70 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At71 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At72 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At73 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At74 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At75 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At76 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At77 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At78 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At79 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At8 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At80 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At81 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At82 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At83 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At84 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At85 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At86 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At87 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At88 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At89 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At9 : C:\ProgramData\5uY0M58h.exe -> FOUND
[TASK][SUSP PATH] At90 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At91 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At92 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At93 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At94 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At95 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[TASK][SUSP PATH] At96 : C:\ProgramData\5uY0M58h.exe_ -> FOUND
[STARTUP][SUSP PATH] poqopu.exe @Default : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\poqopu.exe -> FOUND
[STARTUP][SUSP PATH] zimou.exe @Default : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zimou.exe -> FOUND
[STARTUP][SUSP PATH] poqopu.exe @Default User : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\poqopu.exe -> FOUND
[STARTUP][SUSP PATH] zimou.exe @Default User : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zimou.exe -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[Tr.Karagany][FILE] plugs : C:\Users\Nishbell\AppData\Roaming\Adobe\plugs --> FOUND
[Tr.Karagany][FILE] shed : C:\Users\Nishbell\AppData\Roaming\Adobe\shed --> FOUND
[ZeroAccess][FILE] @ : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L --> FOUND
[ZeroAccess][FILE] @ : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\@ --> FOUND
[ZeroAccess][FILE] n : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\n --> FOUND
[ZeroAccess][FOLDER] U : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC\Desktop.ini --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BB-22RDA0 ATA Device +++++
--- User ---
[MBR] c6296d158c2958a78b61998a066b6737
[BSP] b4b4166ca09c3c062b210d86ffe53f1f : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt




RogueKiller V8.0.3 [09/13/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Server 2008 R2 (6.1.7600 ) 32 bits version
Started in : Normal mode
User : Nishbell [Admin rights]
Mode : Remove -- Date : 09/13/2012 14:44:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 201 ¤¤¤
[TASK][SUSP PATH] At18.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At17.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At16.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At15.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At14.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At13.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At12.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At11.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At10.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At1.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At27.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At26.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At25.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At24.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At23.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At22.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At21.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At20.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At2.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At19.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At36.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At35.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At34.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At33.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At32.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At31.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At30.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At3.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At29.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At28.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At45.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At44.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At43.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At42.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At41.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At40.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At4.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At39.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At38.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At37.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At54.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At53.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At52.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At51.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At50.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At5.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At49.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At48.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At47.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At46.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At63.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At62.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At61.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At60.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At6.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At59.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At58.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At57.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At56.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At55.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At72.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At71.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At70.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At7.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At69.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At68.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At67.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At66.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At65.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At64.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At81.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At80.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At8.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At79.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At78.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At77.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At76.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At75.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At74.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At73.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At90.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At9.job : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At89.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At88.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At87.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At86.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At85.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At84.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At83.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At82.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At96.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At95.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At94.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At93.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At92.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At91.job : C:\ProgramData\5uY0M58h.exe_ -> DELETED
[TASK][SUSP PATH] At1 : C:\ProgramData\5uY0M58h.exe -> DELETED
[TASK][SUSP PATH] At10 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At11 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At12 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At13 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At14 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At15 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At16 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At17 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At18 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At19 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At2 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At20 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At21 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At22 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At23 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At24 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At25 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At26 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At27 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At28 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At29 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At3 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At30 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At31 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At32 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At33 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At34 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At35 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At36 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At37 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At38 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At39 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At4 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At40 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At41 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At42 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At43 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At44 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At45 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At46 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At47 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At48 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At49 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At5 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At50 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At51 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At52 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At53 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At54 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At55 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At56 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At57 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At58 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At59 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At6 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At60 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At61 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At62 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At63 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At64 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At65 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At66 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At67 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At68 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At69 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At7 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At70 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At71 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At72 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At73 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At74 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At75 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At76 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At77 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At78 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At79 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At8 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At80 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At81 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At82 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At83 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At84 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At85 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At86 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At87 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At88 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At89 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At9 : C:\ProgramData\5uY0M58h.exe -> ERROR
[TASK][SUSP PATH] At90 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At91 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At92 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At93 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At94 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At95 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[TASK][SUSP PATH] At96 : C:\ProgramData\5uY0M58h.exe_ -> ERROR
[STARTUP][SUSP PATH] poqopu.exe @Default : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\poqopu.exe -> DELETED
[STARTUP][SUSP PATH] zimou.exe @Default : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zimou.exe -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[Tr.Karagany][FOLDER] ROOT : C:\Users\Nishbell\AppData\Roaming\Adobe\plugs --> REMOVED
[Tr.Karagany][FOLDER] ROOT : C:\Users\Nishbell\AppData\Roaming\Adobe\shed --> REMOVED
[ZeroAccess][FILE] @ : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\@ --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\U\80000032.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L\00000004.@ --> REMOVED
[Del.Parent][FILE] 1afb2d56 : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L\1afb2d56 --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L\201d3dde --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L --> REMOVED
[ZeroAccess][FILE] @ : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\@ --> REMOVED
[ZeroAccess][FILE] n : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\n --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\system32\config\systemprofile\Local Settings\Application Data\{316668c1-5ffc-de02-789f-e83d6d33cc28}\L --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC\Desktop.ini --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BB-22RDA0 ATA Device +++++
--- User ---
[MBR] c6296d158c2958a78b61998a066b6737
[BSP] b4b4166ca09c3c062b210d86ffe53f1f : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt





Farbar Service Scanner Version: 06-08-2012
Ran by Nishbell (administrator) on 17-09-2012 at 19:01:21
Running from "C:\Users\Nishbell\Downloads"
Microsoft Windows 7 Professional   (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 11:47] - [2011-09-29 11:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 22:24] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll
[2011-02-09 21:09] - [2010-12-21 01:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 20:15] - [2009-07-13 21:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox by Farbar  Version: 23-07-2012
Ran by Nishbell (administrator) on 17-09-2012 at 19:02:45
Microsoft Windows 7 Professional   (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1	localhost
127.0.0.1	localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Nishbell-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
   Physical Address. . . . . . . . . : 00-16-76-C0-91-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d05d:17c3:7082:4da9%15(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.77.169(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 301995638
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4F-71-71-00-16-76-C0-91-11
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{9F37C8A6-F7E3-45EE-9CCD-37A3C7624D49}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fec0:0:0:ffff::1

Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1

Ping request could not find host yahoo.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging  with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for ‡_&P_˜˜˜„o:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 16 76 c0 91 11 ......Realtek RTL8139/810x Family Fast Ethernet NIC
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.77.169    276
   169.254.77.169  255.255.255.255         On-link    169.254.77.169    276
  169.254.255.255  255.255.255.255         On-link    169.254.77.169    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    169.254.77.169    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    169.254.77.169    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 15    276 fe80::/64                On-link
 15    276 fe80::d05d:17c3:7082:4da9/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/14/2012 01:49:13 PM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (09/14/2012 01:48:06 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription

Error: (09/14/2012 11:33:50 AM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (09/14/2012 11:16:10 AM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (09/14/2012 11:14:22 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription

Error: (09/14/2012 10:48:00 AM) (Source: Schedule) (User: )
Description: Schedule error: 10044Initialize call failed, bailing out

Error: (09/13/2012 05:03:36 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription

Error: (09/13/2012 04:51:36 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription

Error: (09/13/2012 03:34:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (09/13/2012 03:34:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593


System errors:
=============
Error: (09/17/2012 06:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 05:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 04:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 03:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 02:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 01:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 00:19:15 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 11:19:15 AM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 10:19:15 AM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5

Error: (09/17/2012 09:19:15 AM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error: 
%%5


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.0.4.13090)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 10 Plugin (Version: 10.3.183.23)
Adobe Reader 9.4.5 (Version: 9.4.5)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.0.69)
Apple Software Update (Version: 2.1.2.120)
ArcSoft Panorama Maker 4
Bonjour (Version: 2.0.4.0)
Desktop Maestro 3.1 (Version: 3.1)
FA Go Fish
iTunes (Version: 10.1.0.56)
Java Auto Updater (Version: 2.0.2.1)
Java(TM) 6 Update 20 (Version: 6.0.200)
LeapFrog Connect (Version: 2.9.1.11093)
LeapFrog Leapster Explorer Plugin (Version: 2.8.7.11034)
LeapFrog Leapster2 Plugin (Version: 2.8.7.11034)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox (3.6.16) (Version: 3.6.16 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nikon Message Center (Version: 0.92.000)
Nikon Transfer (Version: 1.1.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
QuickTime (Version: 7.68.75.0)
StartNow Toolbar (Version: 2.3.0)
SUPERAntiSpyware (Version: 5.5.1016)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)

========================= Devices: ================================

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


========================= Memory info: ===================================

Percentage of memory in use: 72%
Total physical RAM: 445.13 MB
Available physical RAM: 121.25 MB
Total Pagefile: 1469.13 MB
Available Pagefile: 997.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.95 GB) (Free:106.22 GB) NTFS
3 Drive e: () (Removable) (Total:3.81 GB) (Free:3.78 GB) FAT32

========================= Users: ========================================

User accounts for \\NISHBELL-PC

Administrator            Guest                    Nishbell                 

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

I also tried copying the registry keys from a working Win 7 Enterprise edition for the following keys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
DHCP
TCPIP
Winsock
Winsock2
I copied the keys and updated the permissions. Rebooted and the machined BSOD with an error code or IRQL_Not_EQUAL 0x0a. Had to reboot to Last know good cofig to get it to start back up again.

I havent run fss since that firewall fix so it probably will have some different results

Not sure what else info is needed.

** I do realize that I could do a wipe and reinstall or maybe an in place repair but I am a stubborn person and would like to fix this if possible. If this is taking too much time, then I guess I will use that option :(


I am in front of the PC everyday in the morning EST and should be quick with responses

Edited by Iceyburnz, 18 September 2012 - 10:58 PM.


BC AdBot (Login to Remove)

 


#2 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 18 September 2012 - 06:47 PM

I have a Norton Power Eraser XML and I know it removed something but not sure how to post it.

This was posted in error. This can be deleted.

Edited by Iceyburnz, 18 September 2012 - 07:05 PM.


#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 22 September 2012 - 09:49 AM

Greetings Iceyburnz and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. If you prefer I call you something other than your screen name I would be pleased to do so. :thumbup2:


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. There is quite a bit of information to review and digest so please allow me some time to review all that you have done and posted. I will post back as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 22 September 2012 - 11:10 AM

Hi Gary. Thanks for taking the case. I will be in front of the PC on Monday morning and will be able to post any logs/info requested. I hope that we are able to solve this as I found more people with similar issues on Google. Hopefully this thread will be able to help someone

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 23 September 2012 - 05:27 PM

Greetings Iceyburnz,

Fist of all, would you permit me to address you by your real name rather than your screen name? If you prefer not, just ignore the request.

I would like to gather some current information. Please do this for me. I will assume for now you will be downloading all programs from a clean computer so I will not be adjusting all of my instructions to include that.


===================================================


OTL

--------------------

Please download OTL here.

  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Copy and paste the two reports in your next reply.

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

===================================================


Create a GMER log

--------------------

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror This version will download a randomly named file (Recommended)
  • Zipped Mirror This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe. Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Please uncheck the following settings that we do not want in our scan.
    • IAT/EAT
    • Drives/Partition other than Systemdrive, which is typically C:\
    • Show All (This is important, so do not miss it.)
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
If you encounter any problems, try running GMER in safe mode. -- If GMER crashes or keeps resulting in a BSODs (Blue Screen of Death), uncheck Devices on the right side before scanning.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • OTL.txt
  • Extra.txt
  • GMER log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 24 September 2012 - 11:52 AM

Sorry for the delay


Received an error when running OTL: There is no disk in the drive. Please insert a disk into drive \Device\Harddisk4\DR4. I kept clicking Try Again until it stopped popping up (I did have a USB drive in so it may have been referring to that. Not really sure)


OTL::
OTL logfile created on: 9/24/2012 9:30:31 AM - Run 1
OTL by OldTimer - Version 3.2.66.2 Folder = C:\Users\Nishbell\Desktop
Microsoft Hyper-V Server (Version = 6.1.7600) - Type = NTServer
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

445.13 Mb Total Physical Memory | 86.37 Mb Available Physical Memory | 19.40% Memory free
1.43 Gb Paging File | 1.07 Gb Available in Paging File | 74.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 105.85 Gb Free Space | 71.07% Space Free | Partition Type: NTFS
Drive E: | 3.81 Gb Total Space | 3.77 Gb Free Space | 99.12% Space Free | Partition Type: FAT32

Computer Name: NISHBELL-PC | User Name: Nishbell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/24 09:28:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nishbell\Desktop\OTL.exe
PRC - [2012/07/11 14:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/11/11 11:21:38 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2012/07/11 14:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/10/19 13:35:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/11/11 11:21:38 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B2 10 7B 0C EB F0 0E 4C B8 D5 4D FF 85 E3 21 FF [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B2 10 7B 0C EB F0 0E 4C B8 D5 4D FF 85 E3 21 FF [binary data]
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 82 8F 4E A5 6F CB 01 [binary data]
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?ilc=1
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B2 10 7B 0C EB F0 0E 4C B8 D5 4D FF 85 E3 21 FF [binary data]
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\..\SearchScopes\{FBD9499A-91EC-C593-1D50-7512683B52A6}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z137&form=ZGAIDF&install_date=20111109&iesrc={referrer:source}
IE - HKU\S-1-5-21-1825892141-230601967-3811229344-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=Z137&install_date=20111109"
FF - prefs.js..extensions.enabledItems: {fb5aa13f-7ec7-444f-b10c-fd503b81b777}:1.0
FF - prefs.js..extensions.enabledItems: {2767f8e8-7489-4501-9d6b-f9d9a7341c6c}:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z137&form=ZGAADF&install_date=20111109&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/18 20:25:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/13 12:05:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9CFFC7AD-C70A-11E1-8270-B8AC6F996F26}: C:\Users\Nishbell\AppData\Local\{9CFFC7AD-C70A-11E1-8270-B8AC6F996F26}\ [2012/07/05 21:33:51 | 000,000,000 | ---D | M]

