[Shirleys961]

Hi,

So I did a restore back to 07.25.14 because the only closer restore point was on the day of the red screen and that one didn't take. The only thing that it said it didn't restore was something having to do with Adobe.

[Advertisements]

Run this is Safe Mode please ...

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.




Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:




Go to Step 4 and under "System Restore" click on Create button:




Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.



Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

[Machiavelli]

Run this is Safe Mode please ...

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.




Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:




Go to Step 4 and under "System Restore" click on Create button:




Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.



Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

[Shirleys961]

And FYI, once again my original problem is happening.

[Shirleys961]

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: SHIRLEY-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Shirley
Current Profile SID: S-1-5-21-2944147335-3770540022-3163696298-1001
Current Profile Classes: S-1-5-21-2944147335-3770540022-3163696298-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Shirley\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:38:04

Process Count: 30
Commit Total: 948.81 MB
Commit Limit: 7.81 GB
Commit Peak: 2.36 GB
Handle Count: 7937
Kernel Total: 375.45 MB
Kernel Paged: 310.57 MB
Kernel Non Paged: 64.88 MB
System Cache: 3.00 GB
Thread Count: 360
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.91 GB
Memory Used: 1.03 GB(26.3904%)
Memory Avail.: 2.88 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.91 GB
Memory Used: 802.64 MB(20.0604%)
Memory Avail.: 3.12 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (8/5/2014 7:17:26 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (8/5/2014 7:17:29 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:17:34 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (8/5/2014 7:17:34 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:20:24 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (8/5/2014 7:20:24 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:21:48 PM)

03 - Reset Service Permissions
   Start (8/5/2014 7:21:48 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:21:58 PM)

04 - Register System Files
   Start (8/5/2014 7:21:58 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:22:10 PM)

05 - Repair WMI
   Start (8/5/2014 7:22:10 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Trend Micro Titanium Exported.

   Exporting AntiSpyware Info...
   Trend Micro Titanium Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.

   Running Repair Under Current User Account
   Done (8/5/2014 7:26:00 PM)

06 - Repair Windows Firewall
   Start (8/5/2014 7:26:00 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:26:35 PM)

07 - Repair Internet Explorer
   Start (8/5/2014 7:26:35 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:26:49 PM)

08 - Repair MDAC/MS Jet
   Start (8/5/2014 7:26:49 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:26:55 PM)

09 - Repair Hosts File
   Start (8/5/2014 7:26:55 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:26:58 PM)

10 - Remove Policies Set By Infections
   Start (8/5/2014 7:26:58 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:05 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (8/5/2014 7:27:05 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:08 PM)

12 - Repair Icons
   Start (8/5/2014 7:27:08 PM)
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:11 PM)

13 - Repair Winsock & DNS Cache
   Start (8/5/2014 7:27:11 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:27 PM)

15 - Repair Proxy Settings
   Start (8/5/2014 7:27:27 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:33 PM)

17 - Repair Windows Updates
   Start (8/5/2014 7:27:33 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (8/5/2014 7:27:44 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (8/5/2014 7:27:44 PM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (8/5/2014 7:27:44 PM)

19 - Repair Volume Shadow Copy Service
   Start (8/5/2014 7:27:44 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:27:57 PM)

21 - Repair MSI (Windows Installer)
   Start (8/5/2014 7:27:57 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:03 PM)

23.01 - Repair bat Association
   Start (8/5/2014 7:28:03 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:09 PM)

23.02 - Repair cmd Association
   Start (8/5/2014 7:28:09 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:15 PM)

23.03 - Repair com Association
   Start (8/5/2014 7:28:15 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:21 PM)

23.04 - Repair Directory Association
   Start (8/5/2014 7:28:21 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:27 PM)

23.05 - Repair Drive Association
   Start (8/5/2014 7:28:27 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:34 PM)

23.06 - Repair exe Association
   Start (8/5/2014 7:28:34 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:40 PM)

23.07 - Repair Folder Association
   Start (8/5/2014 7:28:40 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:46 PM)

