Hi Juliet - thanks for your help! Here are the two reports that you requested:
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02
Ran by Crystal (administrator) on CRYSTAL-PC on 28-02-2014 22:10:12
Running from C:\Users\Michael\Downloads
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\Logitech\QuickCam\Quickcam.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAA.EXE
(Logitech Inc.) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4452352 2007-05-11] (Realtek Semiconductor)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [124200 2007-09-17] (CyberLink Corp.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-08] (Google)
HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [41944 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640480 2012-07-30] (Adobe Systems Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [WPCUMI] - C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\QuickCam\Quickcam.exe [2656528 2008-12-20] ()
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [296096 2012-07-01] (RealNetworks, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\Run: [Desktop Software] - C:\Program Files\Common Files\supportsoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_44_Plugin.exe -update plugin
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\RunOnce: [Application Restart #0] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\RunOnce: [Application Restart #1] - C:\Windows\System32\wpcumi.exe [176128 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1218617016-3022421040-3124855728-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-30] (Google Inc.)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Run: [Google Update] - C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-10-16] (Google Inc.)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Run: [EPSON Stylus CX4400 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAA.EXE [180736 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1218617016-3022421040-3124855728-1001\...\Winlogon: [Shell] Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-09-08] (Google)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Crystal\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicyUsers\S-1-5-21-1218617016-3022421040-3124855728-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....ponse/index.jsp
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:466...q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: WeCareReminder Class - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\s63sz2m5.default
FF Homepage: https://www.google.c...lt<mplcache=2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.5.109 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.5.109 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.5.109 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: ASPCA App By We-Care.com - C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\s63sz2m5.default\Extensions\wecarereminder@bryan [2012-07-01]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\s63sz2m5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-07-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-01]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF [2013-10-09]
========================== Services (Whitelisted) =================
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-04-28] (Stardock Corporation)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-08] (Google)
R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe [144368 2013-05-25] (Symantec Corporation)
R3 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe [1804256 2013-05-25] (Symantec Corporation)
S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\snac.exe [288656 2013-05-25] (Symantec Corporation)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [544688 2013-01-24] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 2013-01-24] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 2013-01-24] (Cisco Systems, Inc.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 BHDrvx86; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys [1098968 2013-12-17] (Symantec Corporation)
R1 ccSettings_{0807952E-B22C-403B-A5F9-93CF778D514E}; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\ccSetx86.sys [134744 2013-05-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-20] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20140228.012\IDSvix86.sys [394456 2014-01-15] (Symantec Corporation)