[2011/03/09 16:32:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Extensions
[2012/09/13 11:06:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Firefox\Profiles\ogfc2ata.default\extensions
[2011/11/09 00:52:22 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Firefox\Profiles\ogfc2ata.default\extensions\{2767f8e8-7489-4501-9d6b-f9d9a7341c6c}
[2012/09/13 11:06:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Firefox\Profiles\ogfc2ata.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/11/06 16:48:25 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Firefox\Profiles\ogfc2ata.default\extensions\{fb5aa13f-7ec7-444f-b10c-fd503b81b777}
[2011/11/08 23:31:22 | 000,001,945 | ---- | M] () -- C:\Users\Nishbell\AppData\Roaming\Mozilla\Firefox\Profiles\ogfc2ata.default\searchplugins\bing-zugo.xml
[2011/03/09 16:32:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\NISHBELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OGFC2ATA.DEFAULT\EXTENSIONS\{}

O1 HOSTS File: ([2012/09/13 14:45:12 | 000,000,841 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/09/13 14:05:16 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{d3a9c705-2b2c-11e1-91c2-85cfae1fba5f}\Shell - "" = AutoRun
O33 - MountPoints2\{d3a9c705-2b2c-11e1-91c2-85cfae1fba5f}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/24 09:30:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nishbell\Desktop\OTL.exe
[2012/09/17 18:51:42 | 000,000,000 | ---D | C] -- C:\RegBackup
[2012/09/14 10:59:54 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/09/14 10:46:14 | 000,000,000 | ---D | C] -- C:\Users\Nishbell\AppData\Local\ElevatedDiagnostics
[2012/09/13 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\Nishbell\Desktop\RK_Quarantine
[2012/09/13 14:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/09/13 12:51:41 | 000,000,000 | ---D | C] -- C:\Users\Nishbell\AppData\Local\NPE
[2012/09/13 12:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/09/13 11:39:36 | 000,000,000 | ---D | C] -- C:\Users\Nishbell\AppData\Roaming\SUPERAntiSpyware.com
[2012/09/13 11:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/09/13 11:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/09/13 11:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/09/13 11:23:12 | 000,404,680 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/13 10:12:14 | 000,000,000 | ---D | C] -- C:\Users\Nishbell\AppData\Roaming\Malwarebytes
[2012/09/13 10:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/13 10:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/13 10:12:02 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/13 10:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/13 09:27:43 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/09/01 21:33:19 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Nishbell\taskmgr.exe

========== Files - Modified Within 30 Days ==========

[2012/09/24 09:28:56 | 000,302,592 | ---- | M] () -- C:\Users\Nishbell\Desktop\dhni9u10.exe
[2012/09/24 09:28:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nishbell\Desktop\OTL.exe
[2012/09/24 09:28:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/24 09:28:31 | 350,064,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/19 11:18:50 | 000,022,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/19 11:18:50 | 000,022,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 19:03:19 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/17 19:03:19 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/17 18:55:05 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-NISHBELL-PC-Microsoft-Windows-7-Professional-(32-bit).dat
[2012/09/13 14:45:12 | 000,000,841 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/13 11:39:17 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/13 11:23:12 | 000,404,680 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/13 11:19:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/09/13 11:19:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/09/13 10:14:33 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/13 09:08:54 | 102,870,538 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/09/24 09:30:00 | 000,302,592 | ---- | C] () -- C:\Users\Nishbell\Desktop\dhni9u10.exe
[2012/09/17 18:55:05 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-NISHBELL-PC-Microsoft-Windows-7-Professional-(32-bit).dat
[2012/09/13 11:39:17 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/13 11:19:35 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/09/13 11:19:35 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/09/13 10:12:05 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/13 12:54:47 | 001,036,288 | ---- | C] () -- C:\Users\Nishbell\s-1-5-21-1825892141-230601967-3811229344-1001.rrr
[2012/01/07 12:26:47 | 000,012,740 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi
[2012/01/07 12:26:47 | 000,012,740 | -HS- | C] () -- C:\ProgramData\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi
[2012/01/06 09:36:49 | 000,011,226 | -HS- | C] () -- C:\ProgramData\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp
[2012/01/06 09:36:48 | 000,011,226 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp
[2011/12/18 17:54:20 | 000,010,872 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\o0tb06u5kp8abd
[2011/12/18 17:54:20 | 000,010,872 | -HS- | C] () -- C:\ProgramData\o0tb06u5kp8abd
[2011/12/04 20:23:27 | 000,013,166 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\f0nn45b7dn1hjs
[2011/12/04 20:23:27 | 000,013,166 | -HS- | C] () -- C:\ProgramData\f0nn45b7dn1hjs
[2011/09/29 03:03:49 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/01/27 17:11:10 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Flags
[2011/01/27 17:11:10 | 000,000,268 | RH-- | C] () -- C:\Users\Nishbell\AppData\Roaming\File Templates
[2011/01/27 17:11:10 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/10/19 11:40:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2012/09/08 19:03:10 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\t.cxt.ms\lso.swf\u.sol
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 10:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB24936$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0D786AE3

< End of report >








::GMER::
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-09-24 12:48:43
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-8 WDC_WD1600BB-22RDA0 rev.20.00K20
Running: dhni9u10.exe; Driver: C:\Users\Nishbell\AppData\Local\Temp\kwliikow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 8307B5D9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830A0092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8CC2C000, 0x205494, 0xE8000020]
.text peauth.sys 90414C9D 28 Bytes [D5, B0, 65, D4, E8, C5, 2F, ...]
.text peauth.sys 90414CC1 28 Bytes [D5, B0, 65, D4, E8, C5, 2F, ...]

