Computer is running slow, especially when online. Sites take for ever to load up. No pop ups.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2016
Ran by jose (26-12-2016 22:37:32)
Running from C:\Users\jose\Downloads
Microsoft Windows 7 Home Premium (X86) (2013-08-18 05:46:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2211277778-1771987267-3249240118-500 - Administrator - Disabled)
Guest (S-1-5-21-2211277778-1771987267-3249240118-501 - Limited - Disabled)
jose (S-1-5-21-2211277778-1771987267-3249240118-1000 - Administrator - Enabled) => C:\Users\jose
Passw0rd (S-1-5-21-2211277778-1771987267-3249240118-1002 - Limited - Enabled) => C:\Users\Passw0rd
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ATI AVIVO Codecs (Version: 11.6.0.51221 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C5DA5C0B-9697-72AA-0FF5-2BED67F1B872}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Canon LBP6030 6040 6018L Uninstaller (HKLM\...\Canon LBP6030 6040 6018L) (Version: 6, 1, 0, 0 - Canon Inc.)
ccc-core-static (Version: 2010.1221.2149.39115 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
EPSON Advanced Printer Driver 4 (HKLM\...\{11FF6AF6-0141-4EF8-829A-989459A1E5D8}) (Version: 4.55.0200 - SEIKO EPSON CORPORATION)
EPSON APD4 Point and Print Support (Version: 4.55.0200 - SEIKO EPSON CORPORATION) Hidden
EPSON APD4 Sample&Manual (HKLM\...\{0391634E-2C39-43BC-995C-EC04A74F77C1}) (Version: 1.00.0000 - SEIKO EPSON Corporation)
EPSON APD5 TM-T20 Sample&Manual (English) (HKLM\...\{5A4267F6-521B-4712-B2CC-961DEB86B440}) (Version: 1.00.0000 - SEIKO EPSON Corporation)
EPSON Port Communication Service (HKLM\...\{1C431535-5AB5-47D1-8E36-6C795AF913F7}) (Version: 3.6.0 - SEIKO EPSON CORPORATION)
EPSON TM Coupon Package (HKLM\...\{60ED98A7-BE97-4F26-B32E-5087337C6044}) (Version: 1.20.0000 - Seiko Epson Corporation) <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{B4BEEEA3-05E9-4966-AE47-B0F3490564BE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
hppLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{478AD1F1-8F17-45ED-8B0F-CCEF42EB3F91}) (Version: 5.0.2.61 - Apple Inc.)
InstPortMon (Version: 1.2.0.0 - InstPortMon) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (Version: 1.01.10 - NETGEAR) Hidden
Norton Security Scan (HKLM\...\NSS) (Version: 4.0.3.27 - Symantec Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.)
Receipt Printer - epay (HKLM\...\{E564C2DB-4DD0-4AB1-A77F-744111ECC8EF}) (Version: 1.1.2 - Default Company Name)
Wireless Standard 9.1.6.0 (HKLM\...\Wireless Standard_is1) (Version: 9.1.6.0 - B2B Soft Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.51221.2158 - ATI Technologies Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000_Classes\CLSID\{43B6ADAA-6DE7-43C2-9206-3389C94B9531}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000_Classes\CLSID\{5EFC5294-6D6D-3BA1-A769-4AC271DCF6B3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000_Classes\CLSID\{6AAD2329-03DA-3C9C-990C-56CBA9FE8069}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000_Classes\CLSID\{EA7D5AE2-2134-3F0E-A422-5F43EB64DE1B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000_Classes\CLSID\{EAF741EF-6A3B-4DF5-8156-E7A62AAA136C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {29170A01-6585-4828-99A1-893D43173970} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {2C401C94-2E51-46A7-AD91-187F7B85E378} - System32\Tasks\Mlouugiuoemap => C:\ProgramData\Mlouugiuoemap\1.0.1.0\umiainow.exe <==== ATTENTION
Task: {3B55D12A-257A-4CE8-BCA4-CCD9B523D511} - \NSManager_1415748688 -> No File <==== ATTENTION
Task: {41BE4957-6542-46C3-BB53-0019449D4A59} - System32\Tasks\{126132F8-91C0-473A-9579-D6D2F8245948} => pcalua.exe -a "C:\Users\jose\DOCUME~1\BitLord\Microsoft Office 2007\setup.exe" -d "C:\Users\jose\DOCUME~1\BitLord\Microsoft Office 2007"
Task: {57B849AB-23DB-43BB-9866-15B7C83CCC66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7597D12B-DE71-49E8-9F6D-E7E123533121} - \SuperFastPC_AutorunOnStartup -> No File <==== ATTENTION
Task: {BE41A09C-E967-4C94-8BD0-D19B510C3228} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {C5CC953A-D750-4096-9849-FFF925068349} - \GeniusBox -> No File <==== ATTENTION
