Jump to content

svchost.exe returns after MBAM & reboot


Recommended Posts

Trying to get my wife's computer functional again. MBAM would not run due to infection, so I had to download MBAM Chameleon from a clean computer - onto a USB drive - and was finally able to get a scan. The scan shows svchost.exe in Memory Processes Detected and also svchost.exe in Files Detected.

CPU Resource Use is very high ( 90 + to 100 %) even with nothing running. Obviously, everything is very sluggish. Also getting random Google redirects to odd-looking search pages.

DDS copied and pasted below. Thanks for your assistance.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385

Run by Jennifer at 20:38:20 on 2012-03-18

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1979.610 [GMT -4:00]

.

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\dldocoms.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files (x86)\Dell 968 AIO Printer\dldomon.exe

C:\Program Files (x86)\Dell 968 AIO Printer\memcard.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun: [dldomon.exe] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\dldomon.exe"

mRun: [MemoryCardManager] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\memcard.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Dell 968 AIO Printer] "C:\Program Files (x86)\Dell 968 AIO Printer\fm3032.exe" /s

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1314329500200

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{5234EEB6-9645-4B41-80B9-9D92E56E0DAB} : DhcpNameServer = 40.6.1.100

TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\2427F677E6 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\3534E42402642756560275966496 : DhcpNameServer = 172.26.1.1

TCP: Interfaces\{EDAABA9F-3E94-473B-B32B-EC0329553175}\8686F6E6F62737 : DhcpNameServer = 12.127.16.68 12.127.17.72

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun-x64: [dldomon.exe] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\dldomon.exe"

mRun-x64: [MemoryCardManager] "C:\Program Files (x86) (x86)\Dell 968 AIO Printer\memcard.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Dell 968 AIO Printer] "C:\Program Files (x86)\Dell 968 AIO Printer\fm3032.exe" /s

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-12-1 945200]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [2010-12-1 463408]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-1 98208]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 dldo_device;dldo_device;C:\Windows\system32\dldocoms.exe -service --> C:\Windows\system32\dldocoms.exe -service [?]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-9-17 92216]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-9-28 26680]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-18 652360]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe [2012-1-31 130008]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]

R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-12-1 132656]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 dldoCATSCustConnectService;dldoCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\dldoserv.exe [2007-10-5 34032]

S3 mbamchameleon;mbamchameleon;\??\C:\Windows\system32\drivers\mbamchameleon.sys --> C:\Windows\system32\drivers\mbamchameleon.sys [?]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

.

=============== Created Last 30 ================

.

2012-03-18 23:20:31 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2012-03-18 23:13:01 20480 ------w- C:\Windows\svchost.exe

2012-03-18 23:10:24 0 ----a-w- C:\Windows\SysWow64\sho3F.tmp

2012-03-18 19:36:06 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-18 19:36:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-18 16:38:04 388096 ----a-r- C:\Users\Jennifer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-18 16:38:04 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-03-18 15:26:16 29808 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2012-03-18 15:23:00 -------- d-----w- C:\Users\Jennifer\AppData\Roaming\Malwarebytes

2012-03-18 15:23:00 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-18 13:54:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BC73AE6B-102A-4FBE-926D-EDA6E4CB649B}

2012-03-18 12:49:28 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AED6.tmp

2012-03-18 12:49:28 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AED5.tmp

2012-03-18 12:29:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5AD58D76-8F3D-4F97-84B7-35D69B680A41}

2012-03-18 04:15:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8B4F6C9A-D0D9-45F9-9444-DE370663F4B5}

2012-03-18 01:53:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0A9EC783-CCC8-4782-AEA7-0CE099C7DFEF}

2012-03-17 22:54:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{71AC4C52-D4E4-4DD5-A055-BBBBF3548959}

2012-03-17 18:46:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0E091CEB-C263-40BE-846B-012138AF0086}

2012-03-17 14:51:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3A8CE685-F6FF-42D3-9108-C4A8EE79D4D4}

2012-03-17 12:47:28 -------- d-----w- C:\Users\Jennifer\AppData\Local\{10C9AC62-A193-4FA9-B1C1-B65EDB86AE6F}

2012-03-17 12:12:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{20F3FB28-26F3-4A69-B7E2-684E25406B9F}

2012-03-17 01:30:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EF374546-B79B-4111-ADC4-5D44AF503D82}

2012-03-17 00:59:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{508E31EE-CDF9-4B62-8DE8-453FAB80AA69}

2012-03-16 22:12:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6DB61B4D-49C4-4F86-8ACF-80EA444000A3}

2012-03-16 22:09:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{535C5E3F-AA71-4FFA-9AF7-5ABB29CE20E9}

2012-03-16 19:29:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{985C4CEB-AD7A-486E-972C-13465A9BC385}

2012-03-16 19:17:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AF136899-091A-401F-B220-5717DB5FAE49}

2012-03-16 19:08:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{138C5043-F444-46A4-935C-F64BB559B137}

2012-03-16 18:51:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{76DE6FC5-9AE7-4696-93D2-D2257EF58AE3}

2012-03-16 17:44:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{09481A77-FE03-4499-A210-61C7F1DDDD7C}

2012-03-16 17:27:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D0A59E29-7BA9-4D20-9618-56E7B9B32E5E}

2012-03-16 17:23:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A65BE7A-0A04-4269-8ADF-135EADF31686}