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000040 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids@L\aG\x2030

---- Files - GMER 1.0.15 ----

File C:\Windows\$NtUninstallKB24936$\3549192467 0 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024 0 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\@ 2048 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\bckfg.tmp 852 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\cfg.ini 198 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\Desktop.ini 4608 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\keywords 0 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\kwrd.dll 223744 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\L 0 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\L\xadqgnnk 83456 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U 0 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\00000001.@ 2048 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\00000002.@ 224768 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\00000004.@ 1024 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\80000000.@ 1024 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\80000004.@ 12800 bytes
File C:\Windows\$NtUninstallKB24936$\4198538024\U\80000032.@ 98304 bytes

---- EOF - GMER 1.0.15 ----






::extras::
OTL Extras logfile created on: 9/24/2012 9:30:31 AM - Run 1
OTL by OldTimer - Version 3.2.66.2 Folder = C:\Users\Nishbell\Desktop
Microsoft Hyper-V Server (Version = 6.1.7600) - Type = NTServer
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

445.13 Mb Total Physical Memory | 86.37 Mb Available Physical Memory | 19.40% Memory free
1.43 Gb Paging File | 1.07 Gb Available in Paging File | 74.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 105.85 Gb Free Space | 71.07% Space Free | Partition Type: NTFS
Drive E: | 3.81 Gb Total Space | 3.77 Gb Free Space | 99.12% Space Free | Partition Type: FAT32

Computer Name: NISHBELL-PC | User Name: Nishbell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1825892141-230601967-3811229344-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BCB9F67-6225-4844-AD5F-E2DE86934464}" = LeapFrog Leapster Explorer Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E703EE04-8A31-470B-BA16-24D890589917}" = LeapFrog Leapster2 Plugin
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Desktop Maestro_is1" = Desktop Maestro 3.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FA Go Fish" = FA Go Fish
"Leapster2Plugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"StartNow Toolbar" = StartNow Toolbar
"UPCShell" = LeapFrog Connect

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/18/2012 10:59:13 AM | Computer Name = Nishbell-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/18/2012 11:00:16 AM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/18/2012 11:15:20 AM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/18/2012 11:18:51 AM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/18/2012 1:45:19 PM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/18/2012 3:06:34 PM | Computer Name = Nishbell-PC | Source = MsiInstaller | ID = 10005
Description =

Error - 9/18/2012 3:36:10 PM | Computer Name = Nishbell-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/18/2012 5:57:06 PM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/18/2012 7:18:47 PM | Computer Name = Nishbell-PC | Source = Schedule | ID = 0
Description =

Error - 9/24/2012 9:28:40 AM | Computer Name = NISHBELL-PC | Source = Schedule | ID = 0
Description =

[ System Events ]
Error - 11/4/2011 8:51:55 AM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 12:00:59 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 3:57:13 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 7:04:14 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 8:34:49 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 9:34:48 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/4/2011 10:34:48 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/5/2011 10:59:39 AM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 11/5/2011 11:01:20 AM | Computer Name = Nishbell-PC | Source = DCOM | ID = 10001
Description =

Error - 11/5/2011 1:09:41 PM | Computer Name = Nishbell-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5


< End of report >

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 24 September 2012 - 03:08 PM

Greetings Iceyburnz,

The computer is still infected. It is more than just an internet connection issue so we need to deal with the infection before we can address the internet.

Can't run Combofix

Can you please provide more detail about this. Does it not run at all, does it hang at a certain point?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 24 September 2012 - 03:43 PM

Oh btw you can call me Mike or Icey

When I try to run Combofix it says:

This operating system is not supported! Combofix is not meant for servers


If you check out the first Rkill log, it says : Windows Version: Windows Server 2008 R2
TDSS at the top shows: Product type: Server
RogueKiller at the top shows: Operating System: Windows Server 2008 R2 (6.1.7600 ) 32 bits version
FSS shows Microsoft Windows 7 Professional

When I go to Computer > System Properties, it shows Windows 7 Professional.

Edited by Iceyburnz, 24 September 2012 - 04:07 PM.


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 24 September 2012 - 04:58 PM

Greetings Mike,

Thank you for allowing me the time to review the information. See here regarding the reporting of Windows Version: Windows Server 2008 R2 which is the server variant of business level Windows 7 operating systems. Bottom line this dual reporting is of no concern. However, Combofix will not run on Server 2008.

I would like to accomplish a couple things in this post. We need to reset the .exe assoication in the registry. The program below should do that for us. We will also delete several malicious entries via an OTL script. But before we start I must advise you of the following:


===================================================


BACKDOOR WARNING!

--------------------

One or more of the identified infections is a Backdoor Trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Please let me know if you have already noticed evedences of financial institution irregularities.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.


===================================================


exeHelper by Raktor

--------------------

  • Please download exeHelper from Raktor to your desktop.
  • Double-click on exeHelper.com to run the fix. Note: Windows Vista/7 users right click and select Run as Administrator
  • A black window should pop up, press any key to close once the fix is completed.
  • A log file named log.txt will be created in the directory where you ran exeHelper.com
  • Attach the log.txt file to your next message.
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


===================================================


Run OTL Fix

--------------------

  • Double click on the Posted Image icon on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    SRV - File not found [Auto | Stopped] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    [2012/01/07 12:26:47 | 000,012,740 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi
    [2012/01/07 12:26:47 | 000,012,740 | -HS- | C] () -- C:\ProgramData\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi
    [2012/01/06 09:36:49 | 000,011,226 | -HS- | C] () -- C:\ProgramData\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp
    [2012/01/06 09:36:48 | 000,011,226 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp
    [2011/12/18 17:54:20 | 000,010,872 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\o0tb06u5kp8abd
    [2011/12/18 17:54:20 | 000,010,872 | -HS- | C] () -- C:\ProgramData\o0tb06u5kp8abd
    [2011/12/04 20:23:27 | 000,013,166 | -HS- | C] () -- C:\Users\Nishbell\AppData\Local\f0nn45b7dn1hjs
    [2011/12/04 20:23:27 | 000,013,166 | -HS- | C] () -- C:\ProgramData\f0nn45b7dn1hjs
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0D786AE3
    :Files
    C:\Windows\$NtUninstallKB24936$
    C:\Windows\assembly\Desktop.ini
    :Reg
    [-HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Did exehelper run successfully?
  • OTL.txt
  • Any changes in your computer?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 24 September 2012 - 05:24 PM

When i rebooted, I got the following popup: The recycle Bin on C:\ is corrupted. Do you want to empty the Recycle bin for this drive. I left it on the screen. Havent clicked anything

1. Exehelper ran successfully (I tried to right click and run as admin but the option wasnt there. When i right click other exe's, I see the option. exehelper log below

2. OTL ran and rebooted the computer and it popped up with a logfile that wasnt called OTL. It had a format of date_time. Including that below. Also made a pastebin since it was very long: http://pastebin.com/nVPRn6SM

3. Computer still has a 169.254 address and no network access

exeHelper by Raktor
Build 20100414
Run at 18:07:11 on 09/24/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--