23.08 - Repair inf Association
   Start (8/5/2014 7:28:46 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:52 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (8/5/2014 7:28:52 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:28:58 PM)

23.10 - Repair msc Association
   Start (8/5/2014 7:28:58 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:04 PM)

23.11 - Repair reg Association
   Start (8/5/2014 7:29:04 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:11 PM)

23.12 - Repair scr Association
   Start (8/5/2014 7:29:11 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:17 PM)

24 - Repair Windows Safe Mode
   Start (8/5/2014 7:29:17 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:23 PM)

25 - Repair Print Spooler
   Start (8/5/2014 7:29:23 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:29 PM)

26 - Restore Important Windows Services
   Start (8/5/2014 7:29:29 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:35 PM)

27 - Set Windows Services To Default Startup
   Start (8/5/2014 7:29:35 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:41 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

31 - Repair Windows 'New' Submenu
   Start (8/5/2014 7:29:41 PM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (8/5/2014 7:29:48 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (8/5/2014 7:29:48 PM)
   Total Repair Time: 00:12:24


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 

[Machiavelli]

Still issues?

[Shirleys961]

Still issues?

Hi,

Well, I haven't been on much since I did all that but so far it doesn't seem that there are any.

[Shirleys961]

 

Still issues?

Hi,

Well, I haven't been on much since I did all that but so far it doesn't seem that there are any.

 

My adobe flash plugin keeps crashing but I'm not sure that is part of the same issue.

[Machiavelli]

I mean if you still get the red screen. Meanwhile I got a response of the MBAM Experts ...

[Shirleys961]

I mean if you still get the red screen. Meanwhile I got a response of the MBAM Experts ...

No, no more red screen.

[Machiavelli]

Perfect!

• Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
• Click Scan to start FRST.
• When FRST finishes scanning, a log, FRST.txt, will open.
• Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

[Shirleys961]

Perfect!

• Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
• Click Scan to start FRST.
• When FRST finishes scanning, a log, FRST.txt, will open.
• Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2014
Ran by Shirley (administrator) on SHIRLEY-PC on 07-08-2014 20:00:07
Running from C:\Users\Shirley\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
() C:\Program Files (x86)\DELL\DELLOSD\TestDispChangedEvent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Atheros Communication) C:\Program Files (x86)\Atheros Direct Connect\P2PUIMain.exe
(Global Graphics Software Ltd.) C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe
() C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
() C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
(DELL COMPUTER INC.) C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Identity Force) C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\dps.exe
(Identity Force) C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\pl.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Dell, Inc.) C:\Program Files (x86)\DELL\Dell Datasafe Online\NOBuAgent.exe
(Chicony) C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(DELL) C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros Communications, Inc.) C:\Program Files (x86)\Atheros Direct Connect\DCWpaSupplicant.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Identity Force) C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\epservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Identity Force) C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\ep.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Global Graphics Software Ltd) C:\Windows\System32\CorelCreatorMessages.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Atheros Communication Inc.) C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
() C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DCHostUI] => C:\Program Files (x86)\Atheros Direct Connect\P2PUIMain.exe [366592 2011-03-31] (Atheros Communication)
HKLM\...\Run: [CorelCreatorClient] => C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe [779776 2011-12-13] (Global Graphics Software Ltd.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1111568 2011-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [197152 2011-02-10] (Trend Micro Inc.)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [DELLOSD] => C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe [49152 2010-12-06] ()
HKLM-x32\...\Run: [Chicony_OSD] => C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [53248 2011-01-12] ()
HKLM-x32\...\Run: [StickyNotesWidget] => c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe [666344 2011-03-18] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [Data Protection Suite] => C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\dps.exe [1280304 2014-06-24] (Identity Force)
HKLM-x32\...\Run: [PhishLock] => C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\pl.exe [802608 2014-06-24] (Identity Force)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2014-06-21] (Sensible Vision )
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [FAStartup] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-07-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [241280 2013-01-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [241280 2013-01-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-07-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-2944147335-3770540022-3163696298-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\Users\Shirley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: mozy -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: mozy2 -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: mozy3 -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Shirley\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x206FF790C392CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: IDF Online Identity Protection Tools -> {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} -> C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\epbho64.dll (Identity Force)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: IDF Online Identity Protection Tools -> {ff507020-a257-4527-a222-b6f5732e55ee} -> C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\plbho64.dll (Identity Force)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: IDF Online Identity Protection Tools -> {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} -> C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\epbho32.dll (Identity Force)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDF Online Identity Protection Tools -> {ff507020-a257-4527-a222-b6f5732e55ee} -> C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\plbho32.dll (Identity Force)
DPF: HKLM-x32 {16F67783-7E72-4C39-99C4-4780A8335484} http://www.syncmyrid...pplets/sync.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} -  No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\lt48o1wl.default-1376771811605
FF Homepage: hxxp://att.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 -> C:\Program Files (x86)\SentryBay\Update\1.0.0.6634\npSentryBayOneClick8.dll (SentryBay)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Shirley\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\ffext
FF Extension: IDF Online Identity Protection Tools - C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\ffext [2013-03-30]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\ffext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-06-25]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Extension: (No Name) - C:\Users\Shirley\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [bjaehcnihbogidpfieaepehilfecnodk] - C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\phishlock.crx [2007-04-01]
CHR HKLM-x32\...\Chrome\Extension: [jfcbnjcmfbnplpojfdkfajamgpocofdh] - C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\phishlock.crx [2007-04-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-02-16] (Atheros) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R3 CorelCreatorMessages; C:\Windows\system32\CorelCreatorMessages.exe [105984 2011-12-13] (Global Graphics Software Ltd) [File not signed]
R3 DCDhcpService; C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe [100352 2011-03-31] (Atheros Communication Inc.) [File not signed]
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [98304 2011-05-27] () [File not signed]