R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25624 2008-12-16] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20140228.008\NAVENG.SYS [93272 2013-09-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20140228.008\NAVEX15.SYS [1612376 2013-09-16] (Symantec Corporation)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2686104 2008-12-16] (Logitech Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSP.SYS [603224 2013-05-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSPX.SYS [32344 2013-05-25] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\SyDvCtrl32.sys [28576 2013-05-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMDS.SYS [367704 2013-05-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMEFA.SYS [934488 2013-05-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-09-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\Ironx86.SYS [175264 2013-05-25] (Symantec Corporation)
R1 SYMTDIV; C:\Windows\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMTDIV.SYS [352344 2013-05-25] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [114080 2013-09-22] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [72880 2013-05-25] (Symantec Corporation)
S3 WCG200VistaI386; C:\Windows\System32\DRIVERS\WCG200V2VistaI386.sys [14848 2006-12-18] (Cisco-Linksys, LLC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-28 22:10 - 2014-02-28 22:10 - 00023490 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-02-28 22:09 - 2014-02-28 22:10 - 00000000 ____D () C:\FRST
2014-02-28 22:07 - 2014-02-28 22:07 - 01143808 _____ (Farbar) C:\Users\Michael\Downloads\FRST.exe
2014-02-28 22:01 - 2014-02-28 22:03 - 00003252 _____ () C:\Users\Crystal\Desktop\Rkill.txt
2014-02-28 22:00 - 2014-02-28 22:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Michael\Desktop\rkill.exe
2014-02-27 13:24 - 2014-02-27 13:24 - 00314416 _____ (Dropbox, Inc.) C:\Users\Michael\Downloads\DropboxInstaller(1).exe
2014-02-27 13:19 - 2014-02-28 07:32 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DropboxMaster
2014-02-27 13:19 - 2014-02-27 13:19 - 00000000 ____D () C:\Program Files\Dropbox
2014-02-27 13:16 - 2014-02-27 13:16 - 00314416 _____ (Dropbox, Inc.) C:\Users\Michael\Downloads\DropboxInstaller.exe
2014-02-27 13:14 - 2014-02-27 12:17 - 294967137 _____ () C:\Users\Michael\Desktop\Spanish Career Interview.mov
2014-02-26 21:00 - 2014-02-27 07:36 - 00000000 ____D () C:\Users\Michael\Desktop\Spanish Interview Questions_Andrea Quintanar
2014-02-26 06:57 - 2014-02-26 06:57 - 00012756 _____ () C:\Users\Michael\Desktop\hijackthis.log
2014-02-25 22:12 - 2014-02-25 22:12 - 00625664 _____ () C:\Users\Michael\Desktop\dds.scr
2014-02-25 22:11 - 2014-02-25 22:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Michael\Desktop\HiJackThis.exe
2014-02-25 22:09 - 2014-02-25 22:09 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Desktop\OTL.exe
2014-02-23 14:47 - 2014-02-23 14:47 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\SketchUp
2014-02-23 14:43 - 2014-02-23 14:43 - 00003120 _____ () C:\Windows\system32\ALLFSAF13a.ocx
2014-02-23 14:39 - 2014-02-23 14:39 - 00002063 _____ () C:\Users\Public\Desktop\Style Builder 2013.lnk
2014-02-23 14:39 - 2014-02-23 14:39 - 00001977 _____ () C:\Users\Public\Desktop\LayOut 2013.lnk
2014-02-23 14:39 - 2014-02-23 14:39 - 00001896 _____ () C:\Users\Public\Desktop\SketchUp 2013.lnk
2014-02-23 14:37 - 2014-02-23 14:37 - 00000000 ____D () C:\ProgramData\SketchUp
2014-02-23 14:37 - 2014-02-23 14:37 - 00000000 ____D () C:\Program Files\SketchUp
2014-02-23 14:22 - 2014-02-23 14:25 - 75726696 _____ (Trimble Navigation Limited) C:\Users\Michael\Downloads\SketchUpWEN.exe
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\Users\Crystal\Downloads\TL-WDR4300_V1_130617
2014-02-20 22:11 - 2014-02-20 22:11 - 06028681 _____ () C:\Users\Crystal\Downloads\TL-WDR4300_V1_130617.zip
2014-02-20 21:09 - 2014-02-20 21:09 - 00000000 ____D () C:\Users\Crystal\AppData\Local\Skype
2014-02-20 21:08 - 2014-02-21 02:38 - 00000000 ____D () C:\Users\Crystal\AppData\Roaming\Skype
2014-02-15 00:32 - 2014-02-15 00:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 03:03 - 2014-02-05 02:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:03 - 2014-02-05 02:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:03 - 2014-02-05 02:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:03 - 2014-02-05 02:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:03 - 2014-02-05 02:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:03 - 2014-02-05 02:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:03 - 2014-02-05 02:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:03 - 2014-02-05 02:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:03 - 2014-02-05 02:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:03 - 2014-02-05 02:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:03 - 2014-02-05 02:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:03 - 2014-02-05 02:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:03 - 2014-02-05 02:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:03 - 2014-02-05 02:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:03 - 2014-02-05 02:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:03 - 2014-02-05 02:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 07:13 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-09 15:10 - 2014-02-09 15:12 - 00008943 _____ () C:\Users\Michael\Documents\Pregnancy Costs 2014.xlsx