========== OTL ==========
Service Updater Service for StartNow Toolbar stopped successfully!
Service Updater Service for StartNow Toolbar deleted successfully!
File C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Nishbell\AppData\Local\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi moved successfully.
C:\ProgramData\bp5542jv4qyy07c44f106da8h3r5skolj020voyh6t85pi moved successfully.
C:\ProgramData\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp moved successfully.
C:\Users\Nishbell\AppData\Local\mr1520oc8rid55h86s636ql4g5o1xusso204islm3y44sp moved successfully.
C:\Users\Nishbell\AppData\Local\o0tb06u5kp8abd moved successfully.
C:\ProgramData\o0tb06u5kp8abd moved successfully.
C:\Users\Nishbell\AppData\Local\f0nn45b7dn1hjs moved successfully.
C:\ProgramData\f0nn45b7dn1hjs moved successfully.
ADS C:\ProgramData\TEMP:0D786AE3 deleted successfully.
========== FILES ==========
Folder move failed. C:\Windows\$NtUninstallKB24936$\TxR scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\Videos folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Templates folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Start Menu folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\SendTo folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Searches folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Saved Games folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Recent folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\PrintHood folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Pictures\Slide Shows folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Pictures folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\NetHood folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\My Documents folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Music\Playlists folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Music folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Local Settings folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Links folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Favorites folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Downloads folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Documents\My Videos folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Documents\My Pictures folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Documents\My Music folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Documents folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Desktop folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Cookies folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Contacts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\Application Data folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Templates folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Recent folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Libraries folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\IECompatCache\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\IECompatCache folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Speech\Files\UserLexicons folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Speech\Files folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Speech folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Office folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\UX2T2SPB folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\S2KM7DJQ folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\ROD74ILL folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\ONLBP1NE folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#yumyumarcade.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www8.agame.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.womenshealthbase.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.videodetective.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.thenightlifecityguide.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.springboardplatform.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.smacchat.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.slizium.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.realmilitaryvideos.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.puppycuteness.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.mevio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.hyundaiusa.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.herdaily.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.gorillaleak.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.gamesville.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.flashgamenation.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.education.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.directorslive.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.dailymotion.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.daily-spots.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.cyclegarb.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.collegehumor.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.clicksor.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.clicksor.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.blogtalkradio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.blinkx.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.bedroomfurniture.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.babble.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wpc.3a27.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wac.7881.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wac.1e41.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#vplayer.swagbucks.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#vox-static.liverail.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#videos.nightlifetelevision.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#videos.hollywoodhighlights.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.foxnews.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#vdassets.bitgravity.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#v1.perpetualexplorer.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ui.mevio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#track.webgains.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.ybrant.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.fameup.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.dramatichealth.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.digitalthirdcoast.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.blutonicmedia.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.audiencetv.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.alphabird.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tag.2bluemedia.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#t.cxt.ms folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static3.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static2.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static1.dmcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.scanscout.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.innovid.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.eplayer.performgroup.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static-cf-1.hgcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#software.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#show.frugalicious.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#sftrack.searchforce.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#secure.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#secure-us.imrworldwide.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#seal.buysafe.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s0.2mdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.wsj.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.mcstatic.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#rodrigopolo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#realvu.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pub.widgetbox.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.yowgo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.ooyala.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.onescreen.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.mypodstudios.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.moviescoop.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.longtailvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.indymusic.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#platform.cinchcast.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pdl.warnerbros.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#objects.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#msnbcmedia.msn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mochibot.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mediabrix.hs.llnwd.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media4.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media3.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.scanscout.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.oprah.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.mtvnservices.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.heavy.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#lookup.bluecava.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#lfiles.5min.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#knowlera.vo.llnwd.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#kittyflix.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#is1.j.tv2n.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#imagecache.blastro.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#image.com.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hwcdn.veevr.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hnbcvplayer.healthination.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hiro.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#healthencore2.healththeater.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#gorillaleak.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#go.realvu.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#g-cdn.freestreams.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#flash.quantserve.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fiveforex.in folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#filmtrailers.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#files.provenpixel.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#extras.ooyala.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#external.kongregate-games.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#eplayer-static.clipsyndicate.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#elitetv.elitedaily.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#edgecdn.cinesport.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ec.atdmt.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ds.serving-sys.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#doug1izaerwt3.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#directorslive.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#digitsshow.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#daily-spots.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#d2ciznq2rtdp7k.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#d1cyvnjc1olxmw.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#d.yimg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crazyfootballvideos.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.videoegg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.saymedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.insightexpressai.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#content.yieldmanager.edgesuite.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#click.searchnation.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cfiles.5min.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdnbakmi.kaltura.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn3.telemetryverification.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn2.baronsmedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.widgetserver.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.visiblemeasures.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.springboard.gorillanation.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.spotxchange.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.playwire.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.oggifinogi.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.nueview.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.net-mine.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.innovid.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.gourmandia.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.gourmandia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.gigya.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.chictrends.co.uk folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.blinkx.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.alphabird.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.alfynetwork.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.adexcite.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn-hiro.s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cache.vindicosuite.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cache.btrll.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bourne.coronado.netdna-cdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#besttechnologytips.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#aws-cdn.hottopicmedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#as1.suitesmart.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#art.aim4media.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#arcadeciti.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#appassets.kickstatic.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ads.static.blip.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#admin.brightcove.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ad.insightexpressai.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#a.vimeocdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#1.static.collegehumor.cvcdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#0.static.collegehumor.cvcdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\yumyumarcade.com\intergi\wplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\yumyumarcade.com\intergi folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\yumyumarcade.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www8.agame.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.womenshealthbase.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.viewster.com\flowplayer\flowplayer.commercial-3.2.7-3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.viewster.com\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.videodetective.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.thenightlifecityguide.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.springboardplatform.com\mediaplayer\springboard\mediaplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.springboardplatform.com\mediaplayer\springboard folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.springboardplatform.com\mediaplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.springboardplatform.com\##44306D7733D24FC1 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.springboardplatform.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.smacchat.com\media\flowplayer\flash\flowplayer-3.1.5.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.smacchat.com\media\flowplayer\flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.smacchat.com\media\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.smacchat.com\media folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.smacchat.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content\plugins\ozus-media-max\player\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content\plugins\ozus-media-max\player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content\plugins\ozus-media-max folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content\plugins folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com\wp-content folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.slizium.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.reuters.com folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.

:::::continued in next post. Was too long for one post::::

Edited by Iceyburnz, 24 September 2012 - 05:35 PM.