R2 EntryProtect; C:\Program Files (x86)\Identity Force\IDF Online Identity Protection Tools\epservice.exe [46896 2014-06-24] (Identity Force)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [437080 2014-07-01] (Garmin Ltd or its subsidiaries)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1072664 2013-05-29] (iolo technologies, LLC)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54040 2011-09-29] (Mozy, Inc.)
R2 OSDSvc; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [176128 2010-12-01] (Chicony) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 1999-12-31] (Realtek Semiconductor)
S2 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [138600 2013-03-30] (SentryBay)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-13] (AVG Technologies)
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [31432 2012-04-17] (EldoS Corporation)
R3 epfilter; C:\Windows\system32\drivers\epfilter.sys [21312 2014-06-25] (SentryBay)
S3 FACAP; C:\Windows\System32\DRIVERS\facap.sys [38400 2012-09-03] (Windows ® Win 7 DDK provider)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-02] (Malwarebytes Corporation)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-21] (Mozy, Inc.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-05] ()
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2012-02-08] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2012-02-08] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2012-02-08] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2012-02-08] (Trend Micro Inc.)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-07 20:00 - 2014-08-07 20:00 - 00036305 _____ () C:\Users\Shirley\Desktop\FRST.txt
2014-08-07 19:59 - 2014-08-07 19:59 - 00000000 ____D () C:\Users\Shirley\Desktop\FRST-OlderVersion
2014-08-05 20:03 - 2014-08-05 20:03 - 00000000 ___RD () C:\Users\Shirley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-05 19:03 - 2014-08-05 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-05 19:03 - 2014-08-05 19:03 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-05 18:45 - 2014-08-05 18:55 - 00000163 _____ () C:\Windows\Reimage.ini
2014-08-02 20:11 - 2014-08-04 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-02 20:11 - 2014-08-04 18:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-02 20:11 - 2014-08-02 20:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-02 20:11 - 2014-08-02 20:11 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-02 20:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-02 20:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-02 20:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-02 20:07 - 2014-08-02 20:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Shirley\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-02 14:16 - 2014-08-02 14:16 - 00415232 _____ (Farbar) C:\Users\Shirley\Downloads\FSS(1).exe
2014-08-02 13:53 - 2014-08-07 19:59 - 00000000 ____D () C:\Users\Shirley\Desktop\New folder
2014-07-31 20:41 - 2014-07-31 20:41 - 00002685 _____ () C:\Users\Shirley\Downloads\FSS.txt
2014-07-30 20:22 - 2014-07-30 20:22 - 627571403 _____ () C:\Windows\MEMORY.DMP
2014-07-30 20:22 - 2014-07-30 20:22 - 00279240 _____ () C:\Windows\Minidump\073014-22994-01.dmp
2014-07-29 20:41 - 2014-07-29 20:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 20:08 - 2014-07-29 20:08 - 00002338 _____ () C:\Users\Shirley\Downloads\AdwCleaner[S1].txt
2014-07-29 20:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-29 19:34 - 2014-08-05 20:05 - 00000000 ___RD () C:\Users\Shirley\Google Drive
2014-07-29 19:34 - 2014-07-29 19:34 - 00001707 _____ () C:\Users\Shirley\Desktop\Google Drive.lnk
2014-07-29 19:32 - 2014-07-29 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-29 19:27 - 2014-08-07 19:51 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 19:27 - 2014-08-07 19:51 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 19:27 - 2014-07-29 19:27 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-29 19:27 - 2014-07-29 19:27 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-29 19:25 - 2014-07-29 19:25 - 00895120 _____ (Google Inc.) C:\Users\Shirley\Downloads\googledrivesync.exe
2014-07-29 19:19 - 2014-07-29 19:19 - 00000000 ____D () C:\Users\Shirley\AppData\Local\Adobe
2014-07-28 20:29 - 2014-07-28 20:30 - 00120442 _____ () C:\Users\Shirley\Downloads\Addition.txt
2014-07-28 20:27 - 2014-07-28 20:30 - 00056952 _____ () C:\Users\Shirley\Downloads\FRST.txt
2014-07-28 20:26 - 2014-08-07 20:00 - 00000000 ____D () C:\FRST
2014-07-28 20:25 - 2014-08-07 19:59 - 02094080 _____ (Farbar) C:\Users\Shirley\Desktop\FRST64.exe
2014-07-24 10:42 - 2014-07-24 10:45 - 06205151 _____ () C:\Users\Shirley\Downloads\Attachments_2014724.zip
2014-07-24 09:11 - 2014-07-27 14:53 - 00000000 ____D () C:\Users\Shirley\Desktop\Recipes
2014-07-21 18:14 - 2014-07-21 18:14 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-21 18:13 - 2014-07-21 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-21 15:20 - 2014-07-21 15:20 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 15:20 - 2014-07-21 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 15:19 - 2014-07-21 15:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 15:19 - 2014-07-21 15:20 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 15:19 - 2014-07-21 15:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 15:19 - 2014-07-21 15:19 - 00000000 ____D () C:\Program Files\iPod
2014-07-21 08:58 - 2014-08-04 19:23 - 00000000 ____D () C:\Users\Shirley\Desktop\Avery-Max-Hudson
2014-07-10 20:38 - 2014-07-10 20:39 - 03695061 _____ () C:\Users\Shirley\Downloads\Attachments_2014710.zip
2014-07-10 20:14 - 2014-08-05 20:03 - 00001064 _____ () C:\Windows\setupact.log
