Cleaning

[Pa Woodbutcher]

Thanks for any help and advice you can give. No major hurry here as the computer is running. The utility that is originally installed says that it needs attention as it is running slow....not real noticeably so to me, but not real savy if you know what I mean. Joined the forum to learn how to care for it and keep it clean without going through Norton. I am using Microsoft Security Essentials as my primary defense and run an adware once a week.

Thanks again!

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Bryan at 9:26:52 on 2012-03-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1818 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/?rlz=1V1IPYX
uDefault_Page_URL = hxxp://start.toshiba.com/g/
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 209.55.24.10 209.55.27.13 8.8.8.8
TCP: Interfaces\{EE6C8A54-89CE-4DA6-9F50-10FC7917CEE9} : DhcpNameServer = 209.55.24.10 209.55.27.13 8.8.8.8
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO-X64: Ad-Aware Security Toolbar - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\i0nw2ilw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=utf-8&rlz=1V2IPYX&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\windows\system32\DRIVERS\Lbd.sys --> C:\windows\system32\DRIVERS\Lbd.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-12-23 2152152]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe [2011-7-21 135608]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2011-7-21 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-21 2656280]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-2-2 17152]
R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-7-21 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-21 136176]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-21 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-12 07:46:20 -------- d-----w- C:\Users\Bryan\AppData\Local\{DC277707-AC1E-4303-A082-6FDA724E0E64}
2012-03-12 07:45:58 -------- d-----w- C:\Users\Bryan\AppData\Local\{EC7ACFA3-6EE9-4868-BC91-32135F67467D}
2012-03-11 23:59:42 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BFE0255-3635-4A8E-8DAB-1EA1C53C3998}\offreg.dll
2012-03-11 19:47:09 -------- d-----w- C:\Users\Bryan\AppData\Local\{26066CD9-BEB7-43DA-B3DC-740CE055AD39}
2012-03-11 1831 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BFE0255-3635-4A8E-8DAB-1EA1C53C3998}\mpengine.dll
2012-03-11 07:46:57 -------- d-----w- C:\Users\Bryan\AppData\Local\{7CE84310-C7F5-4FF3-94C0-6AAD208C5597}
2012-03-11 07:46:35 -------- d-----w- C:\Users\Bryan\AppData\Local\{7A7D852E-8B5A-4568-8E20-5516BDE4F475}
2012-03-10 19:46:21 -------- d-----w- C:\Users\Bryan\AppData\Local\{667E023E-8618-4D30-ACB9-C6B0823AC7BF}