2014-02-06 20:08 - 2014-02-27 03:21 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-02-06 20:08 - 2014-02-06 20:08 - 00000000 ____D () C:\Users\Michael\AppData\Local\Skype
2014-02-06 20:07 - 2014-02-06 20:09 - 00002487 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-06 20:07 - 2014-02-06 20:07 - 00000000 ___RD () C:\Program Files\Skype
2014-02-06 20:07 - 2014-02-06 20:07 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-06 20:06 - 2014-02-06 20:09 - 00000000 ____D () C:\ProgramData\Skype
==================== One Month Modified Files and Folders =======
2014-02-28 22:10 - 2014-02-28 22:10 - 00023490 _____ () C:\Users\Michael\Downloads\FRST.txt
2014-02-28 22:10 - 2014-02-28 22:09 - 00000000 ____D () C:\FRST
2014-02-28 22:07 - 2014-02-28 22:07 - 01143808 _____ (Farbar) C:\Users\Michael\Downloads\FRST.exe
2014-02-28 22:07 - 2006-11-02 06:45 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 22:07 - 2006-11-02 06:45 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 22:03 - 2014-02-28 22:01 - 00003252 _____ () C:\Users\Crystal\Desktop\Rkill.txt
2014-02-28 22:00 - 2014-02-28 22:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Michael\Desktop\rkill.exe
2014-02-28 21:37 - 2008-08-07 07:10 - 02002980 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 21:29 - 2011-01-24 21:24 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001UA.job
2014-02-28 21:24 - 2012-05-26 05:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-28 21:15 - 2012-02-26 20:51 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 07:32 - 2014-02-27 13:19 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DropboxMaster
2014-02-28 07:32 - 2013-02-08 18:19 - 00000000 ___RD () C:\Users\Michael\Dropbox
2014-02-28 07:32 - 2013-02-08 06:51 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Dropbox
2014-02-28 07:31 - 2008-08-21 13:31 - 00000000 ____D () C:\MDT
2014-02-28 07:29 - 2012-02-26 20:51 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 03:43 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\rescache
2014-02-28 03:28 - 2008-08-22 16:18 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-28 03:28 - 2006-11-02 06:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-28 03:26 - 2006-11-02 06:58 - 00032646 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-28 00:29 - 2011-01-24 21:24 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001Core.job
2014-02-27 22:34 - 2013-06-22 12:06 - 00027532 _____ () C:\Users\Michael\Documents\Churning.xlsx
2014-02-27 20:56 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\tracing
2014-02-27 13:27 - 2013-02-08 18:19 - 00000927 _____ () C:\Users\Michael\Desktop\Dropbox.lnk
2014-02-27 13:27 - 2013-02-08 10:09 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-27 13:24 - 2014-02-27 13:24 - 00314416 _____ (Dropbox, Inc.) C:\Users\Michael\Downloads\DropboxInstaller(1).exe
2014-02-27 13:19 - 2014-02-27 13:19 - 00000000 ____D () C:\Program Files\Dropbox
2014-02-27 13:16 - 2014-02-27 13:16 - 00314416 _____ (Dropbox, Inc.) C:\Users\Michael\Downloads\DropboxInstaller.exe
2014-02-27 12:17 - 2014-02-27 13:14 - 294967137 _____ () C:\Users\Michael\Desktop\Spanish Career Interview.mov
2014-02-27 07:36 - 2014-02-26 21:00 - 00000000 ____D () C:\Users\Michael\Desktop\Spanish Interview Questions_Andrea Quintanar
2014-02-27 03:21 - 2014-02-06 20:08 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-02-27 03:12 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-27 03:03 - 2006-11-02 04:33 - 00752894 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 17:30 - 2008-08-31 07:26 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Mozilla
2014-02-26 06:57 - 2014-02-26 06:57 - 00012756 _____ () C:\Users\Michael\Desktop\hijackthis.log
2014-02-26 03:35 - 2008-01-20 21:02 - 00135714 _____ () C:\Windows\PFRO.log
2014-02-25 22:12 - 2014-02-25 22:12 - 00625664 _____ () C:\Users\Michael\Desktop\dds.scr
2014-02-25 22:11 - 2014-02-25 22:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Michael\Desktop\HiJackThis.exe
2014-02-25 22:09 - 2014-02-25 22:09 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Desktop\OTL.exe
2014-02-23 14:55 - 2010-01-10 21:35 - 00000000 ____D () C:\Users\Michael\9216 N Timber Lane
2014-02-23 14:47 - 2014-02-23 14:47 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\SketchUp
2014-02-23 14:43 - 2014-02-23 14:43 - 00003120 _____ () C:\Windows\system32\ALLFSAF13a.ocx
2014-02-23 14:39 - 2014-02-23 14:39 - 00002063 _____ () C:\Users\Public\Desktop\Style Builder 2013.lnk
2014-02-23 14:39 - 2014-02-23 14:39 - 00001977 _____ () C:\Users\Public\Desktop\LayOut 2013.lnk
2014-02-23 14:39 - 2014-02-23 14:39 - 00001896 _____ () C:\Users\Public\Desktop\SketchUp 2013.lnk
2014-02-23 14:37 - 2014-02-23 14:37 - 00000000 ____D () C:\ProgramData\SketchUp
2014-02-23 14:37 - 2014-02-23 14:37 - 00000000 ____D () C:\Program Files\SketchUp
2014-02-23 14:25 - 2014-02-23 14:22 - 75726696 _____ (Trimble Navigation Limited) C:\Users\Michael\Downloads\SketchUpWEN.exe
2014-02-22 13:12 - 2014-01-19 13:41 - 00011184 _____ () C:\Users\Michael\Documents\cell phone and WiFi speed test.xlsx
2014-02-22 09:24 - 2012-10-21 18:43 - 00056832 _____ () C:\Users\Michael\Desktop\Crystal's Running Distances.xls
2014-02-22 03:30 - 2013-10-16 00:52 - 00007464 _____ () C:\Windows\system32\spsys.log
2014-02-21 02:38 - 2014-02-20 21:08 - 00000000 ____D () C:\Users\Crystal\AppData\Roaming\Skype
2014-02-20 23:24 - 2012-05-26 05:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-20 23:24 - 2011-06-04 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\Users\Crystal\Downloads\TL-WDR4300_V1_130617
2014-02-20 22:11 - 2014-02-20 22:11 - 06028681 _____ () C:\Users\Crystal\Downloads\TL-WDR4300_V1_130617.zip
2014-02-20 21:09 - 2014-02-20 21:09 - 00000000 ____D () C:\Users\Crystal\AppData\Local\Skype
2014-02-20 20:21 - 2013-07-30 05:59 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-16 03:19 - 2012-11-30 23:11 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 00:33 - 2014-02-15 00:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 03:14 - 2013-08-13 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 03:10 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-09 15:12 - 2014-02-09 15:10 - 00008943 _____ () C:\Users\Michael\Documents\Pregnancy Costs 2014.xlsx
2014-02-06 20:09 - 2014-02-06 20:07 - 00002487 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-06 20:09 - 2014-02-06 20:06 - 00000000 ____D () C:\ProgramData\Skype
2014-02-06 20:08 - 2014-02-06 20:08 - 00000000 ____D () C:\Users\Michael\AppData\Local\Skype
2014-02-06 20:07 - 2014-02-06 20:07 - 00000000 ___RD () C:\Program Files\Skype
2014-02-06 20:07 - 2014-02-06 20:07 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-05 02:58 - 2014-02-14 03:03 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:56 - 2014-02-14 03:03 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 02:53 - 2014-02-14 03:03 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:51 - 2014-02-14 03:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 02:50 - 2014-02-14 03:03 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 02:49 - 2014-02-14 03:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 02:49 - 2014-02-14 03:03 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 02:48 - 2014-02-14 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 02:48 - 2014-02-14 03:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 02:48 - 2014-02-14 03:03 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 02:48 - 2014-02-14 03:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 02:48 - 2014-02-14 03:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 02:47 - 2014-02-14 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 02:47 - 2014-02-14 03:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 02:47 - 2014-02-14 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 02:46 - 2014-02-14 03:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
Some content of TEMP:
====================
C:\Users\Crystal\AppData\Local\temp\lowproc.exe
C:\Users\Crystal\AppData\Local\temp\stubhelper.dll
C:\Users\Michael\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpizyh1u.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 15:35
==================== End Of Log ============================
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-02-2014 02
Ran by Crystal at 2014-02-28 22:10:59
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
32 bit Windows Card Reader Driver (HKLM\...\{CE6DEE87-1C87-42ED-A108-7369BFE9076F}) (Version: 1.1.0.0 - TEAC)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.7.186 - Adobe Systems Incorporated)
Acrobat.com (Version: 1.7.186 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.2 - Adobe Systems)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.2 - Adobe Systems) Hidden
Adobe Acrobat 9.5.2 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_952) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
ArcSoft Print Creations (HKLM\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version: - ArcSoft)
ASPCA Reminder by We-Care.com v5.0.7.1 (HKLM\...\{EE5AC0B6-A4CA-4829-8B1D-C1CBF1596B8D}) (Version: 5.0.7.1 - We-Care.com)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM\...\Software Guide) (Version: 1.3.0.1 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Personal Printing Guide (HKLM\...\Personal Printing Guide) (Version: 1.1.1.3 - Canon Inc.)