#11 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 24 September 2012 - 05:29 PM

C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.mevio.com\widgets\mwm\MevioBPFX.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.mevio.com\widgets\mwm folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.mevio.com\widgets folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.mevio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.hyundaiusa.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.herdaily.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all\modules\swftools\shared\flowplayer3\flowplayer.commercial-3.2.10.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all\modules\swftools\shared\flowplayer3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all\modules\swftools\shared folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all\modules\swftools folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all\modules folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites\all folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com\sites folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gorillaleak.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gamesville.com\html_guestplay\Magic21Multiplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gamesville.com\html_guestplay folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.gamesville.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.flashgamenation.com\wp-content\games\lonely-penguin.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.flashgamenation.com\wp-content\games folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.flashgamenation.com\wp-content folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.flashgamenation.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.education.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all\modules\swftools\shared\flowplayer3\flowplayer.commercial-3.2.10.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all\modules\swftools\shared\flowplayer3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all\modules\swftools\shared folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all\modules\swftools folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all\modules folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites\all folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\sites folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.dailymotion.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.daily-spots.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.cyclegarb.com\swfstore.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.cyclegarb.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.collegehumor.com\moogaloop\moogaloop.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.collegehumor.com\moogaloop folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.collegehumor.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.clicksor.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.clicksor.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.blogtalkradio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.blinkx.com\f2\player.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.blinkx.com\f2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.blinkx.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.bedroomfurniture.com\cookie.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.bedroomfurniture.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.babble.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wpc.3a27.edgecastcdn.net\003A27\player\flowplayer.commercial-3.2.5.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wpc.3a27.edgecastcdn.net\003A27\player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wpc.3a27.edgecastcdn.net\003A27 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wpc.3a27.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wac.7881.edgecastcdn.net\007881\flowplayer\flowplayer-3.2.5.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wac.7881.edgecastcdn.net\007881\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wac.7881.edgecastcdn.net\007881 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wac.7881.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\wac.1e41.edgecastcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vplayer.swagbucks.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vox-static.liverail.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\[[IMPORT]]\lp.longtailvideo.com\5\yume\yume-h.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\[[IMPORT]]\lp.longtailvideo.com\5\yume folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\[[IMPORT]]\lp.longtailvideo.com\5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\[[IMPORT]]\lp.longtailvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com\##B4B79A0AA358A724 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.nightlifetelevision.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net\[[IMPORT]]\lp.longtailvideo.com\5\yume\yume-h.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net\[[IMPORT]]\lp.longtailvideo.com\5\yume folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net\[[IMPORT]]\lp.longtailvideo.com\5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net\[[IMPORT]]\lp.longtailvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\videos.hollywoodhighlights.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\[[IMPORT]]\79423.analytics.edgesuite.net\csma\plugin\csma.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\[[IMPORT]]\79423.analytics.edgesuite.net\csma\plugin folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\[[IMPORT]]\79423.analytics.edgesuite.net\csma folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\[[IMPORT]]\79423.analytics.edgesuite.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\assets\akamai\FoxNewsPlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\assets\akamai folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com\assets folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\video.foxnews.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vdassets.bitgravity.com\plugins\flowplayer\3.2.11\flowplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vdassets.bitgravity.com\plugins\flowplayer\3.2.11 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vdassets.bitgravity.com\plugins\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vdassets.bitgravity.com\plugins folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\vdassets.bitgravity.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\v1.perpetualexplorer.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ui.mevio.com\widgets\mwm\MevioBPFX.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ui.mevio.com\widgets\mwm folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ui.mevio.com\widgets folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ui.mevio.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\track.webgains.com\wg.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\track.webgains.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.ybrant.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.fameup.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.dramatichealth.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.digitalthirdcoast.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.blutonicmedia.hiro.tv\iframes\scripts\flow\flowplayer.commercial-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.blutonicmedia.hiro.tv\iframes\scripts\flow folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.blutonicmedia.hiro.tv\iframes\scripts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.blutonicmedia.hiro.tv\iframes folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.blutonicmedia.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.audiencetv.hiro.tv\iframes\scripts\flow\flowplayer.commercial-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.audiencetv.hiro.tv\iframes\scripts\flow folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.audiencetv.hiro.tv\iframes\scripts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.audiencetv.hiro.tv\iframes folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.audiencetv.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.alphabird.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.2bluemedia.hiro.tv\iframes\scripts\flow\flowplayer.commercial-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.2bluemedia.hiro.tv\iframes\scripts\flow folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.2bluemedia.hiro.tv\iframes\scripts folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.2bluemedia.hiro.tv\iframes folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\tag.2bluemedia.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\t.cxt.ms\lso.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\t.cxt.ms folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static3.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static2.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static1.dmcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.scanscout.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.innovid.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.eplayer.performgroup.com\ptvFlash\eplayer2\Eplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.eplayer.performgroup.com\ptvFlash\eplayer2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.eplayer.performgroup.com\ptvFlash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static.eplayer.performgroup.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\static-cf-1.hgcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\Dramatichealth\CookieSetter folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\Dramatichealth folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\blutonicmedia\CookieSetter folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\blutonicmedia folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\AudienceTV\CookieSetter folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\AudienceTV folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\Alphabird\CookieSetter folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients\Alphabird folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv\Clients folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\software.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\show.frugalicious.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\sftrack.searchforce.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\secure.onsugar.com\static\flash-cookies\storage.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\secure.onsugar.com\static\flash-cookies folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\secure.onsugar.com\static folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\secure.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\secure-us.imrworldwide.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\seal.buysafe.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s3.amazonaws.com\FPN1\videos\swf\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s3.amazonaws.com\FPN1\videos\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s3.amazonaws.com\FPN1\videos folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s3.amazonaws.com\FPN1 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s0.2mdn.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.ytimg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.wsj.net\media\swf\main.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.wsj.net\media\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.wsj.net\media folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.wsj.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\s.mcstatic.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\rodrigopolo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\realvu.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pub.widgetbox.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.yowgo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.viewster.com\landing-video\flowplayer\flowplayer.commercial-3.2.7-3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.viewster.com\landing-video\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.viewster.com\landing-video folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.ooyala.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.8\s\MediaPlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.8\s folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.8 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.6\s\MediaPlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.6\s folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net\1.6 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.onescreen.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.mypodstudios.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.moviescoop.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.longtailvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\player.indymusic.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\platform.cinchcast.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pdl.warnerbros.com\cwtv\digital-smiths\production_player\vsplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pdl.warnerbros.com\cwtv\digital-smiths\production_player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pdl.warnerbros.com\cwtv\digital-smiths folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pdl.warnerbros.com\cwtv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\pdl.warnerbros.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\objects.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\msnbcmedia.msn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mochibot.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mediabrix.hs.llnwd.net\o38\v1_4\swfstore.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mediabrix.hs.llnwd.net\o38\v1_4 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mediabrix.hs.llnwd.net\o38 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\mediabrix.hs.llnwd.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media4.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media3.onsugar.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.scanscout.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.oprah.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.mtvnservices.com\player\prime\mediaplayerprime.2.2.6.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.mtvnservices.com\player\prime\mediaplayerprime.1.12.1.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.mtvnservices.com\player\prime folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.mtvnservices.com\player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.mtvnservices.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\media.heavy.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\lookup.bluecava.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\lfiles.5min.com\FlexPlayers\SmartPlayer_176.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\lfiles.5min.com\FlexPlayers folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\lfiles.5min.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\knowlera.vo.llnwd.net\o18\data\play\KPShare.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\knowlera.vo.llnwd.net\o18\data\play folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\knowlera.vo.llnwd.net\o18\data folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\knowlera.vo.llnwd.net\o18 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\knowlera.vo.llnwd.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\kittyflix.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\is1.j.tv2n.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\imagecache.blastro.com\images\flashplayer\flvPlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\imagecache.blastro.com\images\flashplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\imagecache.blastro.com\images folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\imagecache.blastro.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\[[IMPORT]]\vidtech.cbsinteractive.com\player\2_9_2\CBSI_PLAYER.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\[[IMPORT]]\vidtech.cbsinteractive.com\player\2_9_2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\[[IMPORT]]\vidtech.cbsinteractive.com\player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\[[IMPORT]]\vidtech.cbsinteractive.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\pharos\release\pharos.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\pharos\release folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\pharos folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\eidothea\release\eidothea.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\eidothea\release folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production\eidothea folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash\production folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images\cne_flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot\images folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com\gamespot folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\image.com.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hwcdn.veevr.com\q4z7c2x6\cds\swf\flowplayer.commercial-3.2.7.1.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hwcdn.veevr.com\q4z7c2x6\cds\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hwcdn.veevr.com\q4z7c2x6\cds folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hwcdn.veevr.com\q4z7c2x6 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hwcdn.veevr.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hnbcvplayer.healthination.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\hiro.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com\Includes\player\DHI\recent\dhiplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com\Includes\player\DHI\recent folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com\Includes\player\DHI folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com\Includes\player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com\Includes folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\healthencore2.healththeater.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\gorillaleak.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\go.realvu.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\g-cdn.freestreams.com\g\flowplayer\flowplayer-3.2.12.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\g-cdn.freestreams.com\g\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\g-cdn.freestreams.com\g folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\g-cdn.freestreams.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\flash.quantserve.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\fiveforex.in\counter.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\fiveforex.in folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\filmtrailers.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com\video\kdp\kdp30.