2012-03-16 16:35:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1645E7CD-BA81-4C9C-84BD-F71D20556EAA}

2012-03-16 15:49:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F505EA2F-AB15-40A8-80A0-F27767B3529C}

2012-03-16 14:09:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BBF04519-1137-43A6-B49D-095C02C134EC}

2012-03-16 10:46:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9CFA06EA-E8CF-4F9C-BAA5-1E41F5FAF824}

2012-03-16 01:26:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{062BDF06-E384-4D11-9720-1BDE337138B7}

2012-03-15 22:31:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A8610DF-5DB9-4DA1-B931-5A5FF62EE2B1}

2012-03-15 19:03:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AA1B352-6410-4D80-B62A-2BBEE3BDE118}

2012-03-15 15:25:56 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DACD4E8C-3B5B-4CBD-B4A7-2189E3932369}

2012-03-15 14:20:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BA8D0682-3B90-4C7D-9702-131398C0A35A}

2012-03-15 13:58:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6F9FD067-1CD7-470B-A9A8-9CC96CC1909D}

2012-03-15 13:53:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7251504D-2CBE-4EFF-BD21-CF90B179C9B9}

2012-03-15 10:57:42 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-15 10:57:42 3957616 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-15 10:57:40 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-15 10:50:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CBD7F488-ED5B-4AE1-A0D9-6311E7A3E1FB}

2012-03-15 03:03:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D5F10481-4BBB-4253-A154-54FC65018818}

2012-03-14 19:18:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{59307606-B93D-425C-B594-363FD9296BE3}

2012-03-14 18:48:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9F48C6C5-251C-49F9-B2E0-A66D9AC7EA07}

2012-03-14 13:18:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{92AFE909-89C2-419A-B9D6-623E0C991F97}

2012-03-14 12:26:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1D97AF25-149A-4640-B2B9-BF67CF456918}

2012-03-14 10:49:05 3143168 ----a-w- C:\Windows\System32\win32k.sys

2012-03-14 10:49:03 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-03-14 10:49:03 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-03-14 10:49:03 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-03-14 10:49:03 1541120 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-14 10:49:03 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 10:49:02 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-03-14 10:49:02 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-03-14 10:49:02 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-03-14 10:49:02 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-03-14 10:49:02 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-03-14 10:46:21 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-14 10:46:21 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-14 10:46:21 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-14 10:46:19 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-14 10:46:18 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 10:46:18 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 10:46:18 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-14 10:40:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{29B42C2A-8D6F-4911-9643-FC4A999DDDA6}

2012-03-14 02:56:41 0 ----a-w- C:\Windows\SysWow64\sho3E97.tmp

2012-03-14 01:53:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D449A68F-E713-4D74-BDCE-671E0FD084F8}

2012-03-13 21:46:14 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0369052C-18DA-4D8B-B1AA-A6AEAADFC2A6}

2012-03-13 21:11:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7FCCF2D9-F2DF-433B-998B-56327A2C2C74}

2012-03-13 19:36:03 -------- d-----w- C:\Users\Jennifer\AppData\Local\{03488905-F456-4194-B39B-E47590981840}

2012-03-13 18:56:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C1B1FDC5-C57E-4AF4-BAAD-16DAC5D2F641}

2012-03-13 12:52:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3578EC44-739C-4BF5-9508-8C3D75617033}

2012-03-13 10:54:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2529937C-D3DB-47A5-9DE6-736D33A8A3D8}

2012-03-13 10:29:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7B136000-FD5C-485F-8186-6691BFAA56F5}

2012-03-13 02:39:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BB827DDA-5FD4-4324-AFC5-4DC7E4914F5E}

2012-03-12 19:23:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6E06FE37-3BFB-4FD0-97F7-3BF4398EE2B8}

2012-03-12 18:55:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{13383DD6-F5BB-4D04-A89B-099E21AF1E1D}

2012-03-12 16:52:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BC63A167-88D1-4C07-9595-973D8CFD4416}

2012-03-12 14:07:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A0C62C76-1E62-4869-8647-735C454A2780}

2012-03-12 12:30:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{45BAD66B-618D-43F7-9833-CAEB3D14568C}

2012-03-12 03:10:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{05CB9DB0-35A0-4A92-8373-B61888465D41}

2012-03-12 02:09:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{91928899-B713-40BD-92AB-BD22C742AD6F}

2012-03-11 20:21:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{28DFE6FA-75EE-43AD-86F4-0AA395BB8F5E}

2012-03-11 19:56:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{25BF4287-5839-4263-B96D-39353B749954}

2012-03-11 16:53:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2DC31AE2-EA08-414B-9DDF-084DF073928C}

2012-03-11 12:30:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F5AFE58F-E6B5-4F2D-9620-A17BA1802F02}

2012-03-11 12:13:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{957D1B24-CB10-4554-8CE4-80E5548327EB}

2012-03-11 01:12:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E9964D7E-8EAA-4384-BE48-9E2AE41FA7DC}

2012-03-10 21:29:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EF49DD67-A4B5-4785-B3D2-5976BC85A6E2}

2012-03-10 21:24:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D7C3351E-48B5-4EB3-8494-7A50B0821582}

2012-03-10 20:50:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AC64BA67-2536-4D30-AA53-B49FF9265068}