Task: {EAB752CF-E22B-44FF-B040-5DB533D1EDE1} - System32\Tasks\Validate Installation => C:\Program Files\user extensions\updater.exe <==== ATTENTION
Task: {F175D158-2D73-44FD-ADB6-DC4A89A6A966} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F8CB12AC-DE53-4908-9CB8-DC666BD3F770} - System32\Tasks\Check Updates => C:\Program Files\user extensions\updater.exe <==== ATTENTION
Task: {FB40D6B5-8B24-4A6E-AAC9-BD3021413661} - \watchHealth -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-10-14 09:59 - 2012-08-21 15:06 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2013-10-14 09:59 - 2012-08-21 15:06 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2011-06-30 21:23 - 2011-06-30 21:23 - 00167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
2010-12-21 20:59 - 2010-12-21 20:59 - 00072192 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2009-08-04 16:23 - 2009-08-04 16:23 - 00063032 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 16:23 - 2009-08-04 16:23 - 00075320 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPToolkit.dll
2010-12-21 20:59 - 2010-12-21 20:59 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-12-21 20:47 - 2010-12-21 20:47 - 00243712 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-08-26 13:51 - 2010-08-26 13:51 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2016-12-14 21:24 - 2016-12-07 23:29 - 01829208 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 21:24 - 2016-12-07 23:29 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [121]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\publicmobile.ca -> hxxps://publicmobile.ca
IE trusted site: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\qpay123.com -> hxxps://qpay123.com
IE trusted site: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\qpayreport.com -> hxxps://qpayreport.com
IE trusted site: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\t-mobile.com -> hxxps://t-mobile.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:04 - 2009-06-10 13:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jose\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.62 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP LaserJet Service => 2
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1000M Genie.lnk => C:\Windows\pss\NETGEAR WNA1000M Genie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Select a coupon.lnk => C:\Windows\pss\Select a coupon.lnk.CommonStartup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FA7413A9-14DB-4BA1-9C26-30B09C6006FA}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B1260301-A9F5-4EE0-AD42-08289C5EB291}] => D:\ProductInst.exe
FirewallRules: [{A59C7C20-78EF-447D-9293-D96BF23FC484}] => D:\ProductInst.exe
FirewallRules: [{9E80E9CA-127C-41F9-9C2C-C5CF9BA1727F}] => LPort=9100
FirewallRules: [{1D7290AF-E157-42B5-A2D1-35AE038083A7}] => LPort=427
FirewallRules: [{3CB08980-2FB9-48CD-918F-6568AC7B0BC1}] => LPort=161
FirewallRules: [{ED25C00E-F8A0-4670-8534-9D96BF359DA1}] => C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [{D85DDD33-665B-486F-A5BB-5D5F7311E12C}] => C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\Tools\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [{9367F95B-0963-4796-909E-8E4867CBBF3B}] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{99C62417-9464-44C7-A7E1-65B70C3702D2}] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CF7994A7-F888-42EE-A760-B26C0A89176E}] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{BE28EBF1-5D81-4DCD-AF85-DDD34BB9D7E6}] => C:\Program Files\MediatekWiFi\Common\RaUI.exe
FirewallRules: [{CA612FE1-40FC-4944-A732-066D6DAC88E4}] => C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
18-11-2016 15:29:27 Windows Update
22-11-2016 15:26:54 Windows Update
26-11-2016 15:26:08 Windows Update
30-11-2016 15:26:40 Windows Update
04-12-2016 01:50:35 Windows Update
07-12-2016 10:25:23 Windows Update
09-12-2016 13:18:04 Removed Microsoft Silverlight
10-12-2016 18:43:18 Windows Update
15-12-2016 18:16:56 Windows Update
19-12-2016 18:12:43 Windows Update
22-12-2016 18:15:21 Windows Update
26-12-2016 15:17:03 Restore Operation
26-12-2016 15:34:44 Windows Update
26-12-2016 20:54:55 Removed Adobe Acrobat Reader DC.