2012-03-10 19:46:10 -------- d-----w- C:\Users\Bryan\AppData\Local\{F515CA40-0BE2-4C36-9202-4393D0C9E856}
2012-03-09 04:49:26 -------- d-----w- C:\Users\Bryan\AppData\Local\{946990DE-B04E-4AE7-A0AE-13E3A00124B4}
2012-03-09 04:49:04 -------- d-----w- C:\Users\Bryan\AppData\Local\{118E6292-98F1-4660-9492-57980124435E}
2012-03-08 16:48:50 -------- d-----w- C:\Users\Bryan\AppData\Local\{E9FCFB5E-C852-49C7-A994-66F96FF5EF6E}
2012-03-08 16:48:28 -------- d-----w- C:\Users\Bryan\AppData\Local\{783EA7A9-A596-43A0-92EA-C00F2BAED3B2}
2012-03-08 04:48:16 -------- d-----w- C:\Users\Bryan\AppData\Local\{B00D91C8-A7F5-4D3B-B96D-FE1BD4900196}
2012-03-08 04:47:54 -------- d-----w- C:\Users\Bryan\AppData\Local\{5E29F83D-6887-477B-BF0B-3C84BE7B8986}
2012-03-07 16:47:40 -------- d-----w- C:\Users\Bryan\AppData\Local\{E55832E0-BC6B-4443-B330-087D04F187AB}
2012-03-07 16:47:18 -------- d-----w- C:\Users\Bryan\AppData\Local\{06C14710-03A2-435A-9878-E64E530C19DE}
2012-03-05 13:03:31 -------- d-----w- C:\Users\Bryan\AppData\Local\{D209491C-4E34-4EBA-B468-3EBD15541816}
2012-03-05 13:03:09 -------- d-----w- C:\Users\Bryan\AppData\Local\{BBD46F2E-9A66-451E-8DDF-808DE7E46490}
2012-03-05 01:02:56 -------- d-----w- C:\Users\Bryan\AppData\Local\{8FE76ADA-71A9-43F1-9385-4E83A1011072}
2012-03-05 01:02:34 -------- d-----w- C:\Users\Bryan\AppData\Local\{267F6EFB-1308-48B5-A6EA-810226A49A1F}
2012-03-04 13:02:21 -------- d-----w- C:\Users\Bryan\AppData\Local\{202B1AFC-192D-46EB-88B6-A683178D7C85}
2012-03-04 13:01:58 -------- d-----w- C:\Users\Bryan\AppData\Local\{C746FC7F-D961-4CF5-ACFE-6D2A61622D46}
2012-03-04 01:01:46 -------- d-----w- C:\Users\Bryan\AppData\Local\{E27025DA-ADC2-416D-9CEF-07757E8D12B4}
2012-03-04 01:01:24 -------- d-----w- C:\Users\Bryan\AppData\Local\{D1107517-5271-4641-943F-E036061B5F4C}
2012-03-03 13:01:11 -------- d-----w- C:\Users\Bryan\AppData\Local\{797ECD1B-0E4B-4467-9D0D-983A783871B5}
2012-03-03 13:00:24 -------- d-----w- C:\Users\Bryan\AppData\Local\{A6C0CB31-FB03-472D-A862-8B9C691DDF8F}
2012-03-02 23:30:52 -------- d-----w- C:\Users\Bryan\AppData\Local\{6769B039-A43D-4AF2-ACC2-AE9E82DF1B4E}
2012-03-02 23:30:30 -------- d-----w- C:\Users\Bryan\AppData\Local\{60765EFF-A106-4427-9B91-3B917897C6F6}
2012-03-02 11:30:18 -------- d-----w- C:\Users\Bryan\AppData\Local\{86D2E570-BD9A-4DFF-884B-F81FF402EC05}
2012-03-02 11:29:56 -------- d-----w- C:\Users\Bryan\AppData\Local\{C995DA18-36D3-4C29-96A7-33481308554A}
2012-03-01 23:29:41 -------- d-----w- C:\Users\Bryan\AppData\Local\{93EFEC0B-D078-4CD1-A381-ED1C8ADD9473}
2012-03-01 23:29:19 -------- d-----w- C:\Users\Bryan\AppData\Local\{BC52EF0F-419F-4B94-ABBA-1BAFDEF5272B}
2012-03-01 11:29:06 -------- d-----w- C:\Users\Bryan\AppData\Local\{79858BC2-C7A5-433E-9CF6-D96E7511C3DF}
2012-03-01 11:28:45 -------- d-----w- C:\Users\Bryan\AppData\Local\{BDF439B2-0289-4672-A177-6063A7A2D818}
2012-02-29 23:28:31 -------- d-----w- C:\Users\Bryan\AppData\Local\{427E3C18-CDCE-40F0-B4B2-EFBD0A7A063C}
2012-02-29 23:28:09 -------- d-----w- C:\Users\Bryan\AppData\Local\{94340A05-0476-4D1E-80D1-85B5E75E3075}
2012-02-29 11:27:41 -------- d-----w- C:\Users\Bryan\AppData\Local\{D7E1C0E4-5964-4E18-A5E3-B8A201253AAE}
2012-02-29 11:27:19 -------- d-----w- C:\Users\Bryan\AppData\Local\{B35B799A-8B0F-4701-A6C6-3DA5198092AB}
2012-02-27 01:45:18 -------- d-----w- C:\Users\Bryan\AppData\Local\{542780CF-1DC5-4B0A-898B-6CAEC3B694AA}
2012-02-27 01:45:03 -------- d-----w- C:\Users\Bryan\AppData\Local\{94ADACDF-5768-4AC1-A288-63F464D93B75}
2012-02-26 13:21:42 -------- d-----w- C:\Users\Bryan\AppData\Local\{4297BAFA-06C3-45E8-8B13-865C97CC69EA}
2012-02-26 13:21:19 -------- d-----w- C:\Users\Bryan\AppData\Local\{94E997DF-065E-4EDF-8C5A-E59C3D56B41D}
2012-02-26 01:21:07 -------- d-----w- C:\Users\Bryan\AppData\Local\{B0201F2E-47F7-4083-9B0C-8DF0C589DC05}
2012-02-26 01:20:45 -------- d-----w- C:\Users\Bryan\AppData\Local\{FBB2E3F7-5B96-4D0C-B468-9927309D2432}
2012-02-25 13:20:31 -------- d-----w- C:\Users\Bryan\AppData\Local\{9350F7F8-2D25-4285-A02C-FEF45ADB51DC}
2012-02-25 13:20:09 -------- d-----w- C:\Users\Bryan\AppData\Local\{23C2F9EE-BB3B-416E-A7CF-344D4555BD76}
2012-02-25 01:19:56 -------- d-----w- C:\Users\Bryan\AppData\Local\{6BECEF7F-8D5A-4C07-8BA7-B0CE99A474F8}
2012-02-25 01:19:33 -------- d-----w- C:\Users\Bryan\AppData\Local\{1776C298-D577-43D8-BF23-EF034337283E}
2012-02-24 13:19:21 -------- d-----w- C:\Users\Bryan\AppData\Local\{429AEEC3-DEC4-4D32-B84F-C3C25506160D}
2012-02-24 13:18:59 -------- d-----w- C:\Users\Bryan\AppData\Local\{1BCD7286-7940-4EDE-9FAF-9186CC827B36}
2012-02-24 01:18:46 -------- d-----w- C:\Users\Bryan\AppData\Local\{FFAFE399-004E-4E90-A1FF-4DB7AA6C2A6E}
2012-02-24 01:18:23 -------- d-----w- C:\Users\Bryan\AppData\Local\{EFBC49E2-EA73-40F1-A4E3-D8198738342F}
2012-02-23 13:18:11 -------- d-----w- C:\Users\Bryan\AppData\Local\{E905360E-F524-4811-8506-EF1BC85E0FA9}
2012-02-23 13:17:48 -------- d-----w- C:\Users\Bryan\AppData\Local\{6944098E-8548-4366-93AB-90D587999630}
2012-02-23 01:17:35 -------- d-----w- C:\Users\Bryan\AppData\Local\{BABBF18B-C4F5-4066-AE54-656168200ED8}
2012-02-23 01:17:13 -------- d-----w- C:\Users\Bryan\AppData\Local\{554C5C99-C19C-4A1C-A247-B00E74A00AC9}
2012-02-22 13:17:00 -------- d-----w- C:\Users\Bryan\AppData\Local\{67E0E507-DE86-4EA4-95E0-7FDA9A683671}
2012-02-22 13:16:39 -------- d-----w- C:\Users\Bryan\AppData\Local\{B9473B40-A96E-4657-A01D-937BD7F55641}
2012-02-22 01:16:27 -------- d-----w- C:\Users\Bryan\AppData\Local\{F5F3DC17-0E9D-4421-94A6-8DBA5177C9D2}