2012-03-10 20:44:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{12AC64C2-D320-4E60-B221-0C192606472D}

2012-03-10 13:20:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{674ED3C7-2DE3-4FFE-9612-7499D1E9714F}

2012-03-10 06:53:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{749F448B-3708-48DC-9AFE-60856B8C5955}

2012-03-10 01:44:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C26FD991-58F0-4CE4-AA6A-98F9532CCCDF}

2012-03-10 01:16:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C460085F-7419-46B0-A74D-DBF28DDC7972}

2012-03-10 00:59:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0149F7B3-1A17-4060-9098-298E71874FDA}

2012-03-09 22:39:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C019BA5D-98AF-43D0-A857-60C327973CDC}

2012-03-09 21:50:56 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4E6A7EAC-B83D-45C9-B74B-1431EBA2D200}

2012-03-09 21:24:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8A9A2AE4-D36A-4E4D-9ADB-1209577EFBCC}

2012-03-09 21:08:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9D8072EC-02E7-4AD5-A650-11DF366D4239}

2012-03-09 17:12:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AA321BE2-A1A5-4F59-8CD0-B8888BAD5087}

2012-03-09 15:01:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{81D5A4E8-D088-4AAD-B127-58E78C986B6D}

2012-03-09 14:39:48 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A5A12E05-582E-4723-938E-DABAA4B31465}

2012-03-09 14:32:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3E080748-B245-4788-A875-98894A63025C}

2012-03-09 14:15:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9A50BCED-5C5E-4E6F-BE8F-37399479BFC4}

2012-03-09 12:01:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E9156E76-D6A5-4E70-B017-A2182CCCCB28}

2012-03-09 11:49:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07354F7B-CE18-472B-89C4-A7A70E84E7A8}

2012-03-09 11:27:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5457A6E4-255A-4367-8650-7985FE6CCFE5}

2012-03-09 11:03:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A181BB7-91DA-4D0F-A95B-42204D97EBAD}

2012-03-09 10:46:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{580E66F2-A43B-40A9-B25B-1FF655E75B19}

2012-03-09 10:14:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2728DC3B-CA56-4D72-895F-C8ED67FC2909}

2012-03-09 02:42:15 0 ----a-w- C:\Windows\SysWow64\sho725E.tmp

2012-03-09 02:32:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6DA836D8-77D2-430F-9EE0-E7AB9B2F97C1}

2012-03-09 01:17:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{609CAA6C-FEDE-4576-B870-E4059D781BCB}

2012-03-08 21:15:21 -------- d-----w- C:\Users\Jennifer\AppData\Local\{11B76BD9-7A9F-4CF0-94DA-722D1D7F1E7E}

2012-03-08 20:24:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{46C9F726-BF81-422F-BFC1-FCEB270C938C}

2012-03-08 20:07:58 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA371293-9581-4C4D-B314-75F449FB9515}

2012-03-08 19:44:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F82AA450-E7D0-4056-BD37-7CE9E74C31E1}

2012-03-08 13:17:02 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B7DB3A82-BB6A-4F1C-8646-956779B3077C}

2012-03-08 13:04:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{53E9895B-AFEA-4636-8F97-D5ED7EA7E625}

2012-03-08 12:42:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D9F610FD-01AF-472E-9774-86DD3BD8755C}

2012-03-08 12:05:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AFDE300-AB26-4885-9860-43956C9BBABF}

2012-03-08 10:14:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B37CB89A-30D1-45EC-9791-4636BC655BC2}

2012-03-08 09:59:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AAFCA76F-BD8E-42BF-992D-912891794661}

2012-03-08 01:42:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C6147B26-69EB-4F5B-818F-E524AA557E75}

2012-03-08 01:05:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{43B8ED19-88BE-44A5-8295-D6640EF47C41}

2012-03-07 18:29:22 0 ----a-w- C:\Windows\SysWow64\shoFA10.tmp

2012-03-07 17:37:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6CAB28EB-7D81-4A46-9F70-F110F054E1E6}

2012-03-07 17:13:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{018E7432-5ED1-4D2B-A7F4-659601B4C819}

2012-03-07 15:29:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B548766F-36B1-43F0-82D1-1C239DDE3809}

2012-03-07 11:06:43 -------- d-----w- C:\Users\Jennifer\AppData\Local\{86333204-4D47-409A-8264-96E753637E91}

2012-03-07 03:11:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1730C183-A3C6-46E9-A70B-7286CBEA5DC4}

2012-03-07 03:04:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{063C3976-419E-40E2-B4E8-AA01EAA3F1E4}

2012-03-06 23:36:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{ED0CA563-AA7F-45E2-8BBE-7E6308E5C3FC}

2012-03-06 21:22:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9C4ED84A-7E64-4423-8088-DD20AD0FDF35}

2012-03-06 20:46:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F7D0FBAA-DE7A-4048-8431-75EEEDF5474B}

2012-03-06 19:55:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{63B1EB65-289A-4129-A6A6-036AC2C42A6E}

2012-03-06 19:18:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3B1AA85F-14D1-4B01-B104-9957F7D61941}

2012-03-06 18:59:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D07E2DDB-25D0-4CB7-8C8C-94CF64B29653}

2012-03-06 18:55:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DD474528-296B-4204-B193-9F08A1AA014D}

2012-03-06 18:40:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5007E1DB-1E59-4ADC-B99F-4594A791E2E6}