26-12-2016 20:56:10 Removed OpenOffice 4.1.0
26-12-2016 20:58:46 Removed Apple Software Update
26-12-2016 21:04:46 Removed Mediatek Wireless LAN
26-12-2016 21:08:38 Removed Apple Software Update
26-12-2016 21:09:14 Removed Bonjour
26-12-2016 21:09:52 Removed Apple Mobile Device Support
26-12-2016 21:10:43 Removed iTunes
26-12-2016 21:13:03 Removed QuickTime 7
26-12-2016 21:14:02 Removed Apple Application Support (32-bit)
26-12-2016 21:18:49 Removed Microsoft Office Excel Viewer
26-12-2016 21:19:37 Removed Microsoft Office Word Viewer 2003
26-12-2016 21:20:08 Removed Compatibility Pack for the 2007 Office system
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2016 09:28:15 PM) (Source: .NET Runtime) (EventID: 1022) (User: jose-PC)
Description: .NET Runtime version 4.0.30319.1 - Loading profiler failed. COR_ENABLE_PROFILING was set properly, but COR_PROFILER was not. COR_PROFILER must be set to the CLSID of the profiler to load. Process ID (decimal): 216. Message ID: [0x2500].
Error: (12/26/2016 09:25:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program InstStub.exe version 4.0.3.27 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c7c
Start Time: 01d26000fb588b25
Termination Time: 23
Application Path: C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.0.3.27\InstStub.exe
Report Id:
Error: (12/26/2016 08:53:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
Details:
Could not query the status of the EventSystem service.
System Error:
A system shutdown is in progress.
.
Error: (12/26/2016 02:53:49 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (12/26/2016 12:30:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Photosmart Plus B210 series\DriverStore\Pipeline\amd64\hpinkins8e11.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/25/2016 07:41:03 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (12/25/2016 12:30:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Photosmart Plus B210 series\DriverStore\Pipeline\amd64\hpinkins8e11.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/24/2016 12:24:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (12/24/2016 12:30:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Photosmart Plus B210 series\DriverStore\Pipeline\amd64\hpinkins8e11.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/23/2016 07:15:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wc_core.exe, version: 9.1.6.0, time stamp: 0x56d06ac4
Faulting module name: clr.dll, version: 4.0.30319.1, time stamp: 0x4ba1d9ef
Exception code: 0xc0000005
Fault offset: 0x0005deb4
Faulting process id: 0x16e8
Faulting application start time: 0x01d257c152f4617d
Faulting application path: C:\Program Files\BTB Soft\Wireless Standard\bin\wc_core.exe
Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report Id: 36f21437-c987-11e6-831c-eca86b90174d
System errors:
=============
Error: (12/26/2016 10:08:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
Error: (12/26/2016 10:08:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
The system cannot find the device specified.
Error: (12/26/2016 09:54:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
The system cannot find the device specified.
Error: (12/26/2016 09:34:54 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT AUTHORITY)
Description: SAM failed to start the TCP/IP or SPX/IPX listening thread
Error: (12/26/2016 09:34:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
The system cannot find the device specified.
Error: (12/26/2016 09:33:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
The system cannot find the device specified.
Error: (12/26/2016 08:53:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
The system cannot find the device specified.
Error: (12/26/2016 08:43:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (12/26/2016 08:42:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server:
{000C101C-0000-0000-C000-000000000046}
Error: (12/26/2016 08:41:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
==================== Memory info ===========================
Processor: AMD E-350 Processor
Percentage of memory in use: 77%
Total physical RAM: 1528.27 MB
Available physical RAM: 349.57 MB
Total Virtual: 3056.53 MB
Available Virtual: 1409.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:395.53 GB) NTFS
Drive d: (WN_V6.75V) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B25EC62F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016
Ran by jose (administrator) on JOSE-PC (26-12-2016 22:35:47)
Running from C:\Users\jose\Downloads
Loaded Profiles: jose (Available Profiles: jose & Passw0rd)
Platform: Microsoft Windows 7 Home Premium (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\portcommunicationservice\DeviceControlLog.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\portcommunicationservice\PCSVC.exe
() C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CANON INC.) C:\Windows\System32\spool\drivers\w32x86\3\CNAP3LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\w32x86\3\CNABHSWK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7731744 2009-08-31] (Realtek Semiconductor)
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP3LAK.EXE [228520 2012-06-13] (CANON INC.)
