Jump to content

ttavec

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by ttavec

  1. Trying to get my wife's computer functional again. MBAM would not run due to infection, so I had to download MBAM Chameleon from a clean computer - onto a USB drive - and was finally able to get a scan. The scan shows svchost.exe in Memory Processes Detected and also svchost.exe in Files Detected. CPU Resource Use is very high ( 90 + to 100 %) even with nothing running. Obviously, everything is very sluggish. Also getting random Google redirects to odd-looking search pages. DDS copied and pasted below. Thanks for your assistance. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Jennifer at 20:38:20 on 2012-03-18 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1979.610 [GMT -4:00] . AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Windows\system32\dldocoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Program Files (x86)\AVG\AVG10\avgemca.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Dell 968 AIO Printer\dldomon.exe C:\Program Files (x86)\Dell 968 AIO Printer\memcard.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [dldomon.exe] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\dldomon.exe" mRun: [MemoryCardManager] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\memcard.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Dell 968 AIO Printer] "C:\Program Files (x86)\Dell 968 AIO Printer\fm3032.exe" /s mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1314329500200 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{5234EEB6-9645-4B41-80B9-9D92E56E0DAB} : DhcpNameServer = 40.6.1.100 TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\2427F677E6 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\3534E42402642756560275966496 : DhcpNameServer = 172.26.1.1 TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\8686F6E6F62737 : DhcpNameServer = 12.127.16.68 12.127.17.72 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun-x64: [dldomon.exe] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\dldomon.exe" mRun-x64: [MemoryCardManager] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\memcard.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Dell 968 AIO Printer] "C:\Program Files (x86)\Dell 968 AIO Printer\fm3032.exe" /s mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-12-1 945200] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [2010-12-1 463408] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-1 98208] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 dldo_device;dldo_device;C:\Windows\system32\dldocoms.exe -service --> C:\Windows\system32\dldocoms.exe -service [?] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-9-17 92216] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-9-28 26680] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-18 652360] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe [2012-1-31 130008] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-12-1 132656] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 dldoCATSCustConnectService;dldoCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\dldoserv.exe [2007-10-5 34032] S3 mbamchameleon;mbamchameleon;\??\C:\Windows\system32\drivers\mbamchameleon.sys --> C:\Windows\system32\drivers\mbamchameleon.sys [?] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-03-18 23:20:31 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE 2012-03-18 23:13:01 20480 ------w- C:\Windows\svchost.exe 2012-03-18 23:10:24 0 ----a-w- C:\Windows\SysWow64\sho3F.tmp 2012-03-18 19:36:06 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-18 19:36:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-03-18 16:38:04 388096 ----a-r- C:\Users\Jennifer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-18 16:38:04 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-03-18 15:26:16 29808 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2012-03-18 15:23:00 -------- d-----w- C:\Users\Jennifer\AppData\Roaming\Malwarebytes 2012-03-18 15:23:00 -------- d-----w- C:\ProgramData\Malwarebytes 2012-03-18 13:54:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BC73AE6B-102A-4FBE-926D-EDA6E4CB649B} 2012-03-18 12:49:28 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AED6.tmp 2012-03-18 12:49:28 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AED5.tmp 2012-03-18 12:29:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5AD58D76-8F3D-4F97-84B7-35D69B680A41} 2012-03-18 04:15:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8B4F6C9A-D0D9-45F9-9444-DE370663F4B5} 2012-03-18 01:53:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0A9EC783-CCC8-4782-AEA7-0CE099C7DFEF} 2012-03-17 22:54:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{71AC4C52-D4E4-4DD5-A055-BBBBF3548959} 2012-03-17 18:46:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0E091CEB-C263-40BE-846B-012138AF0086} 2012-03-17 14:51:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3A8CE685-F6FF-42D3-9108-C4A8EE79D4D4} 2012-03-17 12:47:28 -------- d-----w- C:\Users\Jennifer\AppData\Local\{10C9AC62-A193-4FA9-B1C1-B65EDB86AE6F} 2012-03-17 12:12:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{20F3FB28-26F3-4A69-B7E2-684E25406B9F} 2012-03-17 01:30:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EF374546-B79B-4111-ADC4-5D44AF503D82} 2012-03-17 00:59:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{508E31EE-CDF9-4B62-8DE8-453FAB80AA69} 2012-03-16 22:12:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6DB61B4D-49C4-4F86-8ACF-80EA444000A3} 2012-03-16 22:09:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{535C5E3F-AA71-4FFA-9AF7-5ABB29CE20E9} 2012-03-16 19:29:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{985C4CEB-AD7A-486E-972C-13465A9BC385} 2012-03-16 19:17:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AF136899-091A-401F-B220-5717DB5FAE49} 2012-03-16 19:08:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{138C5043-F444-46A4-935C-F64BB559B137} 2012-03-16 18:51:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{76DE6FC5-9AE7-4696-93D2-D2257EF58AE3} 2012-03-16 17:44:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{09481A77-FE03-4499-A210-61C7F1DDDD7C} 2012-03-16 17:27:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D0A59E29-7BA9-4D20-9618-56E7B9B32E5E} 2012-03-16 17:23:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A65BE7A-0A04-4269-8ADF-135EADF31686} 2012-03-16 16:35:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1645E7CD-BA81-4C9C-84BD-F71D20556EAA} 2012-03-16 15:49:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F505EA2F-AB15-40A8-80A0-F27767B3529C} 2012-03-16 14:09:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BBF04519-1137-43A6-B49D-095C02C134EC} 2012-03-16 10:46:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9CFA06EA-E8CF-4F9C-BAA5-1E41F5FAF824} 2012-03-16 01:26:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{062BDF06-E384-4D11-9720-1BDE337138B7} 2012-03-15 22:31:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A8610DF-5DB9-4DA1-B931-5A5FF62EE2B1} 2012-03-15 19:03:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AA1B352-6410-4D80-B62A-2BBEE3BDE118} 2012-03-15 15:25:56 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DACD4E8C-3B5B-4CBD-B4A7-2189E3932369} 2012-03-15 14:20:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BA8D0682-3B90-4C7D-9702-131398C0A35A} 2012-03-15 13:58:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6F9FD067-1CD7-470B-A9A8-9CC96CC1909D} 2012-03-15 13:53:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7251504D-2CBE-4EFF-BD21-CF90B179C9B9} 2012-03-15 10:57:42 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-15 10:57:42 3957616 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-15 10:57:40 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-15 10:50:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CBD7F488-ED5B-4AE1-A0D9-6311E7A3E1FB} 2012-03-15 03:03:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D5F10481-4BBB-4253-A154-54FC65018818} 2012-03-14 19:18:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{59307606-B93D-425C-B594-363FD9296BE3} 2012-03-14 18:48:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9F48C6C5-251C-49F9-B2E0-A66D9AC7EA07} 2012-03-14 13:18:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{92AFE909-89C2-419A-B9D6-623E0C991F97} 2012-03-14 12:26:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1D97AF25-149A-4640-B2B9-BF67CF456918} 2012-03-14 10:49:05 3143168 ----a-w- C:\Windows\System32\win32k.sys 2012-03-14 10:49:03 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll 2012-03-14 10:49:03 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2012-03-14 10:49:03 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll 2012-03-14 10:49:03 1541120 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-14 10:49:03 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-14 10:49:02 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-03-14 10:49:02 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-03-14 10:49:02 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-03-14 10:49:02 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-03-14 10:49:02 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2012-03-14 10:46:21 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-14 10:46:21 76288 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-14 10:46:21 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-14 10:46:19 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-14 10:46:18 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 10:46:18 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-14 10:46:18 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-03-14 10:40:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{29B42C2A-8D6F-4911-9643-FC4A999DDDA6} 2012-03-14 02:56:41 0 ----a-w- C:\Windows\SysWow64\sho3E97.tmp 2012-03-14 01:53:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D449A68F-E713-4D74-BDCE-671E0FD084F8} 2012-03-13 21:46:14 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0369052C-18DA-4D8B-B1AA-A6AEAADFC2A6} 2012-03-13 21:11:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7FCCF2D9-F2DF-433B-998B-56327A2C2C74} 2012-03-13 19:36:03 -------- d-----w- C:\Users\Jennifer\AppData\Local\{03488905-F456-4194-B39B-E47590981840} 2012-03-13 18:56:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C1B1FDC5-C57E-4AF4-BAAD-16DAC5D2F641} 2012-03-13 12:52:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3578EC44-739C-4BF5-9508-8C3D75617033} 