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com\video\kdp folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com\video\flowplayer\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com\video\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com\video folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\files.provenpixel.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\extras.ooyala.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com\gamez\0011\8810\live\embeddable_118810.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com\gamez\0011\8810\live folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com\gamez\0011\8810 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com\gamez\0011 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com\gamez folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\external.kongregate-games.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\eplayer-static.clipsyndicate.com\flash\osmf\CriticalPlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\eplayer-static.clipsyndicate.com\flash\osmf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\eplayer-static.clipsyndicate.com\flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\eplayer-static.clipsyndicate.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\elitetv.elitedaily.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\edgecdn.cinesport.com\_media\flash\CsprtLitePlayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\edgecdn.cinesport.com\_media\flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\edgecdn.cinesport.com\_media folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\edgecdn.cinesport.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ec.atdmt.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ds.serving-sys.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\doug1izaerwt3.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\directorslive.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\digitsshow.com\swf\StrobeMediaPlayback.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\digitsshow.com\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\digitsshow.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\daily-spots.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d2ciznq2rtdp7k.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d1cyvnjc1olxmw.cloudfront.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d.yimg.com\ks\5.7\AdPlugin_5_7_1_4.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d.yimg.com\ks\5.7 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d.yimg.com\ks folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\d.yimg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\crazyfootballvideos.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\crackle.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.videoegg.com\#ve folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.videoegg.com\#com\videoegg folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.videoegg.com\#com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.videoegg.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.saymedia.com\#ve folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.saymedia.com\#com\videoegg folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.saymedia.com\#com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.saymedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.insightexpressai.com\adserver\fscookie\fscookie.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.insightexpressai.com\adserver\fscookie folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.insightexpressai.com\adserver folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\core.insightexpressai.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms\f5\f1\16\34\f5f11634d0dd0dbaaa9a79293a0ca987.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms\f5\f1\16\34 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms\f5\f1\16 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms\f5\f1 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms\f5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net\atoms folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\content.yieldmanager.edgesuite.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\click.searchnation.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\SmartPlayer_178.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\SmartPlayer_177.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\modules\ExtLibViewsBusiness_189.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\modules\ExtLibViewsBusiness_188.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\modules\ExtLibViewsBusiness_184.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\modules\ExtLibViewsBusiness_177.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers\modules folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com\FlexPlayers folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cfiles.5min.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp\51989200\flash\kdp3\v3.5.7.1\kdp3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp\51989200\flash\kdp3\v3.5.7.1 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp\51989200\flash\kdp3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp\51989200\flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp\51989200 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892\sp folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\519892 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.55\kdp3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.55 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.54\kdp3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.54 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.53.a\kdp3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3\v3.5.53.a folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash\kdp3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200\flash folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp\30568200 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682\sp folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p\305682 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com\p folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdnbakmi.kaltura.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn3.telemetryverification.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn2.baronsmedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.widgetserver.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.visiblemeasures.com\ad_units\in_banner_video\flowplayer-3.2.7\flowplayer.unlimited-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.visiblemeasures.com\ad_units\in_banner_video\flowplayer-3.2.7 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.visiblemeasures.com\ad_units\in_banner_video folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.visiblemeasures.com\ad_units folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.visiblemeasures.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com\mediaplayer\springboard\plugins\flowplayer.advertising.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com\mediaplayer\springboard\plugins folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com\mediaplayer\springboard\mediaplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com\mediaplayer\springboard folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com\mediaplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.springboard.gorillanation.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.spotxchange.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.playwire.com\wplayer.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.playwire.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.oggifinogi.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.nueview.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.net-mine.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.innovid.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net\js\flowplayer2\dist\swf\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net\js\flowplayer2\dist\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net\js\flowplayer2\dist folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net\js\flowplayer2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net\js folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com\js\flowplayer2\dist\swf\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com\js\flowplayer2\dist\swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com\js\flowplayer2\dist folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com\js\flowplayer2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com\js folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gourmandia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.gigya.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.chictrends.co.uk folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.blinkx.com\f2\player.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.blinkx.com\f2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.blinkx.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.alphabird.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.alfynetwork.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.adexcite.com\flowplayer.unlimited-3.2.6.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn.adexcite.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn-static.liverail.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn-hiro.s3.amazonaws.com\CookieSetter\2bluemedia folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn-hiro.s3.amazonaws.com\CookieSetter folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cdn-hiro.s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cache.vindicosuite.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\cache.btrll.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\bourne.coronado.netdna-cdn.com\flowplayer\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\bourne.coronado.netdna-cdn.com\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\bourne.coronado.netdna-cdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\besttechnologytips.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\aws-cdn.hottopicmedia.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\as1.suitesmart.com\_f5e.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\as1.suitesmart.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\art.aim4media.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\arcadeciti.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\appassets.kickstatic.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ads.static.blip.tv folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com\[[IMPORT]]\79423.analytics.edgekey.net\csma\plugin\csma.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com\[[IMPORT]]\79423.analytics.edgekey.net\csma\plugin folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com\[[IMPORT]]\79423.analytics.edgekey.net\csma folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com\[[IMPORT]]\79423.analytics.edgekey.net folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\admin.brightcove.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ad.insightexpressai.com\adserver\fscookie\fscookie.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ad.insightexpressai.com\adserver\fscookie folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ad.insightexpressai.com\adserver folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\ad.insightexpressai.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\a.vimeocdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\1.static.collegehumor.cvcdn.com\moogaloop\moogaloop.1.0.3.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\1.static.collegehumor.cvcdn.com\moogaloop folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\1.static.collegehumor.cvcdn.com folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\0.static.collegehumor.cvcdn.com\moogaloop\moogaloop.jukebox.1.0.5.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\0.static.collegehumor.cvcdn.com\moogaloop\moogaloop.jukebox.1.0.1.swf folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\0.static.collegehumor.cvcdn.com\moogaloop folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\0.static.collegehumor.cvcdn.com folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Apple Computer\Logs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Apple Computer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Flash Player\AssetCache\SC3PCDMX folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Flash Player\AssetCache folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Flash Player folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Acrobat\9.0\Collab folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Acrobat\9.0 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe\Acrobat folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Adobe folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\security folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\log folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\ext folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun\Java folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Sun folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Microsoft\Silverlight folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Microsoft folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime\downloads\11\10 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime\downloads\11 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime\downloads\00\01 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime\downloads\00 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime\downloads folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer\QuickTime folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow\Apple Computer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\LocalLow folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\{316668c1-5ffc-de02-789f-e83d6d33cc28} folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Temporary Internet Files folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Programs\Common folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Programs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Sidebar\Gadgets folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Sidebar folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Photo Gallery\Original Images folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Photo Gallery folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Media\12.0 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows Media folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFYQ61R2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLVNTNL2 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1B121XF folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7TOHF27 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMV3AXB3 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEKI6S9I folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R52OMF5D folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QT6U3OGW folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFF61F94 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P11IHTTE folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5LT03CT folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3P2MZP5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MBFBTTRR folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLLS5SHD folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L1S96TI4 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAECMP41 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5F6ZEUF folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IO6BC9PD folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4QFCZNT folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GBUNUAUR folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EC3543HW folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ9J54CF folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OMPA21W folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9D4M25ZN folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F1T22LI folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5AMP4NF5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RZ8LWVH folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4AIGP8TO folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3KAAIBL5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AS4MMHR folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\035VLIKU folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01LYJKWP folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Ringtones folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\Low folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012090820120909 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012031320120314 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011120420111205 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\GameExplorer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Explorer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Caches folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Burn\Burn folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Burn folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Portable Devices folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Outlook folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Office\Groove\User folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Office\Groove\System folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Office\Groove folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Office folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\IECompatData folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\WTLV9LCB folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\IERUZXM4 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\ERQCJU94 folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\BR9B0DHZ folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\5T26AA4P folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\4QGNSHNV folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\3R2RCM4G folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\2PZLKSYP folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Internet Explorer folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\FORMS folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\History folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Application Data folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Adobe\Color\Profiles folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Adobe\Color folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Adobe folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\RegBack scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\Journal folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$ scheduled to be moved on reboot.
C:\Windows\assembly\Desktop.ini moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ not found.

#12 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 24 September 2012 - 05:30 PM

OTL by OldTimer - Version 3.2.66.2 log created on 09242012_180820

Files\Folders moved on Reboot...
Folder move failed. C:\Windows\$NtUninstallKB24936$\TxR scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Apple Computer\Logs folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Apple Computer folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TVPK35GL folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O82XTLNL folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDRGYUAV folder moved successfully.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXCA9LZ6 folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Caches folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\RegBack scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\TxR scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.realmilitaryvideos.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer\flowplayer.commercial-3.2.7.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player\flowplayer scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max\player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins\ozus-media-max scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content\plugins scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com\wp-content scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.puppycuteness.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf\flowplayer.commercial-3.2.10.swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak\swf scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes\commons_gorillaleak scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons\themes scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles\drupal_commons scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com\profiles scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7\www.directorslive.com scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QAV2EJT7 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia\Flash Player scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming\Macromedia scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows\History scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft\Windows scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData\Local scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$\RegBack scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB24936$ scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 24 September 2012 - 05:54 PM

Greetings Mike,

Very nice but I do want to double check one of the registry entries OTL said was not found. It is probably not there but it is important to be sure.

I didn't expect you to have internet access yet. If you would please, could you run Farbar's Service Scanner again.

Please do this.


===================================================


Farbar's MiniRegTool

--------------------

  • Please download MiniRegTool.zip and unzip it
  • Please download MiniRegTool64.zip and unzip it
  • When you run the tool this is what you will see



    Posted Image

  • Copy and paste the following into the edit box:

    HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}
  • Check the Export keys radio button.
  • Press the Go button and post the result.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • MiniRegTool results
  • FSS.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Iceyburnz

Iceyburnz
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 25 September 2012 - 07:46 AM

Still have this on the screen: The recycle Bin on C:\ is corrupted. Do you want to empty the Recycle bin for this drive. I left it on the screen. Havent clicked anything

:::FSS:::
Farbar Service Scanner Version: 06-08-2012
Ran by Nishbell (administrator) on 25-09-2012 at 08:38:37
Running from "C:\Users\Nishbell\Desktop"
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 11:47] - [2011-09-29 11:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 22:24] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll
[2011-02-09 21:09] - [2010-12-21 01:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 20:15] - [2009-07-13 21:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



:::minireg:::
It ran but didnt show anything

Windows Registry Editor Version 5.00

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 AM

Posted 25 September 2012 - 09:02 AM

Greetings Mike,

We have made quite a bit of progress removing malware in a short period of time. Here is what I would like to do now.

Please empty the Recycle Bin and let me know if you receive any further warnings.

Let's see if the simplest step resolves our issue.


===================================================


Resetting Network Protocols

--------------------

  • Click Start, All Programs, then Accessories
  • Right click Command Prompt and select Run as Administrator
  • Individually copy and paste the following after the command prompt and hit Enter after each one

    netsh winsock reset
    netsh int ipv4 reset
    netsh int ipv6 reset

  • Reboot your computer
  • Check your internet service

===================================================


Things I would like to see in your next reply. :thumbsup2:

  • Recycle Bin empty?
  • Do you have internet access?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users