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: F - F:\Install_FiveStars.bat
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: {268b521c-1e83-11e5-b2cb-eca86b90174d} - F:\menu.exe
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: {8636f137-2f82-11e3-a897-eca86b90174d} - F:\SISetup.exe
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: {a19c0401-07c9-11e3-bbf2-f07b264284a9} - F:\fscommand\LS_Start_Launch.exe
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: {aec066eb-081f-11e3-b3d2-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\...\MountPoints2: {ec5a5fd2-bf3b-11e3-8480-eca86b90174d} - F:\Install_FiveStars.bat
GroupPolicy\User: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2211277778-1771987267-3249240118-1000] => http=127.0.0.1:49182;https=127.0.0.1:49182
AutoConfigURL: [S-1-5-21-2211277778-1771987267-3249240118-1000] => http=127.0.0.1:49182;https=127.0.0.1:49182
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{76BEF312-A003-4568-B865-56CD38AE5F16}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{A7210023-258E-4378-BB55-ECB649D57E89}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1386541226&from=cor&uid=ST3500413AS_Z2APHAV5XXXXZ2APHAV5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?fr=fp-sgm&type=20140218,155
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386541226&from=cor&uid=ST3500413AS_Z2APHAV5XXXXZ2APHAV5&q={searchTerms}
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://wirelessdealergroup.com/
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Like -> {2159cb25-ef9a-54c1-b43c-e30d1a4a8277} -> C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2211277778-1771987267-3249240118-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: 2qcu79lg.default
FF ProfilePath: C:\Users\jose\AppData\Roaming\Mozilla\Firefox\Profiles\2qcu79lg.default [2016-12-26]
FF HKLM\...\Firefox\Extensions: [{635abd67-4fe9-1b23-4f01-e679fa7484c1}] - 0\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} => not found
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default [2016-12-26]
CHR Extension: (Google Docs) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Gmail) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-12-26]
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-26]
CHR Extension: (Google Docs) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-01]
CHR Extension: (Google Wallet) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-01]
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-26]
CHR Extension: (Google Slides) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Google Docs) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-30]
CHR Extension: (Google Drive) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-30]
CHR Extension: (Gmail) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-30]
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR Profile: C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-26]
CHR Extension: (Google Slides) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-08]
CHR Extension: (YouTube) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-08]
CHR Extension: (Google Search) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-08]
CHR Extension: (Google Sheets) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Gmail) - C:\Users\jose\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-08]
CHR HKU\S-1-5-21-2211277778-1771987267-3249240118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [284672 2010-12-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 EPSON_Device_Control_Log_Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [333824 2012-11-29] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_Port_Communication_Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [433152 2012-11-29] (SEIKO EPSON CORPORATION) [File not signed]
S4 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACR122U; C:\Windows\System32\DRIVERS\acr122.sys [54400 2014-08-21] (Advanced Card Systems Ltd.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66176 2013-08-18] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [31872 2013-08-18] (Advanced Micro Devices)
S2 EPSON_PCS_Parallel_Port_Driver; C:\Windows\system32\DRIVERS\pcslpt.sys [19592 2012-11-29] (SEIKO EPSON CORPORATION)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [734824 2011-01-31] (Realtek Semiconductor Corporation )
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [File not signed]
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSBXP.SYS [49408 2012-03-01] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-26 22:35 - 2016-12-26 22:36 - 00015220 _____ C:\Users\jose\Downloads\FRST.txt
2016-12-26 22:35 - 2016-12-26 22:35 - 01762816 _____ (Farbar) C:\Users\jose\Downloads\FRST.exe
2016-12-26 22:35 - 2016-12-26 22:35 - 00000000 ____D C:\FRST