2012-03-13 10:54:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2529937C-D3DB-47A5-9DE6-736D33A8A3D8} 2012-03-13 10:29:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7B136000-FD5C-485F-8186-6691BFAA56F5} 2012-03-13 02:39:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BB827DDA-5FD4-4324-AFC5-4DC7E4914F5E} 2012-03-12 19:23:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6E06FE37-3BFB-4FD0-97F7-3BF4398EE2B8} 2012-03-12 18:55:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{13383DD6-F5BB-4D04-A89B-099E21AF1E1D} 2012-03-12 16:52:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BC63A167-88D1-4C07-9595-973D8CFD4416} 2012-03-12 14:07:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A0C62C76-1E62-4869-8647-735C454A2780} 2012-03-12 12:30:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{45BAD66B-618D-43F7-9833-CAEB3D14568C} 2012-03-12 03:10:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{05CB9DB0-35A0-4A92-8373-B61888465D41} 2012-03-12 02:09:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{91928899-B713-40BD-92AB-BD22C742AD6F} 2012-03-11 20:21:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{28DFE6FA-75EE-43AD-86F4-0AA395BB8F5E} 2012-03-11 19:56:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{25BF4287-5839-4263-B96D-39353B749954} 2012-03-11 16:53:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2DC31AE2-EA08-414B-9DDF-084DF073928C} 2012-03-11 12:30:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F5AFE58F-E6B5-4F2D-9620-A17BA1802F02} 2012-03-11 12:13:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{957D1B24-CB10-4554-8CE4-80E5548327EB} 2012-03-11 01:12:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E9964D7E-8EAA-4384-BE48-9E2AE41FA7DC} 2012-03-10 21:29:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EF49DD67-A4B5-4785-B3D2-5976BC85A6E2} 2012-03-10 21:24:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D7C3351E-48B5-4EB3-8494-7A50B0821582} 2012-03-10 20:50:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AC64BA67-2536-4D30-AA53-B49FF9265068} 2012-03-10 20:44:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{12AC64C2-D320-4E60-B221-0C192606472D} 2012-03-10 13:20:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{674ED3C7-2DE3-4FFE-9612-7499D1E9714F} 2012-03-10 06:53:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{749F448B-3708-48DC-9AFE-60856B8C5955} 2012-03-10 01:44:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C26FD991-58F0-4CE4-AA6A-98F9532CCCDF} 2012-03-10 01:16:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C460085F-7419-46B0-A74D-DBF28DDC7972} 2012-03-10 00:59:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0149F7B3-1A17-4060-9098-298E71874FDA} 2012-03-09 22:39:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C019BA5D-98AF-43D0-A857-60C327973CDC} 2012-03-09 21:50:56 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4E6A7EAC-B83D-45C9-B74B-1431EBA2D200} 2012-03-09 21:24:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8A9A2AE4-D36A-4E4D-9ADB-1209577EFBCC} 2012-03-09 21:08:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9D8072EC-02E7-4AD5-A650-11DF366D4239} 2012-03-09 17:12:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AA321BE2-A1A5-4F59-8CD0-B8888BAD5087} 2012-03-09 15:01:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{81D5A4E8-D088-4AAD-B127-58E78C986B6D} 2012-03-09 14:39:48 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A5A12E05-582E-4723-938E-DABAA4B31465} 2012-03-09 14:32:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3E080748-B245-4788-A875-98894A63025C} 2012-03-09 14:15:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9A50BCED-5C5E-4E6F-BE8F-37399479BFC4} 2012-03-09 12:01:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E9156E76-D6A5-4E70-B017-A2182CCCCB28} 2012-03-09 11:49:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07354F7B-CE18-472B-89C4-A7A70E84E7A8} 2012-03-09 11:27:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5457A6E4-255A-4367-8650-7985FE6CCFE5} 2012-03-09 11:03:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A181BB7-91DA-4D0F-A95B-42204D97EBAD} 2012-03-09 10:46:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{580E66F2-A43B-40A9-B25B-1FF655E75B19} 2012-03-09 10:14:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2728DC3B-CA56-4D72-895F-C8ED67FC2909} 2012-03-09 02:42:15 0 ----a-w- C:\Windows\SysWow64\sho725E.tmp 2012-03-09 02:32:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6DA836D8-77D2-430F-9EE0-E7AB9B2F97C1} 2012-03-09 01:17:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{609CAA6C-FEDE-4576-B870-E4059D781BCB} 2012-03-08 21:15:21 -------- d-----w- C:\Users\Jennifer\AppData\Local\{11B76BD9-7A9F-4CF0-94DA-722D1D7F1E7E} 2012-03-08 20:24:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{46C9F726-BF81-422F-BFC1-FCEB270C938C} 2012-03-08 20:07:58 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA371293-9581-4C4D-B314-75F449FB9515} 2012-03-08 19:44:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F82AA450-E7D0-4056-BD37-7CE9E74C31E1} 2012-03-08 13:17:02 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B7DB3A82-BB6A-4F1C-8646-956779B3077C} 2012-03-08 13:04:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{53E9895B-AFEA-4636-8F97-D5ED7EA7E625} 2012-03-08 12:42:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D9F610FD-01AF-472E-9774-86DD3BD8755C} 2012-03-08 12:05:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AFDE300-AB26-4885-9860-43956C9BBABF} 2012-03-08 10:14:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B37CB89A-30D1-45EC-9791-4636BC655BC2} 2012-03-08 09:59:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AAFCA76F-BD8E-42BF-992D-912891794661} 2012-03-08 01:42:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C6147B26-69EB-4F5B-818F-E524AA557E75} 2012-03-08 01:05:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{43B8ED19-88BE-44A5-8295-D6640EF47C41} 2012-03-07 18:29:22 0 ----a-w- C:\Windows\SysWow64\shoFA10.tmp 2012-03-07 17:37:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6CAB28EB-7D81-4A46-9F70-F110F054E1E6} 2012-03-07 17:13:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{018E7432-5ED1-4D2B-A7F4-659601B4C819} 2012-03-07 15:29:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B548766F-36B1-43F0-82D1-1C239DDE3809} 2012-03-07 11:06:43 -------- d-----w- C:\Users\Jennifer\AppData\Local\{86333204-4D47-409A-8264-96E753637E91} 2012-03-07 03:11:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1730C183-A3C6-46E9-A70B-7286CBEA5DC4} 2012-03-07 03:04:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{063C3976-419E-40E2-B4E8-AA01EAA3F1E4} 2012-03-06 23:36:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{ED0CA563-AA7F-45E2-8BBE-7E6308E5C3FC} 2012-03-06 21:22:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9C4ED84A-7E64-4423-8088-DD20AD0FDF35} 2012-03-06 20:46:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F7D0FBAA-DE7A-4048-8431-75EEEDF5474B} 2012-03-06 19:55:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{63B1EB65-289A-4129-A6A6-036AC2C42A6E} 2012-03-06 19:18:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3B1AA85F-14D1-4B01-B104-9957F7D61941} 2012-03-06 18:59:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D07E2DDB-25D0-4CB7-8C8C-94CF64B29653} 2012-03-06 18:55:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DD474528-296B-4204-B193-9F08A1AA014D} 2012-03-06 18:40:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5007E1DB-1E59-4ADC-B99F-4594A791E2E6} 2012-03-06 17:42:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5E9B34E0-8C52-400F-8719-28C801BA2DDC} 2012-03-06 15:45:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C90BD31C-FB84-4F6A-B38F-EBAB40552CA3} 2012-03-06 15:40:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B4A0C425-6FE1-4602-8947-E88D5EC0E496} 2012-03-06 15:38:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AB6910F2-FC13-4308-8EC0-4DBA3AE9E1E0} 2012-03-06 14:55:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A627AF4E-7D28-4D42-9F3A-525B6167627B} 2012-03-06 10:14:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{00CD68AF-6D65-460E-BF58-AB0F460453CC} 2012-03-06 00:40:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F169C457-A0E7-495B-B79C-C30DD7110708} 2012-03-05 22:48:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DAEABF2F-D39B-4366-A67B-4789C4710514} 2012-03-05 20:49:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AD50E56-6AA2-47D1-BCB6-61746DDABB2D} 2012-03-05 20:39:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CFACBE5D-28E8-4152-B165-12045F69647B} 2012-03-05 19:56:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5C4200FF-0103-4F7C-9D49-08D9EBD28568} 2012-03-05 18:47:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{606680B3-3494-4B69-921C-4CBB6EA0E0D2} 2012-03-05 14:30:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{42ED66F8-A697-42D2-AA8D-15EF9E37C943} 2012-03-05 13:22:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DA137570-9ED4-4C25-99CA-96A9A65928AB} 2012-03-05 11:56:30 -------- d-----w- C:\Users\Jennifer\AppData\Local\{22CA2FB4-EFD1-4856-A81D-F9A1FB5963A6} 2012-03-05 09:10:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{476425A7-7C09-497E-A1C4-C231FE005C33} 2012-03-04 23:33:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{728A5A6C-EF1F-4BD0-BC46-D93EF4D21CDC} 2012-03-04 21:10:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{05F428D7-C90F-4E0D-A2DC-01C5CE76B239} 2012-03-04 19:54:48 0 ----a-w- C:\Windows\SysWow64\shoCCD2.tmp 2012-03-04 19:53:02 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0CFF500B-863B-4FA6-B17D-5A80C7E6056B} 2012-03-04 19:44:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CD2C2D0-1827-4DA7-A563-3F554B731649} 2012-03-04 16:40:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C39076D0-75DA-426C-8D1D-0F9C1645447E} 2012-03-04 15:19:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D994D2BE-5FFD-486F-8BD2-A04B537A7F4A} 2012-03-04 12:58:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{697C1B58-18DE-45D9-85B0-EF3ED6DE85A3} 2012-03-04 11:56:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8AD54855-0A1F-4806-B2C8-D0FBF44551D9} 2012-03-04 04:49:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DC9A468E-E271-475A-AB67-328578A82243} 2012-03-03 23:24:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AFF9FD5D-74C4-45EF-AAFB-AE00341B40C2} 2012-03-03 22:28:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{710253AA-CAA6-4FE8-B7E5-90DBF2239D0D} 2012-03-03 21:39:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A507029D-8C3C-41DC-8C06-F380C4D20207} 2012-03-03 20:59:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FED1E857-74DA-44DC-BEBD-603EB6181D59} 2012-03-03 20:55:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8E9B9EF5-745B-4559-A71C-6E17EEBDBA2C} 2012-03-03 20:36:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E40F6F10-7DE1-4787-BF29-F357A8B9ECBC} 2012-03-03 20:26:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{004BCE73-D63E-42A8-AB37-D89D23AF60E6} 2012-03-03 15:41:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3F8124B8-4CEE-465F-847C-C22F21EF321F} 2012-03-03 14:04:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{99B0FAAC-E8F8-44CC-97FD-6635DE600322} 2012-03-03 12:41:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F188C863-B51F-471E-AD37-C3D517A5FDA2} 2012-03-03 09:13:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4CA5B0F0-3E39-4423-B2A7-21D095BEDDDE} 2012-03-03 02:16:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E91FD794-D28E-4990-B282-F6BCC453A59A} 2012-03-03 00:14:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C5C4138B-659B-4DA5-8607-D8CD1716B0BE} 2012-03-02 20:52:03 0 ----a-w- C:\Windows\SysWow64\shoAA38.tmp 2012-03-02 20:27:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4D5B6870-1A56-48DF-9EE5-138BFC855D7F} 2012-03-02 19:57:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A5E10CA2-131B-4670-88F2-534C96D7AB2C} 2012-03-02 18:54:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E883AEF1-6FE2-4434-8949-169C19EA3BE8} 2012-03-02 17:25:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA359266-51A9-4694-AA57-0D1324B39458} 2012-03-02 15:52:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3DD0CBE2-B2E6-48DD-BF1B-6C05933D51C3} 2012-03-02 15:02:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{380EAB19-E790-469B-A913-242CB930EF6D} 2012-03-02 14:33:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{325E77B3-F2BD-4346-B562-1D181447F8AF} 2012-03-02 13:51:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1F6FD8DB-A518-4B11-9180-D30B686E99D9} 2012-03-02 11:34:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3610C28E-FE1F-4BC9-B170-2DFD43010DCC} 2012-03-02 11:19:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7F95A0C8-6C84-42E0-AE25-D70E3C7D1E76} 2012-03-02 10:31:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1303E420-4ED7-4A03-ABBD-604628B83A3F} 2012-03-01 23:21:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F11D0F40-D28D-47C5-AF6D-E9EA1F0959EB} 2012-03-01 23:13:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6A8D36F9-9D6C-4AC8-8770-EB8AEE088355} 2012-03-01 21:06:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{469260DC-C58A-4DBC-97DA-D5EABA64DD89} 2012-03-01 20:30:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5D57C53-3C9F-409E-B2B2-4000D5181AEC} 2012-03-01 17:14:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{31762B6A-12CB-4133-B099-792A26062249} 2012-03-01 16:28:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EEAB725E-3238-4171-B118-B55D8112A4A9} 2012-03-01 13:35:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{179C3E4C-4522-4394-8925-1B3A5758B539} 2012-03-01 12:58:47 -------- d-----w- C:\Users\Jennifer\AppData\Local\{814F4FCD-1963-41FB-8FC5-0B8FAC5ABA24} 2012-03-01 12:10:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4CDAD6F5-51F3-4AF8-812B-E9C6C4878248} 2012-03-01 11:22:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A3B8841-2E44-4C54-BB2A-ECD527CDC3C2} 2012-03-01 03:37:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4792278E-7193-4A7F-A9C2-B71E086EB8C0} 2012-03-01 03:14:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5526B07A-3018-467B-8445-F42314D4BC14} 2012-03-01 01:37:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BDBB8DAC-B13D-4AA7-AF74-687BD650E348} 2012-03-01 01:17:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{599FE18A-045B-402A-A87B-CE2253E9B90A} 2012-02-29 21:34:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{77F555E5-9489-48B2-A28D-4B3DC9E0A1CC} 2012-02-29 18:59:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{ECD728AE-782C-4C11-927D-7CA403323C23} 2012-02-29 12:20:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{39969856-CBBA-49C6-AFBE-797B3FC39D61} 2012-02-29 10:51:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CBDAABB-66B0-4754-B8AD-6CCAFFB2011E} 2012-02-28 21:52:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CD236DFC-9908-4AEF-AD2F-AD5693A4792B} 2012-02-28 21:14:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0579AF62-803B-4F60-AA46-4663085CF3AC} 2012-02-28 19:49:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{15046EF5-8802-463C-B32E-B6B39EE31286} 2012-02-28 15:41:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7459DCC2-7588-4C31-98FF-E20B2A63FE9A} 2012-02-28 14:26:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D2FC25B3-2547-48BE-B5AF-9BB04CABF5B9} 2012-02-28 12:14:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8F4D90B3-4B38-4543-B614-7846B5E72EDC} 2012-02-28 10:54:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FA71D718-5E0E-49A2-AF7A-9F717242C0AB} 2012-02-28 