2012-02-22 01:16:05 -------- d-----w- C:\Users\Bryan\AppData\Local\{B9CF2DCC-2F42-4CA1-BE99-37A5476447F6}
2012-02-21 13:15:52 -------- d-----w- C:\Users\Bryan\AppData\Local\{05C4567B-7280-494C-A5A3-C3DE9CC71BAD}
2012-02-21 13:15:30 -------- d-----w- C:\Users\Bryan\AppData\Local\{D0643ED0-721D-49C6-9B4A-8125E81404F2}
2012-02-21 01:15:16 -------- d-----w- C:\Users\Bryan\AppData\Local\{197528DB-2A8D-4312-B595-B11102DE35AB}
2012-02-21 01:15:05 -------- d-----w- C:\Users\Bryan\AppData\Local\{8577B981-692C-46B5-996C-6B06E0F39198}
2012-02-20 19:35:38 -------- d-----w- C:\Users\Bryan\AppData\Local\{DBE73071-C713-469D-A7EF-7158515A86EA}
2012-02-20 11:21:36 -------- d-----w- C:\Users\Bryan\AppData\Local\{48910A1D-3B8F-4B9A-ACD0-9C834F231095}
2012-02-20 11:21:14 -------- d-----w- C:\Users\Bryan\AppData\Local\{1F232019-D416-47E1-93D4-4F3AA5B49980}
2012-02-19 23:21:02 -------- d-----w- C:\Users\Bryan\AppData\Local\{A946685A-5920-4CE4-8199-3468F93988C8}
2012-02-19 23:20:39 -------- d-----w- C:\Users\Bryan\AppData\Local\{D18EBD6B-AD96-48C0-BCEA-7A8780554117}
2012-02-19 11:20:27 -------- d-----w- C:\Users\Bryan\AppData\Local\{99AA758F-1DCE-4B05-8DED-A7A991D72146}
2012-02-19 11:20:05 -------- d-----w- C:\Users\Bryan\AppData\Local\{9DF9283B-585A-4BC0-A5E6-1BE3E6A739D5}
2012-02-18 23:19:53 -------- d-----w- C:\Users\Bryan\AppData\Local\{912245EA-DD3A-404A-8332-8ED606CD05C1}
2012-02-18 23:19:31 -------- d-----w- C:\Users\Bryan\AppData\Local\{56D75DDD-B1D2-4883-8CFE-1CED2611C26B}
2012-02-17 20:52:51 -------- d-----w- C:\Users\Bryan\AppData\Local\{611E0C62-BE07-44C1-8362-BA9553A0A30A}
2012-02-17 07:14:28 -------- d-----w- C:\Users\Bryan\AppData\Local\{766F75F9-07A0-4858-B063-9C1810FB30DE}
2012-02-17 07:14:06 -------- d-----w- C:\Users\Bryan\AppData\Local\{F31B83DD-C6BD-45D6-B71D-3384E5B88777}
2012-02-16 19:13:50 -------- d-----w- C:\Users\Bryan\AppData\Local\{DC4E9417-BEB7-4AD8-BC8F-1EAB69ED553D}
2012-02-16 19:13:27 -------- d-----w- C:\Users\Bryan\AppData\Local\{517A5063-F846-4125-9A0E-7CF8F0361A78}
2012-02-16 07:13:15 -------- d-----w- C:\Users\Bryan\AppData\Local\{DC04934C-2920-4315-9F02-57DE1CC53D13}
2012-02-16 07:12:53 -------- d-----w- C:\Users\Bryan\AppData\Local\{F8376C22-2624-4A96-BAEE-B3EF542F0AA0}
2012-02-15 19:12:39 -------- d-----w- C:\Users\Bryan\AppData\Local\{49EA75DB-FE9F-4DD3-A8FD-55E97F993130}
2012-02-15 19:12:16 -------- d-----w- C:\Users\Bryan\AppData\Local\{C5A604AE-6F5D-490D-B5FA-9B153EE6CBFB}
2012-02-15 07:52:11 509952 ----a-w- C:\windows\System32\ntshrui.dll
2012-02-15 07:52:11 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
2012-02-15 07:52:09 515584 ----a-w- C:\windows\System32\timedate.cpl
2012-02-15 07:52:09 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2012-02-15 07:52:09 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-02-15 07:52:08 498688 ----a-w- C:\windows\System32\drivers\afd.sys
2012-02-15 07:52:05 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
2012-02-15 07:52:05 634880 ----a-w- C:\windows\System32\msvcrt.dll
2012-02-15 07:11:51 -------- d-----w- C:\Users\Bryan\AppData\Local\{ADD4CEF6-981C-4342-B74B-F5F1DDBF2423}
2012-02-15 07:11:40 -------- d-----w- C:\Users\Bryan\AppData\Local\{7A756DEC-35F5-48C0-8171-35E9F21ACB34}
2012-02-15 01:51:16 6600192 ----a-w- C:\windows\SysWow64\LicProtector310.exe
2012-02-15 01:51:16 -------- dc-h--w- C:\ProgramData\{065E61A5-8EBF-4FD0-B4F4-9E3DC8089AD0}
2012-02-15 01:51:16 -------- d-----w- C:\Users\Bryan\AppData\Local\Ultimate Media Player
2012-02-15 01:51:15 -------- d-----w- C:\Program Files (x86)\Ultimate Media Player
2012-02-15 01:51:13 -------- d-----w- C:\Users\Bryan\AppData\Local\PackageAware
2012-02-15 01:49:53 -------- d-----w- C:\Program Files (x86)\Driver-Soft
2012-02-14 19:11:26 -------- d-----w- C:\Users\Bryan\AppData\Local\{1DBFBC6B-7B13-494F-91E7-E0D6F2AB3DE8}
2012-02-14 19:11:04 -------- d-----w- C:\Users\Bryan\AppData\Local\{F08CE311-CFE9-488C-8841-1A76F9C874CD}
2012-02-14 07:10:38 -------- d-----w- C:\Users\Bryan\AppData\Local\{AB2D59D1-19BA-4E11-AE88-71AF5E86A7C2}
2012-02-14 07:10:16 -------- d-----w- C:\Users\Bryan\AppData\Local\{17211114-CEFD-4D68-AF9B-DE7A04D0DED0}
2012-02-13 19:10:04 -------- d-----w- C:\Users\Bryan\AppData\Local\{9535BDA9-9F99-48AF-98D8-72984779DAA1}
2012-02-13 19:09:41 -------- d-----w- C:\Users\Bryan\AppData\Local\{DF948D84-2E9A-43F8-B14E-4D716C4836F1}
2012-02-13 07:09:29 -------- d-----w- C:\Users\Bryan\AppData\Local\{6A565F45-1E35-45D4-9D91-61C0C995B394}
2012-02-13 07:09:07 -------- d-----w- C:\Users\Bryan\AppData\Local\{ED31EBDA-933A-4374-888B-31E6DE38B034}
2012-02-12 19:08:55 -------- d-----w- C:\Users\Bryan\AppData\Local\{67173743-C5A1-4EF3-936B-AC21397F2D53}
2012-02-12 19:08:35 -------- d-----w- C:\Users\Bryan\AppData\Local\{1F96FD1D-144C-402A-8804-E6C5B18F1192}
2012-02-11 20:32:02 -------- d-----w- C:\Users\Bryan\AppData\Local\{FA15AEB3-A890-44C2-B872-3207D17908E0}
2012-02-11 20:31:40 -------- d-----w- C:\Users\Bryan\AppData\Local\{1E056455-C270-441D-8689-CF3DBEB94453}
.
==================== Find3M ====================
.
2012-02-27 12:22:00 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-02 18:28:49 55384 ----a-w- C:\windows\System32\drivers\SBREDrv.sys
2012-02-02 18:28:45 16432 ----a-w- C:\windows\System32\lsdelete.exe
2012-01-31 12:44:20 279656 ------w- C:\windows\System32\MpSigStub.exe
2012-01-20 08:15:56 0 ----a-w- C:\windows\SysWow64\shoB13E.tmp
2011-12-23 12:12:12 69376 ----a-w- C:\windows\System32\drivers\Lbd.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 9:27:30.26 ===============

[Pa Woodbutcher]

Bump