2016-12-26 21:07 - 2009-07-13 14:02 - 00657408 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys
2016-12-26 17:48 - 2016-12-26 17:48 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\AMD
2016-12-26 17:47 - 2016-12-26 17:47 - 00117776 _____ C:\Users\Passw0rd\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-26 17:47 - 2016-12-26 17:47 - 00001417 _____ C:\Users\Passw0rd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Roaming\ATI
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Roaming\Apple Computer
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Roaming\Adobe
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\Google
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\ATI
2016-12-26 17:47 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\Adobe
2016-12-26 17:46 - 2016-12-26 17:47 - 00000000 ____D C:\Users\Passw0rd
2016-12-26 17:46 - 2016-12-26 17:46 - 00000258 __RSH C:\Users\Passw0rd\ntuser.pol
2016-12-26 17:46 - 2016-12-26 17:46 - 00000020 ___SH C:\Users\Passw0rd\ntuser.ini
2016-12-26 17:46 - 2016-12-26 17:46 - 00000000 _SHDL C:\Users\Passw0rd\My Documents
2016-12-26 17:46 - 2016-12-26 17:46 - 00000000 _SHDL C:\Users\Passw0rd\Documents\My Videos
2016-12-26 17:46 - 2016-12-26 17:46 - 00000000 _SHDL C:\Users\Passw0rd\Documents\My Pictures
2016-12-26 17:46 - 2016-12-26 17:46 - 00000000 _SHDL C:\Users\Passw0rd\Documents\My Music
2016-12-26 17:46 - 2016-12-26 17:46 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\VirtualStore
2016-12-26 17:46 - 2014-11-10 20:00 - 00000000 ____D C:\Users\Passw0rd\AppData\Local\LogMeIn
2016-12-26 17:46 - 2009-07-13 23:48 - 00000000 ____D C:\Users\Passw0rd\AppData\Roaming\Media Center Programs
2016-12-08 18:31 - 2016-12-26 20:57 - 00000000 ____D C:\Windows\Minidump
2016-11-28 16:55 - 2016-11-25 15:58 - 00015606 _____ C:\Users\jose\Documents\boost%20texting%20formula.xlsx_0.ods
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-26 22:32 - 2009-07-13 20:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-26 22:32 - 2009-07-13 20:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-26 22:14 - 2013-08-17 21:52 - 00782154 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-26 22:14 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-12-26 22:08 - 2009-07-13 20:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-26 21:54 - 2009-07-13 20:33 - 03816080 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-26 21:28 - 2013-08-17 22:12 - 00111768 _____ C:\Users\jose\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-26 21:20 - 2013-11-25 15:21 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-26 21:18 - 2013-11-20 15:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-26 21:17 - 2013-11-20 15:37 - 00000000 ____D C:\ProgramData\Adobe
2016-12-26 21:14 - 2014-06-25 15:27 - 00000000 ____D C:\ProgramData\Apple
2016-12-26 21:14 - 2014-06-25 15:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-26 21:07 - 2013-08-17 22:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-26 20:57 - 2014-07-25 12:30 - 00000000 ____D C:\Program Files\OpenOffice 4
2016-12-26 20:56 - 2013-11-20 15:37 - 00000000 ____D C:\Program Files\Adobe
2016-12-26 20:46 - 2014-02-18 11:16 - 00000000 ____D C:\ProgramData\Yahoo!
2016-12-26 20:46 - 2014-02-18 11:15 - 00000000 ____D C:\Program Files\Yahoo!
2016-12-26 20:43 - 2015-06-08 12:26 - 00000000 ____D C:\Users\jose\AppData\Local\Torch
2016-12-26 20:41 - 2013-11-24 11:51 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-26 17:50 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system32\NDF
2016-12-26 15:52 - 2016-10-14 11:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-26 15:41 - 2013-08-17 21:47 - 00000000 ____D C:\Users\jose
2016-12-26 15:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
2016-12-14 21:24 - 2013-08-17 22:22 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 21:24 - 2013-08-17 22:22 - 00002048 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 18:01 - 2013-08-17 22:21 - 00000000 ____D C:\Program Files\Google
2016-12-09 13:24 - 2013-08-17 22:21 - 00000000 ____D C:\Users\jose\AppData\Local\Google
2016-12-08 15:36 - 2009-07-13 20:56 - 00000000 ____D C:\Windows\DigitalLocker
2016-12-08 15:15 - 2015-06-01 13:49 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
==================== Files in the root of some directories =======
2013-12-08 14:23 - 2013-12-09 13:01 - 0000000 _____ () C:\Users\jose\AppData\Roaming\bitlord_log.txt
2014-06-05 12:47 - 2014-06-05 12:47 - 0000046 _____ () C:\Users\jose\AppData\Roaming\WB.CFG
2015-05-21 12:08 - 2015-05-21 12:08 - 0000064 _____ () C:\Users\jose\AppData\Local\82e6e4e9441806e5c5f9927a763615d4
2015-06-11 15:07 - 2015-06-11 15:07 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-24 00:40
==================== End of FRST.txt ============================