Canon PowerShot SD4500 IS_IXUS 1000 HS Camera User Guide (HKLM\...\CameraUserGuide-PSSD4500IS_IXUS1000HS) (Version: 1.0.0.1 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)
CBLight 2009 (HKLM\...\CBLight 2009) (Version: 2009 - ChessBase GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.02040 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.02040 - Cisco Systems, Inc.) Hidden
Comcast Desktop Software (v1.2.0.9) (HKLM\...\{CEF7211D-CE3A-44C4-B321-D84A2099AE94}) (Version: 23 - Comcast)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conference Preliminary Program 2010 (HKLM\...\d4c7b8d04ba029e25bdee5f4d1148e88.8A83BD0BE459142F50C111755484E359D8DBFFF2.1) (Version: 2010-01-28 16:28:28 - Nxtbook Media, LLC)
Conference Preliminary Program 2010 (Version: 255.01.28 - Nxtbook Media, LLC) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows4.0) (Version: 4.0 - Coupons, Inc.) <==== ATTENTION
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated) <==== ATTENTION
Data Lifeguard Diagnostic for Windows 1.24 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dell DataSafe Online (HKLM\...\{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}) (Version: 1.0.21 - Dell, Inc.)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.10.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)
DiskCheckup v3.1 (HKLM\...\DiskCheckup_is1) (Version: 3.1.1001 - PassMark Software)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
EOS 20D WIA Driver (HKLM\...\EOS 20D WIA Driver) (Version: 6.0.0.4 - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )
iCloud (HKLM\...\{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}) (Version: 1.0.2.17 - Apple Inc.)
Intel® PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version: - Intel)
Intel® PRO Network Connections 12.1.11.0 (Version: - Intel) Hidden
iPhone Configuration Utility (HKLM\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.300 - Oracle)
Linksys WCG200 ver. 2 Wireless-G Cable Gateway (HKLM\...\Linksys WCG200 Uninstall) (Version: - )
Logitech QuickCam (HKLM\...\{937B232D-9776-471E-92BD-D424E514EF14}) (Version: 11.90.1263 - Logitech Inc.)
Logitech QuickCam Driver Package (HKLM\...\lvdrivers_11.90) (Version: - )
Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Logitech, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{710BF966-43C8-4216-A8EC-BC4E169FF7C1}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netflix Movie Viewer (HKLM\...\{BCE72AED-3332-4863-9567-C5DCB9052CA2}) (Version: 1.2.211 - Netflix)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0 - Dell)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
RSA SecurID Software Token (HKLM\...\{4C3FFAF4-133E-46BF-8498-E67FF90E2823}) (Version: 3.0.6.0000 - RSA Security)
RuntimeLibsVC05 (HKLM\...\{83EE1D72-072F-4381-AF50-5F0133AE8715}) (Version: 1.2.0 - Microsoft)
SketchUp 2013 (HKLM\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype™ 6.13 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SpywareBlaster 4.5 (HKLM\...\SpywareBlaster_is1) (Version: 4.5.0 - Javacool Software LLC)
Stamps.com (HKLM\...\Stamps.com) (Version: - Stamps.com, Inc.)
Stamps.com (Version: 10.1.1.2456 - Stamps.com, Inc.) Hidden
Symantec Endpoint Protection (HKLM\...\{8693E64C-16F3-4388-ACC0-9E8D586BEC17}) (Version: 12.1.3001.165 - Symantec Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
WhoCrashed 3.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Logitech HIDClass (10/16/2006 1.0) (HKLM\...\1EC636D2DBA2D9924E02E10DA797DEC16306C1A9) (Version: 10/16/2006 1.0 - Logitech)
WinZip 14.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}) (Version: 14.0.9029 - WinZip Computing, S.L. )
==================== Restore Points =========================
21-02-2014 09:00:14 Windows Update
22-02-2014 09:00:14 Windows Update
23-02-2014 06:00:17 Scheduled Checkpoint
23-02-2014 09:00:13 Windows Update
23-02-2014 20:33:40 Installed SketchUp 2013
24-02-2014 09:00:16 Windows Update
25-02-2014 07:01:55 Scheduled Checkpoint
25-02-2014 09:00:15 Windows Update
26-02-2014 06:01:05 Scheduled Checkpoint
26-02-2014 09:00:13 Windows Update
27-02-2014 06:00:15 Scheduled Checkpoint
27-02-2014 09:00:13 Windows Update
28-02-2014 08:25:45 Scheduled Checkpoint
28-02-2014 09:00:13 Windows Update
01-03-2014 01:27:59 Scheduled Checkpoint
==================== Hosts content: ==========================
2006-11-02 04:23 - 2012-01-07 09:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0775B3AB-EA54-4228-805F-B7EBDDB52C91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {5C318F7F-3AAF-4C3C-B09A-28C6E01964A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001UA => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-16] (Google Inc.)