2012-03-06 17:42:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5E9B34E0-8C52-400F-8719-28C801BA2DDC}

2012-03-06 15:45:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C90BD31C-FB84-4F6A-B38F-EBAB40552CA3}

2012-03-06 15:40:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B4A0C425-6FE1-4602-8947-E88D5EC0E496}

2012-03-06 15:38:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AB6910F2-FC13-4308-8EC0-4DBA3AE9E1E0}

2012-03-06 14:55:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A627AF4E-7D28-4D42-9F3A-525B6167627B}

2012-03-06 10:14:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{00CD68AF-6D65-460E-BF58-AB0F460453CC}

2012-03-06 00:40:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F169C457-A0E7-495B-B79C-C30DD7110708}

2012-03-05 22:48:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DAEABF2F-D39B-4366-A67B-4789C4710514}

2012-03-05 20:49:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{9AD50E56-6AA2-47D1-BCB6-61746DDABB2D}

2012-03-05 20:39:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CFACBE5D-28E8-4152-B165-12045F69647B}

2012-03-05 19:56:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5C4200FF-0103-4F7C-9D49-08D9EBD28568}

2012-03-05 18:47:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{606680B3-3494-4B69-921C-4CBB6EA0E0D2}

2012-03-05 14:30:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{42ED66F8-A697-42D2-AA8D-15EF9E37C943}

2012-03-05 13:22:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DA137570-9ED4-4C25-99CA-96A9A65928AB}

2012-03-05 11:56:30 -------- d-----w- C:\Users\Jennifer\AppData\Local\{22CA2FB4-EFD1-4856-A81D-F9A1FB5963A6}

2012-03-05 09:10:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{476425A7-7C09-497E-A1C4-C231FE005C33}

2012-03-04 23:33:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{728A5A6C-EF1F-4BD0-BC46-D93EF4D21CDC}

2012-03-04 21:10:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{05F428D7-C90F-4E0D-A2DC-01C5CE76B239}

2012-03-04 19:54:48 0 ----a-w- C:\Windows\SysWow64\shoCCD2.tmp

2012-03-04 19:53:02 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0CFF500B-863B-4FA6-B17D-5A80C7E6056B}

2012-03-04 19:44:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CD2C2D0-1827-4DA7-A563-3F554B731649}

2012-03-04 16:40:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C39076D0-75DA-426C-8D1D-0F9C1645447E}

2012-03-04 15:19:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D994D2BE-5FFD-486F-8BD2-A04B537A7F4A}

2012-03-04 12:58:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{697C1B58-18DE-45D9-85B0-EF3ED6DE85A3}

2012-03-04 11:56:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8AD54855-0A1F-4806-B2C8-D0FBF44551D9}

2012-03-04 04:49:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DC9A468E-E271-475A-AB67-328578A82243}

2012-03-03 23:24:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AFF9FD5D-74C4-45EF-AAFB-AE00341B40C2}

2012-03-03 22:28:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{710253AA-CAA6-4FE8-B7E5-90DBF2239D0D}

2012-03-03 21:39:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A507029D-8C3C-41DC-8C06-F380C4D20207}

2012-03-03 20:59:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FED1E857-74DA-44DC-BEBD-603EB6181D59}

2012-03-03 20:55:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8E9B9EF5-745B-4559-A71C-6E17EEBDBA2C}

2012-03-03 20:36:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E40F6F10-7DE1-4787-BF29-F357A8B9ECBC}

2012-03-03 20:26:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{004BCE73-D63E-42A8-AB37-D89D23AF60E6}

2012-03-03 15:41:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3F8124B8-4CEE-465F-847C-C22F21EF321F}

2012-03-03 14:04:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{99B0FAAC-E8F8-44CC-97FD-6635DE600322}

2012-03-03 12:41:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F188C863-B51F-471E-AD37-C3D517A5FDA2}

2012-03-03 09:13:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4CA5B0F0-3E39-4423-B2A7-21D095BEDDDE}

2012-03-03 02:16:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E91FD794-D28E-4990-B282-F6BCC453A59A}

2012-03-03 00:14:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C5C4138B-659B-4DA5-8607-D8CD1716B0BE}

2012-03-02 20:52:03 0 ----a-w- C:\Windows\SysWow64\shoAA38.tmp

2012-03-02 20:27:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4D5B6870-1A56-48DF-9EE5-138BFC855D7F}

2012-03-02 19:57:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A5E10CA2-131B-4670-88F2-534C96D7AB2C}

2012-03-02 18:54:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E883AEF1-6FE2-4434-8949-169C19EA3BE8}

2012-03-02 17:25:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA359266-51A9-4694-AA57-0D1324B39458}

2012-03-02 15:52:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3DD0CBE2-B2E6-48DD-BF1B-6C05933D51C3}

2012-03-02 15:02:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{380EAB19-E790-469B-A913-242CB930EF6D}

2012-03-02 14:33:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{325E77B3-F2BD-4346-B562-1D181447F8AF}

2012-03-02 13:51:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1F6FD8DB-A518-4B11-9180-D30B686E99D9}

2012-03-02 11:34:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3610C28E-FE1F-4BC9-B170-2DFD43010DCC}

2012-03-02 11:19:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7F95A0C8-6C84-42E0-AE25-D70E3C7D1E76}

2012-03-02 10:31:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1303E420-4ED7-4A03-ABBD-604628B83A3F}

2012-03-01 23:21:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F11D0F40-D28D-47C5-AF6D-E9EA1F0959EB}

2012-03-01 23:13:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6A8D36F9-9D6C-4AC8-8770-EB8AEE088355}

2012-03-01 21:06:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{469260DC-C58A-4DBC-97DA-D5EABA64DD89}

2012-03-01 20:30:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5D57C53-3C9F-409E-B2B2-4000D5181AEC}

2012-03-01 17:14:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{31762B6A-12CB-4133-B099-792A26062249}

2012-03-01 16:28:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EEAB725E-3238-4171-B118-B55D8112A4A9}

2012-03-01 13:35:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{179C3E4C-4522-4394-8925-1B3A5758B539}

2012-03-01 12:58:47 -------- d-----w- C:\Users\Jennifer\AppData\Local\{814F4FCD-1963-41FB-8FC5-0B8FAC5ABA24}

2012-03-01 12:10:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4CDAD6F5-51F3-4AF8-812B-E9C6C4878248}

2012-03-01 11:22:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A3B8841-2E44-4C54-BB2A-ECD527CDC3C2}

2012-03-01 03:37:54 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4792278E-7193-4A7F-A9C2-B71E086EB8C0}

2012-03-01 03:14:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5526B07A-3018-467B-8445-F42314D4BC14}

2012-03-01 01:37:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BDBB8DAC-B13D-4AA7-AF74-687BD650E348}

2012-03-01 01:17:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{599FE18A-045B-402A-A87B-CE2253E9B90A}

2012-02-29 21:34:19 -------- d-----w- C:\Users\Jennifer\AppData\Local\{77F555E5-9489-48B2-A28D-4B3DC9E0A1CC}

2012-02-29 18:59:00 -------- d-----w- C:\Users\Jennifer\AppData\Local\{ECD728AE-782C-4C11-927D-7CA403323C23}

2012-02-29 12:20:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{39969856-CBBA-49C6-AFBE-797B3FC39D61}

2012-02-29 10:51:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CBDAABB-66B0-4754-B8AD-6CCAFFB2011E}

2012-02-28 21:52:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CD236DFC-9908-4AEF-AD2F-AD5693A4792B}

2012-02-28 21:14:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0579AF62-803B-4F60-AA46-4663085CF3AC}

2012-02-28 19:49:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{15046EF5-8802-463C-B32E-B6B39EE31286}

2012-02-28 15:41:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7459DCC2-7588-4C31-98FF-E20B2A63FE9A}

2012-02-28 14:26:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D2FC25B3-2547-48BE-B5AF-9BB04CABF5B9}

2012-02-28 12:14:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8F4D90B3-4B38-4543-B614-7846B5E72EDC}

2012-02-28 10:54:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FA71D718-5E0E-49A2-AF7A-9F717242C0AB}

2012-02-28 00:01:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3AFC155F-81E9-4C35-BF64-9C6B7B7555EE}

2012-02-27 23:16:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E2E3CC38-5140-4F2A-A3B9-031E39B35416}

2012-02-27 21:23:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F79DEB88-0739-4AEF-A1E2-6D1C72DE014B}

2012-02-27 20:58:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{14126B52-ACE6-4224-AC68-B71374F59EB1}

2012-02-27 19:48:57 -------- d-----w- C:\Users\Jennifer\AppData\Local\{70B90829-40EE-4D32-9FDD-06A270462351}

2012-02-27 18:58:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{90C15094-B7E4-4274-BC3C-3B0E6E1A4038}

2012-02-27 16:19:45 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2A37DB30-7924-47D3-AE85-B882586AB3BB}

2012-02-27 15:28:25 -------- d-----w- C:\Users\Jennifer\AppData\Local\{22EFAE22-3495-49BD-8689-4A96978D65D4}

2012-02-27 14:36:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{6395C0E6-8326-44EB-A4C5-D4D6CEE51F2E}

2012-02-27 13:51:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F45958AD-631F-48D0-9BB5-50C1A6C97820}

2012-02-27 13:31:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4005E8BE-F172-4190-BA8E-86E928B4402C}

2012-02-27 13:19:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4E672CAC-13EB-4BF9-9FEB-3D3288D34ED3}

2012-02-27 01:46:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DE94A3EB-3C08-4510-8A00-EA61C16CFB16}

2012-02-27 01:42:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B2561356-52D0-4197-8371-EB51F5A1085D}

2012-02-26 21:50:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{43D4E782-38AC-466A-A925-B091871B1C00}

2012-02-26 20:48:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C1D4E036-F62B-4B17-956B-729E29FFED98}

2012-02-26 18:19:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5005A8AF-7ECE-438B-B437-EB74D221DE94}

2012-02-26 18:19:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{92F27E4A-8070-43C9-809B-C3308A085E89}

2012-02-26 17:28:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{76B219DC-63DC-4BAF-B60D-822E069A4ED9}

2012-02-26 17:08:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E179FF20-D587-49DC-B2B4-22C25098D9AF}

2012-02-26 16:05:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3B67425D-41ED-417A-ABED-A6C0588AAED9}

2012-02-26 15:54:59 -------- d-----w- C:\Users\Jennifer\AppData\Local\{46BD3CF8-1328-4F5A-AFD9-609F7CEFCD3D}

2012-02-26 15:16:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E36E43DB-7DE9-46DF-824E-97402FC66F1B}

2012-02-26 15:07:11 -------- d-----w- C:\Users\Jennifer\AppData\Local\{51EB55A9-4328-4379-BA6A-9731CA1095BE}

2012-02-26 12:47:43 -------- d-----w- C:\Users\Jennifer\AppData\Local\{CFB3ED07-D690-4BA6-BCA5-4E54D16CC4EE}

2012-02-26 05:26:33 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A50351D-8522-4F7C-A6F2-6D2B0B5D2FCA}

2012-02-26 04:37:10 -------- d-----w- C:\Users\Jennifer\AppData\Local\{AF5C0612-E094-46A8-98BD-BC31D7439B79}

2012-02-26 03:49:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D54A6544-DC85-4D0F-8549-06719621C5FD}

2012-02-25 21:21:15 -------- d-----w- C:\Users\Jennifer\AppData\Local\{86B691FF-8B28-4208-BB43-4F39B8579671}

2012-02-25 21:04:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0301164E-4B49-4F20-80F9-4AD2E64F3984}

2012-02-25 20:49:55 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D41FD278-46B4-4581-A1D1-71DEE2E1D0F4}

2012-02-25 13:58:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2CE1AA39-4B29-44BB-AEFE-D53D246F902F}

2012-02-25 13:23:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{34A07ED5-4399-4C36-BA39-39B0B7336501}

2012-02-25 03:09:32 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1B652269-E0E1-48A7-9A4E-39526411C9A5}

2012-02-25 01:45:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1C509A91-E124-441A-856A-5E16DC8683DB}

2012-02-25 01:03:05 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7419E1C2-2D3E-497C-B7BD-E25B6E8C49F5}

2012-02-24 23:15:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8EED2774-CF99-48BD-BEF7-4D75CFEE9C0D}

2012-02-24 23:08:16 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7CCC9551-DBEF-472C-B61C-CA06A978A604}

2012-02-24 23:00:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FE2BE30D-29A0-4948-B249-8EA01A87EE27}

2012-02-24 21:37:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FED0A673-537D-409A-B92D-2B9833CBB503}

2012-02-24 21:16:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{BB7EB654-A194-46C4-AE14-52FFFC2EA8BA}

2012-02-24 17:32:34 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07CD12BB-51BF-4AFB-875A-FE43E3D7DF3D}

2012-02-24 17:16:41 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2855E6DA-99AA-4D8F-9056-C0978653606D}

2012-02-24 13:06:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B15328BE-8922-4873-805E-FFD9A550DCE0}

2012-02-24 11:02:04 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E10FEA2B-63C8-43DB-A18C-792AD7DD09B9}

2012-02-24 10:51:50 -------- d-----w- C:\Users\Jennifer\AppData\Local\{D18D0F66-010C-4848-9355-5AC1EC74E257}

2012-02-23 21:09:38 -------- d-----w- C:\Users\Jennifer\AppData\Local\{1A1C11F6-9D3B-4684-9940-0F14CD8AD63B}

2012-02-23 19:55:12 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5A1F34F5-F2F6-497E-AFD6-FF68D3BF8807}

2012-02-23 13:26:06 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EA3FB547-F7DF-44BA-9978-B45B89330575}

2012-02-23 01:18:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B18E9A91-BB4F-43DA-8DE2-CA6030DEAEB5}

2012-02-22 20:55:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E1950577-0BB7-4F2C-8B3B-F7EB108EA99A}

2012-02-22 19:45:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{892A11FE-99B3-4F39-8E6E-60B70DE8735A}

2012-02-22 17:24:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A889FA62-022F-4FB6-B276-C4A00E85FB28}

2012-02-22 16:45:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{59607D0C-90B3-4035-B60F-2C9FBC4E4F84}

2012-02-22 16:16:38 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C9244FBC-AE08-43B8-8D62-E107A5B87D0C}

2012-02-22 16:15:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{EDCBA9DA-683D-4055-B3C9-B20A7FDEE0FD}

2012-02-22 16:09:49 -------- d-----w- C:\Users\Jennifer\AppData\Local\{06261D1C-49BA-4FC8-AB98-BB4DC1B15EFF}

2012-02-22 16:06:09 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0FF80147-2C26-4366-AEC7-6E4EE4322DFB}

2012-02-22 14:37:13 -------- d-----w- C:\Users\Jennifer\AppData\Local\{C51E149C-12D7-4DB1-B946-038F06060F2E}

2012-02-22 13:53:21 -------- d-----w- C:\Users\Jennifer\AppData\Local\{945CB935-3196-45F9-BDCD-D6908A459912}

2012-02-22 11:37:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{F5EA1760-A8BD-4CD5-8BEA-2C825EE6459E}

2012-02-22 03:06:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{B9D344CD-FEF7-4B28-A24F-4227642713B2}

2012-02-22 01:35:37 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8FAA3815-1E49-4D4E-AB52-4985BF05028D}

2012-02-21 23:21:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{60A011A1-067E-4421-9AE4-8EEA0A063369}

2012-02-21 21:31:53 -------- d-----w- C:\Users\Jennifer\AppData\Local\{389205F6-79A4-458A-AA17-F86A317F1E27}