2014-07-10 20:14 - 2014-07-10 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 19:08 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 19:08 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 19:08 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 19:08 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 19:07 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 19:07 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 19:07 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 19:07 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 19:06 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 19:06 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 19:06 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 19:05 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 19:05 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 19:05 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 19:05 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 19:05 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 19:05 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 19:05 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 19:05 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 19:05 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 19:05 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 19:05 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 19:05 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 19:05 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 19:05 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 19:05 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 19:05 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 19:05 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 19:05 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 19:05 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 19:05 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 19:05 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 19:05 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 19:05 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 19:05 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 19:05 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 19:05 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 19:05 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 19:05 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 19:05 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 19:05 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 19:05 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 19:05 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 19:05 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 19:05 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 19:05 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 19:05 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 19:05 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 19:05 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 19:05 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 19:05 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 19:05 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 19:05 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 19:05 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 19:05 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 19:05 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 19:05 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 19:05 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 19:05 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 19:05 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 19:05 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 19:05 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 19:05 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 19:05 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 19:05 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 19:05 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 19:04 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 19:03 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 19:03 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 19:03 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-07 20:00 - 2014-08-07 20:00 - 00036305 _____ () C:\Users\Shirley\Desktop\FRST.txt
2014-08-07 20:00 - 2014-07-28 20:26 - 00000000 ____D () C:\FRST
2014-08-07 19:59 - 2014-08-07 19:59 - 00000000 ____D () C:\Users\Shirley\Desktop\FRST-OlderVersion
2014-08-07 19:59 - 2014-08-02 13:53 - 00000000 ____D () C:\Users\Shirley\Desktop\New folder
2014-08-07 19:59 - 2014-07-28 20:25 - 02094080 _____ (Farbar) C:\Users\Shirley\Desktop\FRST64.exe
2014-08-07 19:59 - 2013-03-30 17:40 - 00000926 _____ () C:\Windows\Tasks\SentryBayUpdateTaskMachineCore.job
2014-08-07 19:51 - 2014-07-29 19:27 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-07 19:51 - 2014-07-29 19:27 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-07 19:51 - 2013-03-30 17:40 - 00000930 _____ () C:\Windows\Tasks\SentryBayUpdateTaskMachineUA.job
2014-08-07 19:51 - 2012-04-10 20:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-06 22:42 - 2011-09-29 10:50 - 00003612 _____ () C:\Windows\mozy.flt
2014-08-06 22:42 - 2011-09-29 10:50 - 00003606 _____ () C:\Windows\mozy.blk
2014-08-06 21:35 - 2012-01-05 21:12 - 01887196 _____ () C:\Windows\WindowsUpdate.log
2014-08-06 07:19 - 2012-04-22 09:55 - 00000000 ____D () C:\Users\Shirley\Desktop\ALL
2014-08-06 07:12 - 2009-07-14 01:13 - 00799168 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 20:10 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-05 20:10 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-05 20:06 - 2013-05-12 17:03 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-05 20:06 - 2013-05-12 17:03 - 00002844 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2014-08-05 20:06 - 2013-05-12 17:03 - 00000414 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-08-05 20:05 - 2014-07-29 19:34 - 00000000 ___RD () C:\Users\Shirley\Google Drive
2014-08-05 20:05 - 2012-01-05 21:36 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-05 20:04 - 2012-01-05 21:45 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-05 20:04 - 2012-01-05 21:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-05 20:03 - 2014-08-05 20:03 - 00000000 ___RD () C:\Users\Shirley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-05 20:03 - 2014-07-10 20:14 - 00001064 _____ () C:\Windows\setupact.log
2014-08-05 20:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-05 19:54 - 2012-02-04 13:38 - 00088616 _____ () C:\Users\Shirley\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 19:53 - 2010-11-20 23:47 - 02440986 _____ () C:\Windows\PFRO.log
2014-08-05 19:53 - 2009-07-14 00:45 - 00385152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-05 19:26 - 2009-07-13 22:34 - 00000567 _____ () C:\Windows\win.ini
2014-08-05 19:22 - 2011-02-10 12:10 - 00799168 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-05 19:03 - 2014-08-05 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-05 19:03 - 2014-08-05 19:03 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-05 18:55 - 2014-08-05 18:45 - 00000163 _____ () C:\Windows\Reimage.ini