Task: {72A5DD84-69D3-4969-99A2-E6041F8646C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {89DF9B0F-C16D-40F5-AF9A-BF0DF66007DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {906E4D1D-9501-49D1-BC55-2DD9112D5453} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {913F5BD0-AE89-4D96-9690-2E92C88C886C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Crystal => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {A265174F-E01A-40ED-9BCF-7CF0B419DC55} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {AF831E3D-7D1F-474B-A554-A504C7E2587C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001Core => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-16] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001Core.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1218617016-3022421040-3124855728-1001UA.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-07 12:22 - 2010-09-08 11:21 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2012-01-13 22:13 - 2009-02-27 14:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2012-01-13 22:13 - 2009-02-27 14:32 - 00020480 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2008-12-20 07:50 - 2008-12-20 07:50 - 02656528 _____ () C:\Program Files\Logitech\QuickCam\Quickcam.exe
2011-01-29 09:57 - 2011-01-29 09:57 - 00061496 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
2014-02-28 07:31 - 2014-02-28 07:31 - 00043008 _____ () c:\users\michael\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpizyh1u.dll
2013-10-18 17:55 - 2013-10-18 17:55 - 25100288 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libcef.dll
2008-12-20 07:46 - 2008-12-20 07:46 - 00558864 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-02-15 00:32 - 2014-02-15 00:33 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-20 23:24 - 2014-02-20 23:24 - 16265096 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/28/2014 07:02:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15615
Error: (02/28/2014 07:02:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15615
Error: (02/28/2014 07:02:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2014 02:30:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13494
Error: (02/28/2014 02:30:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13494
Error: (02/28/2014 02:30:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2014 02:30:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12496
Error: (02/28/2014 02:30:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12496
Error: (02/28/2014 02:30:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2014 02:30:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11497
System errors:
=============
Error: (02/28/2014 03:32:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x8004402fUpdate for Windows Driver Framework version 1.11 for Windows Vista (KB2761494){8880B41A-0913-4771-A4A4-521771E8E754}201
Error: (02/28/2014 03:32:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x800f0826Security Update for Windows Vista (KB2884256){3CCC50A0-55A5-400B-9D88-0724EB4B6438}201
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB971286~31bf3856ad364e35~x86~~6.0.1.9 () into Staged(Staged) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB971286_client~31bf3856ad364e35~x86~~6.0.1.9 () into Staged(Staged) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB971286_client_2~31bf3856ad364e35~x86~~6.0.1.9 () into Staged(Staged) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB971286_client_1~31bf3856ad364e35~x86~~6.0.1.9 () into Staged(Staged) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB971286_client_0~31bf3856ad364e35~x86~~6.0.1.9 () into Staged(Staged) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB2884256~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB2884256_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
Error: (02/28/2014 03:32:27 AM) (Source: Microsoft-Windows-Servicing) (User: )
Description: Windows Servicing failed to complete the process of setting package Package_for_KB2884256_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
Microsoft Office Sessions:
=========================
Error: (11/08/2012 09:03:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 940 seconds with 300 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-02-28 22:10:35.328
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:35.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:34.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:34.390
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:26.358
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:26.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:25.718
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 22:10:25.333
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 11:40:37.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-28 11:40:37.246
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 67%
Total physical RAM: 2036.45 MB
Available physical RAM: 667.61 MB
Total Pagefile: 4314.18 MB
Available Pagefile: 2573.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.49 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:90.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.43 GB) NTFS
Drive e: (Spanish Interview Questions) (CDROM) (Total:0.28 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 18000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=223 GB) - (Type=07 NTFS)
==================== End Of Log ============================