2012-02-21 20:40:30 -------- d-----w- C:\Users\Jennifer\AppData\Local\{4A856FD4-4307-4645-A290-B3645E823CE7}

2012-02-21 20:02:35 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5CC4B150-663E-4A86-B0AA-2BBBBF7F9AAB}

2012-02-21 19:49:22 -------- d-----w- C:\Users\Jennifer\AppData\Local\{21523884-ED32-4E02-AFA5-9FB4A550CD1D}

2012-02-21 16:56:29 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5FCD75E-6678-4FD6-A106-F3762AB226D2}

2012-02-21 15:10:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{32856E03-47FE-4D25-BB05-D8C03529BEB2}

2012-02-21 14:32:27 -------- d-----w- C:\Users\Jennifer\AppData\Local\{5A1D4087-A551-4CFF-83FF-7CA9638A162B}

2012-02-21 12:01:24 -------- d-----w- C:\Users\Jennifer\AppData\Local\{DA88FD8F-0D43-4DEC-93A9-AD12FCAF0B0E}

2012-02-21 11:35:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{89B3689D-38A5-4409-B0AD-3AFF88CE0C2E}

2012-02-21 01:37:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{2EDBE9F5-039B-491C-B881-AC8C58D1897E}

2012-02-20 22:57:44 -------- d-----w- C:\Users\Jennifer\AppData\Local\{40A2D924-08CE-4063-A79D-0019E8F3B13B}

2012-02-20 20:12:01 -------- d-----w- C:\Users\Jennifer\AppData\Local\{265BA86E-25D5-4A13-A3E9-5DDA97062851}

2012-02-20 19:14:39 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A47257DF-DBF0-4196-9B5E-796E9CE056C0}

2012-02-20 17:04:40 -------- d-----w- C:\Users\Jennifer\AppData\Local\{496B9F81-1A47-4B8D-B11F-2927723B7BD0}

2012-02-20 14:54:07 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E0422E3A-F7BF-4B76-8D73-44E50F9F23AC}

2012-02-20 13:28:23 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8695680A-3B2F-40EC-9C89-C646F4360922}

2012-02-20 12:57:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8BF36332-F819-4722-A676-44A051B91C22}

2012-02-20 11:51:42 -------- d-----w- C:\Users\Jennifer\AppData\Local\{56D424E7-EB6D-4F2C-B3F4-A226F2FF5914}

2012-02-20 02:39:31 -------- d-----w- C:\Users\Jennifer\AppData\Local\{E5B42CC3-1732-475D-A37E-97D8899F8D64}

2012-02-20 01:20:36 -------- d-----w- C:\Users\Jennifer\AppData\Local\{A372AFA4-27B2-4A16-9C89-18B62EC5B6E1}

2012-02-20 00:02:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{0149C71E-439B-4F33-B834-DAEA0A1F8647}

2012-02-19 17:01:51 -------- d-----w- C:\Users\Jennifer\AppData\Local\{FF16FCB0-C3B9-4CDF-9831-8E7B838F8E7C}

2012-02-19 14:19:20 -------- d-----w- C:\Users\Jennifer\AppData\Local\{214047CA-885F-44EC-8541-F9F67177560B}

2012-02-19 11:38:46 -------- d-----w- C:\Users\Jennifer\AppData\Local\{7A8F37A3-C42C-4D84-A1A4-9B0E910C32FF}

2012-02-19 04:56:08 -------- d-----w- C:\Users\Jennifer\AppData\Local\{3C658600-08B9-49B6-93BF-7BE3EC0C3950}

2012-02-18 18:55:18 -------- d-----w- C:\Users\Jennifer\AppData\Local\{79B9D2FC-09F9-4DC7-BC8C-A7E4979BB3A1}

2012-02-18 11:20:52 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8A9DDF52-B87E-428C-A3FE-14690EB32B93}

2012-02-18 02:51:26 -------- d-----w- C:\Users\Jennifer\AppData\Local\{8C58926B-215C-4145-B158-4D3BD13BFC30}

2012-02-18 01:00:17 -------- d-----w- C:\Users\Jennifer\AppData\Local\{07C9D54A-B1F9-4F87-808F-7786A60646C2}

.

==================== Find3M ====================

.

2012-02-15 20:51:53 0 ----a-w- C:\Windows\SysWow64\shoAABD.tmp

2012-02-13 02:47:12 0 ----a-w- C:\Windows\SysWow64\shoE11D.tmp

2012-02-10 14:41:20 0 ----a-w- C:\Windows\SysWow64\sho2223.tmp

2012-02-10 11:29:27 0 ----a-w- C:\Windows\SysWow64\shoBB63.tmp

2012-02-04 03:32:43 0 ----a-w- C:\Windows\SysWow64\shoD2ED.tmp

2012-02-01 21:56:27 0 ----a-w- C:\Windows\SysWow64\sho7039.tmp

2012-01-28 21:13:12 0 ----a-w- C:\Windows\SysWow64\sho39CE.tmp

2012-01-26 01:22:04 0 ----a-w- C:\Windows\SysWow64\sho8B8B.tmp

2012-01-20 07:05:06 0 ----a-w- C:\Windows\SysWow64\sho1D93.tmp

2012-01-16 03:29:39 0 ----a-w- C:\Windows\SysWow64\shoBDCB.tmp

2012-01-15 04:57:46 0 ----a-w- C:\Windows\SysWow64\sho52A8.tmp

2012-01-13 05:24:15 0 ----a-w- C:\Windows\SysWow64\shoBF10.tmp

2012-01-12 01:29:17 0 ----a-w- C:\Windows\SysWow64\sho95F7.tmp

2012-01-09 05:06:51 0 ----a-w- C:\Windows\SysWow64\shoDFF5.tmp

2012-01-08 04:13:03 0 ----a-w- C:\Windows\SysWow64\shoC6C8.tmp

2012-01-05 15:24:57 0 ----a-w- C:\Windows\SysWow64\sho235.tmp

2012-01-04 09:58:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-01-03 06:24:52 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-01-03 05:44:24 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-01-02 21:45:09 0 ----a-w- C:\Windows\SysWow64\sho8B57.tmp

2012-01-02 03:29:37 0 ----a-w- C:\Windows\SysWow64\shoE79B.tmp

2012-01-01 17:06:02 0 ----a-w- C:\Windows\SysWow64\sho40BA.tmp

2012-01-01 05:35:43 0 ----a-w- C:\Windows\SysWow64\shoB1BE.tmp

2011-12-31 04:58:57 0 ----a-w- C:\Windows\SysWow64\shoD481.tmp

2011-12-30 04:15:13 0 ----a-w- C:\Windows\SysWow64\shoBA5.tmp

2011-12-29 04:38:45 0 ----a-w- C:\Windows\SysWow64\sho2898.tmp

2011-12-28 03:59:11 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-12-28 03:42:33 0 ----a-w- C:\Windows\SysWow64\shoA2D2.tmp

2011-12-23 05:14:29 0 ----a-w- C:\Windows\SysWow64\shoFFD4.tmp

2011-12-21 04:26:38 0 ----a-w- C:\Windows\SysWow64\shoC3BE.tmp

2011-12-20 05:11:40 0 ----a-w- C:\Windows\SysWow64\sho5BF8.tmp

.

============= FINISH: 20:39:25.25 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/9/2011 6:34:02 PM

System Uptime: 3/18/2012 7:11:02 PM (1 hours ago)

.

Motherboard: Hewlett-Packard | | 1605

Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 214 GiB total, 165.059 GiB free.

D: is FIXED (NTFS) - 19 GiB total, 2.736 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP70: 2/9/2012 6:30:48 PM - Scheduled Checkpoint

RP71: 2/16/2012 10:53:57 PM - Windows Update

RP72: 2/24/2012 12:16:15 PM - Scheduled Checkpoint

RP73: 3/3/2012 9:01:00 AM - Scheduled Checkpoint

RP74: 3/10/2012 10:36:15 PM - Scheduled Checkpoint

RP75: 3/14/2012 9:25:06 AM - Installed Canon ScanGear Starter

RP76: 3/15/2012 6:53:47 AM - Windows Update

RP77: 3/18/2012 12:37:07 PM - Installed HiJackThis

.

==== Installed Programs ======================

.

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.4 MUI

Adobe Shockwave Player 11.5

Agatha Christie - Peril at End House

Bejeweled 2 Deluxe

Bing Bar

Bing Bar Platform

Bing Rewards Client Installer

Blackhawk Striker 2

Blasterball 3

Blio

Bounce Symphony

Build-a-lot 2

Cake Mania

Canon ScanGear Starter

Chuzzle Deluxe

Compaq Setup Manager

Coupon Printer for Windows

CyberLink DVD Suite

CyberLink MediaShow

CyberLink PowerDVD 9

CyberLink YouCam

D3DX10

Diner Dash 2 Restaurant Rescue

Dora's World Adventure

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

Farm Frenzy

FATE

FaxRedist

Final Drive Nitro

Heroes of Hellas 2 - Olympia

HiJackThis

HP CloudDrive

HP Customer Experience Enhancements

HP Documentation

HP Game Console

HP Games

HP MovieStore

HP Photo Creations

HP Power Manager

HP Quick Launch

HP Setup

HP Software Framework

HP Support Assistant

HPAsset component for HP Active Support Library

Intel® Graphics Media Accelerator Driver

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 26

Jewel Quest Solitaire 2

Junk Mail filter update

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft Default Manager

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - The London Caper

Norton Internet Security

Norton Online Backup

Penguins!

PhotoNow!

Plants vs. Zombies

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

Ralink RT5390 802.11b/g/n WiFi Adapter

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Recovery Manager

RoxioNow Player

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Times Reader

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Virtual Families

Virtual Villagers 4 - The Tree of Life

Visual Studio 2008 x64 Redistributables

Wheel of Fortune 2

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Yahoo! Detect

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

3/18/2012 8:19:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

3/18/2012 7:18:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

3/18/2012 7:18:32 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/18/2012 7:18:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

3/18/2012 7:12:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the dldoCATSCustConnectService service to connect.

3/18/2012 7:12:11 PM, Error: Service Control Manager [7000] - The dldoCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/18/2012 7:09:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

3/18/2012 6:39:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.

3/18/2012 5:49:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

3/18/2012 5:44:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service.

3/15/2012 8:37:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

3/15/2012 11:05:19 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{EDAABA9F-3E94-473B-B32B-EC0329553175} because another computer on the network has the same name. The server could not start.

3/14/2012 4:35:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service.

3/11/2012 2:05:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

.

==== End Of File ===========================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.