2014-08-04 19:23 - 2014-07-21 08:58 - 00000000 ____D () C:\Users\Shirley\Desktop\Avery-Max-Hudson
2014-08-04 18:44 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-04 18:33 - 2012-02-04 12:35 - 00000000 ____D () C:\Users\Shirley
2014-08-04 18:32 - 2014-08-02 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-04 18:32 - 2014-08-02 20:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-04 18:32 - 2014-06-25 21:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAccess Facial Recognition
2014-08-04 18:32 - 2014-06-20 20:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-04 18:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-08-02 20:16 - 2014-08-02 20:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-02 20:11 - 2014-08-02 20:11 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-02 20:11 - 2014-01-18 10:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-02 20:10 - 2014-08-02 20:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Shirley\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-02 14:16 - 2014-08-02 14:16 - 00415232 _____ (Farbar) C:\Users\Shirley\Downloads\FSS(1).exe
2014-08-01 21:35 - 2013-09-22 20:54 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-31 20:41 - 2014-07-31 20:41 - 00002685 _____ () C:\Users\Shirley\Downloads\FSS.txt
2014-07-31 19:40 - 2012-04-07 10:35 - 00000000 ____D () C:\Users\Shirley\AppData\Local\CrashDumps
2014-07-30 21:08 - 2012-02-04 13:55 - 00000000 ____D () C:\Users\Shirley\AppData\Local\Nero
2014-07-30 20:22 - 2014-07-30 20:22 - 627571403 _____ () C:\Windows\MEMORY.DMP
2014-07-30 20:22 - 2014-07-30 20:22 - 00279240 _____ () C:\Windows\Minidump\073014-22994-01.dmp
2014-07-30 20:22 - 2012-02-09 06:33 - 00000000 ____D () C:\Windows\Minidump
2014-07-30 20:21 - 2012-05-03 20:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 20:41 - 2014-07-29 20:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 20:08 - 2014-07-29 20:08 - 00002338 _____ () C:\Users\Shirley\Downloads\AdwCleaner[S1].txt
2014-07-29 20:04 - 2014-01-18 09:48 - 00000000 ____D () C:\AdwCleaner
2014-07-29 19:46 - 2012-04-07 09:27 - 00003364 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-07-29 19:46 - 2012-04-07 09:27 - 00000000 ____D () C:\ProgramData\PogoDGC
2014-07-29 19:46 - 2012-04-07 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games
2014-07-29 19:46 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-29 19:34 - 2014-07-29 19:34 - 00001707 _____ () C:\Users\Shirley\Desktop\Google Drive.lnk
2014-07-29 19:32 - 2014-07-29 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-29 19:32 - 2014-05-21 21:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-29 19:32 - 2013-01-13 11:59 - 00000000 ____D () C:\Users\Shirley\AppData\Local\Google
2014-07-29 19:27 - 2014-07-29 19:27 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-29 19:27 - 2014-07-29 19:27 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-29 19:25 - 2014-07-29 19:25 - 00895120 _____ (Google Inc.) C:\Users\Shirley\Downloads\googledrivesync.exe
2014-07-29 19:19 - 2014-07-29 19:19 - 00000000 ____D () C:\Users\Shirley\AppData\Local\Adobe
2014-07-28 20:30 - 2014-07-28 20:29 - 00120442 _____ () C:\Users\Shirley\Downloads\Addition.txt
2014-07-28 20:30 - 2014-07-28 20:27 - 00056952 _____ () C:\Users\Shirley\Downloads\FRST.txt
2014-07-28 20:11 - 2012-02-08 21:37 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-07-27 15:35 - 2012-04-10 20:24 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-27 15:35 - 2012-04-10 20:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-27 15:35 - 2012-01-05 21:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-27 14:53 - 2014-07-24 09:11 - 00000000 ____D () C:\Users\Shirley\Desktop\Recipes
2014-07-26 11:10 - 2012-02-05 14:40 - 00000000 ____D () C:\Users\Shirley\Desktop\Misc
2014-07-25 22:07 - 2012-05-12 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 22:07 - 2012-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 03:02 - 2012-05-12 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 10:45 - 2014-07-24 10:42 - 06205151 _____ () C:\Users\Shirley\Downloads\Attachments_2014724.zip
2014-07-24 10:06 - 2012-02-05 16:37 - 00010240 _____ () C:\Users\Shirley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-24 08:47 - 2013-03-23 14:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-24 08:45 - 2014-03-16 09:02 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-07-24 08:45 - 2012-08-25 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-07-24 08:45 - 2012-08-25 13:02 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-07-24 08:45 - 2012-08-25 12:52 - 00000000 ____D () C:\ProgramData\Garmin
2014-07-21 18:14 - 2014-07-21 18:14 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-21 18:13 - 2014-07-21 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-21 18:13 - 2012-03-12 20:29 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-21 15:20 - 2014-07-21 15:20 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 15:20 - 2014-07-21 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 15:20 - 2014-07-21 15:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 15:20 - 2014-07-21 15:19 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 15:20 - 2014-07-21 15:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 15:19 - 2014-07-21 15:19 - 00000000 ____D () C:\Program Files\iPod
2014-07-21 15:16 - 2012-03-12 20:28 - 00000000 ____D () C:\ProgramData\Apple
2014-07-19 14:23 - 2009-07-14 01:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-19 08:51 - 2012-02-04 13:39 - 00000000 ____D () C:\Users\Shirley\Documents\Bluetooth Folder
2014-07-11 06:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 20:39 - 2014-07-10 20:38 - 03695061 _____ () C:\Users\Shirley\Downloads\Attachments_2014710.zip
2014-07-10 20:14 - 2014-07-10 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-10 20:11 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 20:11 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 20:11 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 20:11 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 03:15 - 2013-08-07 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:08 - 2012-02-10 04:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Shirley\AppData\Local\Temp\Quarantine.exe
C:\Users\Shirley\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Shirley\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 15:38