00:01:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3AFC155F-81E9-4C35-BF64-9C6B7B7555EE} 2012-02-27 23:16:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E2E3CC38-5140-4F2A-A3B9-031E39B35416} 2012-02-27 21:23:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F79DEB88-0739-4AEF-A1E2-6D1C72DE014B} 2012-02-27 20:58:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{14126B52-ACE6-4224-AC68-B71374F59EB1} 2012-02-27 19:48:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{70B90829-40EE-4D32-9FDD-06A270462351} 2012-02-27 18:58:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{90C15094-B7E4-4274-BC3C-3B0E6E1A4038} 2012-02-27 16:19:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2A37DB30-7924-47D3-AE85-B882586AB3BB} 2012-02-27 15:28:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{22EFAE22-3495-49BD-8689-4A96978D65D4} 2012-02-27 14:36:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6395C0E6-8326-44EB-A4C5-D4D6CEE51F2E} 2012-02-27 13:51:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F45958AD-631F-48D0-9BB5-50C1A6C97820} 2012-02-27 13:31:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4005E8BE-F172-4190-BA8E-86E928B4402C} 2012-02-27 13:19:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4E672CAC-13EB-4BF9-9FEB-3D3288D34ED3} 2012-02-27 01:46:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DE94A3EB-3C08-4510-8A00-EA61C16CFB16} 2012-02-27 01:42:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B2561356-52D0-4197-8371-EB51F5A1085D} 2012-02-26 21:50:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{43D4E782-38AC-466A-A925-B091871B1C00} 2012-02-26 20:48:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C1D4E036-F62B-4B17-956B-729E29FFED98} 2012-02-26 18:19:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5005A8AF-7ECE-438B-B437-EB74D221DE94} 2012-02-26 18:19:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{92F27E4A-8070-43C9-809B-C3308A085E89} 2012-02-26 17:28:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{76B219DC-63DC-4BAF-B60D-822E069A4ED9} 2012-02-26 17:08:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E179FF20-D587-49DC-B2B4-22C25098D9AF} 2012-02-26 16:05:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3B67425D-41ED-417A-ABED-A6C0588AAED9} 2012-02-26 15:54:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{46BD3CF8-1328-4F5A-AFD9-609F7CEFCD3D} 2012-02-26 15:16:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E36E43DB-7DE9-46DF-824E-97402FC66F1B} 2012-02-26 15:07:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{51EB55A9-4328-4379-BA6A-9731CA1095BE} 2012-02-26 12:47:43 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CFB3ED07-D690-4BA6-BCA5-4E54D16CC4EE} 2012-02-26 05:26:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A50351D-8522-4F7C-A6F2-6D2B0B5D2FCA} 2012-02-26 04:37:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AF5C0612-E094-46A8-98BD-BC31D7439B79} 2012-02-26 03:49:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D54A6544-DC85-4D0F-8549-06719621C5FD} 2012-02-25 21:21:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{86B691FF-8B28-4208-BB43-4F39B8579671} 2012-02-25 21:04:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0301164E-4B49-4F20-80F9-4AD2E64F3984} 2012-02-25 20:49:55 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D41FD278-46B4-4581-A1D1-71DEE2E1D0F4} 2012-02-25 13:58:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2CE1AA39-4B29-44BB-AEFE-D53D246F902F} 2012-02-25 13:23:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{34A07ED5-4399-4C36-BA39-39B0B7336501} 2012-02-25 03:09:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1B652269-E0E1-48A7-9A4E-39526411C9A5} 2012-02-25 01:45:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1C509A91-E124-441A-856A-5E16DC8683DB} 2012-02-25 01:03:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7419E1C2-2D3E-497C-B7BD-E25B6E8C49F5} 2012-02-24 23:15:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8EED2774-CF99-48BD-BEF7-4D75CFEE9C0D} 2012-02-24 23:08:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7CCC9551-DBEF-472C-B61C-CA06A978A604} 2012-02-24 23:00:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FE2BE30D-29A0-4948-B249-8EA01A87EE27} 2012-02-24 21:37:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FED0A673-537D-409A-B92D-2B9833CBB503} 2012-02-24 21:16:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BB7EB654-A194-46C4-AE14-52FFFC2EA8BA} 2012-02-24 17:32:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07CD12BB-51BF-4AFB-875A-FE43E3D7DF3D} 2012-02-24 17:16:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2855E6DA-99AA-4D8F-9056-C0978653606D} 2012-02-24 13:06:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B15328BE-8922-4873-805E-FFD9A550DCE0} 2012-02-24 11:02:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E10FEA2B-63C8-43DB-A18C-792AD7DD09B9} 2012-02-24 10:51:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D18D0F66-010C-4848-9355-5AC1EC74E257} 2012-02-23 21:09:38 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A1C11F6-9D3B-4684-9940-0F14CD8AD63B} 2012-02-23 19:55:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5A1F34F5-F2F6-497E-AFD6-FF68D3BF8807} 2012-02-23 13:26:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA3FB547-F7DF-44BA-9978-B45B89330575} 2012-02-23 01:18:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B18E9A91-BB4F-43DA-8DE2-CA6030DEAEB5} 2012-02-22 20:55:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E1950577-0BB7-4F2C-8B3B-F7EB108EA99A} 2012-02-22 19:45:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{892A11FE-99B3-4F39-8E6E-60B70DE8735A} 2012-02-22 17:24:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A889FA62-022F-4FB6-B276-C4A00E85FB28} 2012-02-22 16:45:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{59607D0C-90B3-4035-B60F-2C9FBC4E4F84} 2012-02-22 16:16:38 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C9244FBC-AE08-43B8-8D62-E107A5B87D0C} 2012-02-22 16:15:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EDCBA9DA-683D-4055-B3C9-B20A7FDEE0FD} 2012-02-22 16:09:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{06261D1C-49BA-4FC8-AB98-BB4DC1B15EFF} 2012-02-22 16:06:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0FF80147-2C26-4366-AEC7-6E4EE4322DFB} 2012-02-22 14:37:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C51E149C-12D7-4DB1-B946-038F06060F2E} 2012-02-22 13:53:21 -------- d-----w- C:\Users\Jennifer\AppData\Local\{945CB935-3196-45F9-BDCD-D6908A459912} 2012-02-22 11:37:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F5EA1760-A8BD-4CD5-8BEA-2C825EE6459E} 2012-02-22 03:06:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B9D344CD-FEF7-4B28-A24F-4227642713B2} 2012-02-22 01:35:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8FAA3815-1E49-4D4E-AB52-4985BF05028D} 2012-02-21 23:21:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{60A011A1-067E-4421-9AE4-8EEA0A063369} 2012-02-21 21:31:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{389205F6-79A4-458A-AA17-F86A317F1E27} 2012-02-21 20:40:30 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4A856FD4-4307-4645-A290-B3645E823CE7} 2012-02-21 20:02:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CC4B150-663E-4A86-B0AA-2BBBBF7F9AAB} 2012-02-21 19:49:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{21523884-ED32-4E02-AFA5-9FB4A550CD1D} 2012-02-21 16:56:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5FCD75E-6678-4FD6-A106-F3762AB226D2} 2012-02-21 15:10:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{32856E03-47FE-4D25-BB05-D8C03529BEB2} 2012-02-21 14:32:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5A1D4087-A551-4CFF-83FF-7CA9638A162B} 2012-02-21 12:01:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DA88FD8F-0D43-4DEC-93A9-AD12FCAF0B0E} 2012-02-21 11:35:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{89B3689D-38A5-4409-B0AD-3AFF88CE0C2E} 2012-02-21 01:37:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2EDBE9F5-039B-491C-B881-AC8C58D1897E} 2012-02-20 22:57:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{40A2D924-08CE-4063-A79D-0019E8F3B13B} 2012-02-20 20:12:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{265BA86E-25D5-4A13-A3E9-5DDA97062851} 2012-02-20 19:14:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A47257DF-DBF0-4196-9B5E-796E9CE056C0} 2012-02-20 17:04:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{496B9F81-1A47-4B8D-B11F-2927723B7BD0} 2012-02-20 14:54:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E0422E3A-F7BF-4B76-8D73-44E50F9F23AC} 2012-02-20 13:28:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8695680A-3B2F-40EC-9C89-C646F4360922} 2012-02-20 12:57:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8BF36332-F819-4722-A676-44A051B91C22} 2012-02-20 11:51:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{56D424E7-EB6D-4F2C-B3F4-A226F2FF5914} 2012-02-20 02:39:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5B42CC3-1732-475D-A37E-97D8899F8D64} 2012-02-20 01:20:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A372AFA4-27B2-4A16-9C89-18B62EC5B6E1} 2012-02-20 00:02:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0149C71E-439B-4F33-B834-DAEA0A1F8647} 2012-02-19 17:01:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FF16FCB0-C3B9-4CDF-9831-8E7B838F8E7C} 2012-02-19 14:19:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{214047CA-885F-44EC-8541-F9F67177560B} 2012-02-19 11:38:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A8F37A3-C42C-4D84-A1A4-9B0E910C32FF} 2012-02-19 04:56:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3C658600-08B9-49B6-93BF-7BE3EC0C3950} 2012-02-18 18:55:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{79B9D2FC-09F9-4DC7-BC8C-A7E4979BB3A1} 2012-02-18 11:20:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8A9DDF52-B87E-428C-A3FE-14690EB32B93} 2012-02-18 02:51:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8C58926B-215C-4145-B158-4D3BD13BFC30} 2012-02-18 01:00:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07C9D54A-B1F9-4F87-808F-7786A60646C2} . ==================== Find3M ==================== . 2012-02-15 20:51:53 0 ----a-w- C:\Windows\SysWow64\shoAABD.tmp 2012-02-13 02:47:12 0 ----a-w- C:\Windows\SysWow64\shoE11D.tmp 2012-02-10 14:41:20 0 ----a-w- C:\Windows\SysWow64\sho2223.tmp 2012-02-10 11:29:27 0 ----a-w- C:\Windows\SysWow64\shoBB63.tmp 2012-02-04 03:32:43 0 ----a-w- C:\Windows\SysWow64\shoD2ED.tmp 2012-02-01 21:56:27 0 ----a-w- C:\Windows\SysWow64\sho7039.tmp 2012-01-28 21:13:12 0 ----a-w- C:\Windows\SysWow64\sho39CE.tmp 2012-01-26 01:22:04 0 ----a-w- C:\Windows\SysWow64\sho8B8B.tmp 2012-01-20 07:05:06 0 ----a-w- C:\Windows\SysWow64\sho1D93.tmp 2012-01-16 03:29:39 0 ----a-w- C:\Windows\SysWow64\shoBDCB.tmp 2012-01-15 04:57:46 0 ----a-w- C:\Windows\SysWow64\sho52A8.tmp 2012-01-13 05:24:15 0 ----a-w- C:\Windows\SysWow64\shoBF10.tmp 2012-01-12 01:29:17 0 ----a-w- C:\Windows\SysWow64\sho95F7.tmp 2012-01-09 05:06:51 0 ----a-w- C:\Windows\SysWow64\shoDFF5.tmp 2012-01-08 04:13:03 0 ----a-w- C:\Windows\SysWow64\shoC6C8.tmp 2012-01-05 15:24:57 0 ----a-w- C:\Windows\SysWow64\sho235.tmp 2012-01-04 09:58:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-01-03 06:24:52 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-01-03 05:44:24 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-01-02 21:45:09 0 ----a-w- C:\Windows\SysWow64\sho8B57.tmp 2012-01-02 03:29:37 0 ----a-w- C:\Windows\SysWow64\shoE79B.tmp 2012-01-01 17:06:02 0 ----a-w- C:\Windows\SysWow64\sho40BA.tmp 2012-01-01 05:35:43 0 ----a-w- C:\Windows\SysWow64\shoB1BE.tmp 2011-12-31 04:58:57 0 ----a-w- C:\Windows\SysWow64\shoD481.tmp 2011-12-30 04:15:13 0 ----a-w- C:\Windows\SysWow64\shoBA5.tmp 2011-12-29 04:38:45 0 ----a-w- C:\Windows\SysWow64\sho2898.tmp 2011-12-28 03:59:11 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2011-12-28 03:42:33 0 ----a-w- C:\Windows\SysWow64\shoA2D2.tmp 2011-12-23 05:14:29 0 ----a-w- C:\Windows\SysWow64\shoFFD4.tmp 2011-12-21 04:26:38 0 ----a-w- C:\Windows\SysWow64\shoC3BE.tmp 2011-12-20 05:11:40 0 ----a-w- C:\Windows\SysWow64\sho5BF8.tmp . ============= FINISH: 20:39:25.25 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 3/9/2011 6:34:02 PM System Uptime: 3/18/2012 7:11:02 PM (1 hours ago) . Motherboard: Hewlett-Packard | | 1605 Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 214 GiB total, 165.059 GiB free. D: is FIXED (NTFS) - 19 GiB total, 2.736 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP70: 2/9/2012 6:30:48 PM - Scheduled Checkpoint RP71: 2/16/2012 10:53:57 PM - Windows Update RP72: 2/24/2012 12:16:15 PM - Scheduled Checkpoint RP73: 3/3/2012 9:01:00 AM - Scheduled Checkpoint RP74: 3/10/2012 10:36:15 PM - Scheduled Checkpoint RP75: 3/14/2012 9:25:06 AM - Installed Canon ScanGear Starter RP76: 3/15/2012 6:53:47 AM - Windows Update RP77: 3/18/2012 12:37:07 PM - Installed HiJackThis . ==== Installed Programs ====================== . ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.4.4 MUI Adobe Shockwave Player 11.5 Agatha Christie - Peril at End House Bejeweled 2 Deluxe Bing Bar Bing Bar Platform Bing Rewards Client Installer Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Cake Mania Canon ScanGear Starter Chuzzle Deluxe Compaq Setup Manager Coupon Printer for Windows CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 9 CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Dora's World Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 Farm Frenzy FATE FaxRedist Final Drive Nitro Heroes of Hellas 2 - Olympia HiJackThis HP CloudDrive HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP MovieStore HP Photo Creations HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant HPAsset component for HP Active Support Library Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 26 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.60.1.1000 Microsoft Default Manager Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - The London Caper Norton Internet Security Norton Online Backup Penguins! PhotoNow! Plants vs. Zombies PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector Ralink RT5390 802.11b/g/n WiFi Adapter Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Recovery Manager RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Times Reader Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Virtual Families Virtual Villagers 4 - The Tree of Life Visual Studio 2008 x64 Redistributables Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Detect Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 3/18/2012 8:19:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 3/18/2012 7:18:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. 3/18/2012 7:18:32 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/18/2012 7:18:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} 3/18/2012 7:12:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the dldoCATSCustConnectService service to connect. 3/18/2012 7:12:11 PM, Error: Service Control Manager [7000] - The dldoCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/18/2012 7:09:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service. 3/18/2012 6:39:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 3/18/2012 5:49:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service. 3/18/2012 5:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service. 3/15/2012 8:37:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 3/15/2012 11:05:19 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{EDAABA9F-3E94-473B-B32B-EC0329553175} because another computer on the network has the same name. The server could not start. 3/14/2012 4:35:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service. 3/11/2012 2:05:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.