==================== End Of Log ============================

[Machiavelli]

Looks good.

IMPORTANT: You MUST use Internet Explorer for this step!

• Visit the ESET Online Scanner Web Page
• Select the blue Run ESET Online Scanner button:
  
• Tick the box next to YES, I accept the Terms of Use and click Start
  
• When asked, allow the ActiveX control to install.
• Select Enable detection of potentially unwanted applications and select Advanced Settings:
  
• Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
  
• Click Start. (This scan can take several hours, so please be patient):
  
• Once the scan is completed, select List of found threats:
  
• Select Export to text file... and save the file as ESETlog.txt on your Desktop:
  
• Click the Back button.
• Click the Finish button:
  
• Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
• Copy and paste that log as a reply to this topic.

[Shirleys961]

Having storms here so I will get to this tomorrow hopefully before the storms. I have noticed that the original problem that I had is still happening on occasion since I had to do the restore

Thanks

[Machiavelli]

OK, no problem. The main problem (red screen) is solved now, that's a good thing.

[Shirleys961]

C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir    a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir    a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir    Win64/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe.vir    Win32/Toolbar.DefaultTab.E potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir    a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir    a variant of Win64/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir    Win32/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe.vir    a variant of Win32/Toolbar.DefaultTab.E potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shirley\AppData\Roaming\DefaultTab\DefaultTab\z4D1A.xxx.vir    a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application    deleted - quarantined
C:\Users\Shirley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56MPHIE3\ProtectorPackage2004x64[1].exe    Win32/Toolbar.Babylon.T potentially unwanted application    deleted - quarantined
C:\Users\Shirley\Desktop\ALL\cbsidlm-tr1_10a-Holiday_Lights-SEO-10015273.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Shirley\Downloads\google earth setup.exe    a variant of MSIL/Soft32Downloader.C potentially unwanted application    deleted - quarantined
C:\Users\Shirley\Downloads\Hitman_Pro_TSV37599R.exe    Win32/Toolbar.Conduit.AE potentially unwanted application    deleted - quarantined
C:\Users\Shirley\Google Drive\ALL\cbsidlm-tr1_10a-Holiday_Lights-SEO-10015273.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined