GeekPolice Tech TutorialsLog in

 


[INACTIVE] EXTREMELY slow computer with terrible startup

Share

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Okay, try once more and let me know if it ends up working please. Smile...

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
OTL logfile created on: 12/19/2016 11:30:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18524)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.48 Gb Total Physical Memory | 4.65 Gb Available Physical Memory | 84.83% Memory free
10.97 Gb Paging File | 10.18 Gb Available in Paging File | 92.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.87 Gb Total Space | 208.22 Gb Free Space | 22.64% Space Free | Partition Type: NTFS
Drive D: | 11.54 Gb Total Space | 1.38 Gb Free Space | 11.96% Space Free | Partition Type: NTFS
 
Computer Name: USER-HP | User Name: user | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2016/12/19 11:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016/11/29 12:43:36 | 004,317,648 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2016/10/27 10:37:41 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2016/08/22 08:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/09/20 10:14:07 | 000,674,800 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/27 06:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE -- (EPSON_PM_RPCV4_05)
SRV:64bit: - [2011/12/12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Stopped] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2011/07/04 01:26:28 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/06/24 10:23:14 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/14 19:01:46 | 001,052,328 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxeecoms.exe -- (lxee_device)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2007/04/20 11:24:32 | 000,566,704 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxblcoms.exe -- (lxbl_device)
SRV - [2016/12/16 22:34:17 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/11/08 17:13:08 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/09/20 11:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/08/15 02:56:34 | 000,029,728 | ---- | M] (HP Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/11/05 20:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2011/05/05 15:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/11/26 06:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2007/04/20 11:24:20 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxblcoms.exe -- (lxbl_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016/12/19 23:13:54 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:64bit: - [2016/12/19 23:12:02 | 000,250,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/12/11 20:04:53 | 000,176,064 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon)
DRV:64bit: - [2015/06/10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/07/25 15:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 21:21:30 | 001,874,016 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/15 23:58:14 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/15 23:58:14 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/04 02:02:30 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/04 00:44:02 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/10 02:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/04/22 02:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/17 17:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 17:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/03/04 14:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 14:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/12/15 19:36:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 16:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{866B19C7-65C3-4340-A244-92A88B9FBFC3}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 96 82 2E 83 A8 21 D2 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.9: C:\Users\user\AppData\Roaming\ACEStream\player\npace_plugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016/01/14 23:53:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012/02/21 00:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2014/05/25 01:49:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ct9tl7mi.default\extensions
[2014/05/25 01:49:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ct9tl7mi.default\extensions\staged
[2016/11/23 13:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\extensions
[2016/11/23 13:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\extensions\trash
[2015/05/31 07:57:36 | 000,156,023 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\fcpzgi7g.default-1395282151623\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2016/11/23 13:46:09 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\fcpzgi7g.default-1395282151623\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/08/20 04:06:14 | 000,328,479 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\fcpzgi7g.default-1395282151623\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/10/28 22:59:21 | 001,054,986 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\fcpzgi7g.default-1395282151623\extensions\trash\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/03/12 14:06:33 | 000,003,027 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\fcpzgi7g.default-1395282151623\searchplugins\google-lavasoft.xml
[2016/11/17 16:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2016/11/17 16:39:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2016/11/17 16:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2016/11/17 16:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2016/12/16 22:41:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.3.2_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.4.0_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.955_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.124_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo\1.0.4_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\
 
O1 HOSTS File: ([2016/12/04 00:01:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (HP Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Camera Assistant Software for ViewSonic\traybar.exe (Chicony)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3520 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-3520 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE /EPT "EPLTarget\P0000000000000002" /M "WF-3520 Series" File not found
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 11.91.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 11.91.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D5C3D27-403F-45C6-A3FF-D29F3ACBE4C2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8D08E84-D6B4-4B9B-8D1E-C8A47B5D033C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/12/19 03:09:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2016/12/11 20:04:53 | 000,176,064 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMChameleon.sys
[2016/12/11 20:04:53 | 000,102,856 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2016/12/11 20:04:53 | 000,081,696 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2016/12/11 20:04:48 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016/12/11 20:04:43 | 000,250,816 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/12/11 20:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2016/12/11 20:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2016/12/11 20:00:53 | 051,969,976 | ---- | C] (Malwarebytes                                                ) -- C:\Users\user\Desktop\mb3-setup-consumer-3.0.4.1269(1).exe
[2016/12/06 12:31:06 | 004,747,704 | ---- | C] (AO Kaspersky Lab) -- C:\Users\user\Desktop\tdsskiller.exe
[2016/12/04 10:19:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2016/12/03 16:06:42 | 005,659,954 | R--- | C] (Swearware) -- C:\Users\user\Desktop\ComboFix.exe
[2016/12/01 20:40:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2016/12/01 20:40:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2016/12/01 20:40:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2016/12/01 20:25:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016/12/01 19:51:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016/11/25 22:07:46 | 000,000,000 | ---D | C] -- C:\FRST
[2016/11/25 21:11:08 | 006,253,640 | ---- | C] (AVAST Software) -- C:\Users\Public\Desktop\avast_free_antivirus_setup_online_cnet_2.exe
 
========== Files - Modified Within 30 Days ==========
 
[2016/12/19 23:17:49 | 000,102,856 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2016/12/19 23:13:54 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016/12/19 23:12:02 | 000,250,816 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/12/19 23:11:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/12/19 23:11:14 | 122,114,047 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/19 11:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2016/12/11 20:04:53 | 000,176,064 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMChameleon.sys
[2016/12/11 20:04:53 | 000,081,696 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2016/12/11 20:04:32 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2016/12/11 20:03:36 | 051,969,976 | ---- | M] (Malwarebytes                                                ) -- C:\Users\user\Desktop\mb3-setup-consumer-3.0.4.1269(1).exe
[2016/12/11 12:34:42 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/12/11 12:34:42 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/12/11 12:34:42 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/12/10 09:13:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/12/10 08:56:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/12/10 08:44:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2324025828-1623389042-2555509162-1000UA.job
[2016/12/10 07:55:00 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2016/12/10 06:07:30 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/12/10 06:07:30 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/12/06 12:31:10 | 004,747,704 | ---- | M] (AO Kaspersky Lab) -- C:\Users\user\Desktop\tdsskiller.exe
[2016/12/04 00:01:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016/12/01 19:36:58 | 005,659,954 | R--- | M] (Swearware) -- C:\Users\user\Desktop\ComboFix.exe
[2016/11/29 16:07:04 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2324025828-1623389042-2555509162-1000Core.job
[2016/11/29 14:55:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/11/29 06:27:14 | 000,077,408 | ---- | M] () -- C:\Windows\SysNative\drivers\mbae64.sys
[2016/11/28 16:00:05 | 000,086,814 | ---- | M] () -- C:\Users\user\Documents\FarBar.png
[2016/11/25 21:17:50 | 006,253,640 | ---- | M] (AVAST Software) -- C:\Users\Public\Desktop\avast_free_antivirus_setup_online_cnet_2.exe
[2016/11/21 23:07:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUSER-HP$.job
 
========== Files Created - No Company Name ==========
 
[2016/12/11 20:04:32 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2016/12/11 20:04:30 | 000,077,408 | ---- | C] () -- C:\Windows\SysNative\drivers\mbae64.sys
[2016/12/11 12:34:42 | 000,782,470 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/12/01 20:40:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2016/12/01 20:40:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2016/12/01 20:40:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2016/12/01 20:40:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2016/12/01 20:40:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2016/11/28 15:57:29 | 000,086,814 | ---- | C] () -- C:\Users\user\Documents\FarBar.png
[2015/01/08 21:45:07 | 000,000,109 | ---- | C] () -- C:\Windows\wininit.ini
[2014/05/25 10:49:02 | 000,000,045 | ---- | C] () -- C:\Users\user\AppData\Roaming\WB.CFG
[2014/05/24 23:02:44 | 000,007,608 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/08/29 07:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 07:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
OTL Extras logfile created on: 12/19/2016 11:30:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18524)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.48 Gb Total Physical Memory | 4.65 Gb Available Physical Memory | 84.83% Memory free
10.97 Gb Paging File | 10.18 Gb Available in Paging File | 92.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.87 Gb Total Space | 208.22 Gb Free Space | 22.64% Space Free | Partition Type: NTFS
Drive D: | 11.54 Gb Total Space | 1.38 Gb Free Space | 11.96% Space Free | Partition Type: NTFS
 
Computer Name: USER-HP | User Name: user | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01287F9A-F3AF-47B6-A79D-AA47EEB7CAE4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{24E061EF-79FE-479F-921E-04A8D443CA9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2ACAE1B4-B8D1-4C18-A453-382EF92523EB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{35D458BC-29F7-41D2-9BCF-231C048E4436}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3F1DEFDF-21FB-4E8D-BF46-0B2160BA88B1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{51607DED-0850-416B-863C-95685512940E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5E0F1344-EF56-4D46-A8F3-98F78C25B4AD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7F979D73-407B-4D6A-B7E1-01A65C12C67B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{83CDE3BC-B09F-48FC-BF21-B3AEC1A8D19A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{89075580-D9FA-4412-A658-87A1A5D1EA32}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A1121CDD-B7AF-4D1B-ABDD-FC30C7688D1B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B3285455-7F0F-4710-89A2-0485D7C14B80}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{CAD07812-1B76-48D6-B8BF-DF12D4CBD08D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{CB086F96-BB14-48A8-86E3-A89E4644F79E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{CCEF2B3C-1BD7-4DAC-9EA9-8E9EB247CCE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E18BB922-D7F7-4C2A-899A-100ADA097B6B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E7C6241B-A2D5-40B9-BD4B-EBE6C01EA98E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE724774-9122-4532-8544-6B646F6F351E}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03181888-5EBB-40DA-9738-81967F31F22F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{04928767-7255-4326-8A37-1EEE5153B945}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe | 
"{0E474077-7176-40F7-ADC5-9B0E0B313DE9}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe | 
"{11A8D8F1-C400-41F1-9B5D-73B2D84D4DED}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{11CAE389-8BF0-43AD-A4BE-92E951B6B1D9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{132D5BD1-6BAE-407A-887C-3978DF757BFB}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\acestream\engine\ace_engine.exe | 
"{13A09811-A8E7-4117-9092-975560935178}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe | 
"{18AED543-2950-41D3-923D-5AB010D2BE0D}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe | 
"{1DA4AFCA-47CC-42E6-904D-E09A758D2638}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{252AC2EB-8C28-4C57-8916-8D367A3930F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{26C7E964-39B7-4313-B65F-C5E564A8E375}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{2AAFEC93-47FB-4A91-ADD0-E46C1A7151BF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2B42B3C6-067B-4A32-88AB-7568B8BD62A5}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{2EC6774C-5971-4579-ADCE-341AF872A863}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{32E10518-702D-464F-AA77-DA11D412ADBE}" = protocol=6 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe | 
"{385AFE49-E3C4-4C3C-9E6C-3A0D94C1830A}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{3BFD9CC4-6266-4204-A688-3ACB732FD8AC}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{3D858FC4-C699-457A-A8D1-CFE79BA38E4F}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe | 
"{3DA13E45-1C20-4792-87DD-E0EE4C3A237E}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{3F6B3D96-CC15-4DC0-9907-A4104DFCEEEB}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe | 
"{4083A5A2-CCFC-4310-BA3A-21B6C798490F}" = protocol=17 | dir=out | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{437BC1B4-B947-4702-8028-4A0E495074D7}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{4F3998E2-A4C2-4EAD-886F-222A75305DF1}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{51153FB8-ED84-4993-8541-5411A50F3462}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{5159912B-E329-476E-BBB9-48B1B89EF16F}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe | 
"{5254B2D3-3A59-4B96-9018-BCE358863479}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{5361E01E-8BED-4E73-8B9D-B044874AF0F8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5424F415-C0E4-483F-886D-5B78F00F8846}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{547B9ABE-BE41-4230-A4DB-D33CC91C4A03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{557E20CF-81C4-487E-95D0-6A41A522178E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{58429B1B-CCA3-4BAF-8CC0-D88EB676289A}" = protocol=17 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe | 
"{599E3819-EF12-4FE9-9549-14B2A71FDCC3}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxblcoms.exe | 
"{5C1B9152-0949-4070-8EC2-C67D9D1CB26E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5F52F37A-DA47-42F2-BA44-BC687E57FF44}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\acestream\engine\ace_engine.exe | 
"{607AE373-8F31-40BB-A4FE-0452844BBE36}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe | 
"{60DBFC41-F9D1-46B8-BAF3-389C323C359F}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe | 
"{63E10791-2126-4002-91DE-F7180DE482A6}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{6C8A6D4B-B60C-4BCB-A029-AAD74E1A802D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7D4B3ADD-D416-456C-BAB5-4EA7B6A80566}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{8473836D-0245-4C97-9C86-ECDD4692C57E}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{84FCB8AF-EED1-4461-9C40-7B6B22E75574}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8A65207B-7B43-4F94-B446-EDE149EAB740}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{8B208778-860E-4EF6-BBA2-9EBDB7DFD226}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe | 
"{8EE604D8-B82A-479E-AFFD-AFE4759D698F}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe | 
"{A23EAB65-0F41-40F1-A65E-3AD358B47CF3}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{ADDE7ECD-5ED1-468F-AB51-5ADDF2AA1DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe | 
"{B3795538-29BA-4D06-9AA6-913D92A212D4}" = protocol=6 | dir=out | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe | 
"{BB9ABEB4-B2A5-4D03-AAAE-DC6CD4A52235}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC93B914-858A-4E4A-B84E-A6C741E0BD84}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D2609B49-2FCC-497E-B847-96461FE7E412}" = protocol=17 | dir=in | app=c:\windows\system32\lxblcoms.exe | 
"{D3A79EC2-B37A-450A-9373-AC641A5DC005}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D71F2BE7-FD57-4105-839E-293AE4F12835}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{DB088B72-0B58-49EC-BB25-677C27039895}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{DE0FD889-DC2F-42C7-928C-DF8DD0454408}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{E10EC5DE-317C-4FE3-9610-98336659DCBE}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{E3E3A0CB-69B6-4B23-B580-0FE6B96C1F03}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E48EAB46-256D-4746-A7AA-7729C55C4B7E}" = protocol=6 | dir=in | app=c:\windows\system32\lxblcoms.exe | 
"{E5D0D150-FDA9-4190-855E-9343E5B017F4}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe | 
"{E8F43D79-BBB9-4ACB-9D39-22CD0E2119EA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{EAEB55E6-9CCF-4322-8A0F-B07E44C0A731}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ED2B9E6A-D8B0-4FF7-85F6-FFA332D2306A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{ED9B777E-B43F-42FE-A3FF-6F0DC0ECB482}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{EDAAA742-3FD2-417F-9E1A-84F20326A59A}" = dir=in | app=c:\windows\system32\lxeecoms.exe | 
"{F849AEDC-6FA9-4D75-9F84-17B815E495E0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{F8CFDFD0-2482-4508-9006-96E53464D74B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FF9D7CEB-8A64-49F2-B6DF-D0C8834B7ADC}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxblcoms.exe | 
"TCP Query User{0FB1A18E-527E-409E-8BF9-55188B9DA5FE}C:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{198B965A-405C-4093-B944-F9AB154A047A}C:\users\user\appdata\roaming\utorrent\updates\3.4.2_34944.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\updates\3.4.2_34944.exe | 
"TCP Query User{2E23EEC0-2920-4442-B36D-DA63CBE39A3F}C:\users\theta\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\theta\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{34FC9910-726C-4F73-837B-0CF7E3F1FF6F}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"TCP Query User{370B9B87-458F-428D-8056-21B5A5464E5B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{48DDA238-5D70-4378-B520-82D863C9B9B1}C:\users\user\appdata\roaming\utorrent\updates\3.4.6_42094.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\updates\3.4.6_42094.exe | 
"TCP Query User{56E6EB59-4577-4F99-A8D5-62834E49447E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
"TCP Query User{73A883FC-54E5-42A1-A469-851EC66EA414}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{8861E5F7-72AB-4488-A203-336693D5C469}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe | 
"TCP Query User{8C3B322E-9D58-43A0-A940-7CF9BC845287}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{8F7C7376-6C80-42FC-845C-DE0665140724}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{9EED4216-E86E-4AAA-BB77-40D7AE17D6FE}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"TCP Query User{A1DD7821-DFE9-4137-AC8A-6F06E20DEACD}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{A780B10E-4424-41A1-AF65-ED9727DF026A}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"TCP Query User{BEBEC6DF-C65C-4D44-BF58-36AD319276CA}C:\users\roger xo\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\roger xo\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{C79A47D2-9747-442E-8504-23A94174790A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{CBD196EA-23BD-4148-BF20-30216E8D24B6}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe | 
"UDP Query User{0A14E1BE-1A71-4D84-99E2-B8830AB049FC}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"UDP Query User{0C70A534-324B-4E6A-99F7-9E0685E381EB}C:\users\theta\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\theta\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{106FBA5F-DFD5-4BFB-B2CB-3AC0F47A4780}C:\users\user\appdata\roaming\utorrent\updates\3.4.2_34944.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\updates\3.4.2_34944.exe | 
"UDP Query User{1534ADAD-8142-4334-A99D-FFCA812233B3}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{205A5CCE-7C3E-449E-9AAD-6F58F94E884A}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{3A7D5BA4-12C3-4BCA-8942-C8471DC17140}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{49C85F11-559C-4F5B-BDC9-39BD8CA17A09}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{68DE2661-9F2B-45A0-B2EF-9844E9A67211}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{8B04A807-9876-45DF-8181-B4F06E91F8C3}C:\users\user\appdata\roaming\utorrent\updates\3.4.6_42094.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\updates\3.4.6_42094.exe | 
"UDP Query User{9E1AD300-0544-47A8-9C87-DE245A0F72F8}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{A1FAAAE0-768E-4D74-8797-269F2CE1DDE1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe | 
"UDP Query User{B8D67BDE-2DD0-46B9-B7D9-4B9A18876408}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe | 
"UDP Query User{B905EF65-7EE2-469E-BED1-4D1CA0A40766}C:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{D1B17AF2-79B5-4C55-B85C-7232F746668E}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{DCB1E1D0-ABC3-4DF2-ACCE-083AF042150B}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
"UDP Query User{E6DFD8DD-E6D1-4C10-870D-B3091612429D}C:\users\roger xo\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\roger xo\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{F956F9E0-5470-4BF0-9735-A55A253D3287}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.7.10 (64-bit)
"{350488A4-1540-4103-8F01-B27503891EB0}" = SketchUp 2015
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.0.4.1269
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}" = Apple Application Support (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{61F769F1-BAD0-45BF-5718-62259ACE24A6}" = ccc-utility64
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}" = iTunes
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4D86CB2-2370-4691-8272-3869EDED6C64}" = Apple Mobile Device Support
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F580D12E-01E5-31A6-A321-7C8E6D5361A5}" = ATI Catalyst Install Manager
"{FA8D4B26-17BE-B76F-B2F6-0FD7391EDF95}" = AMD Media Foundation Decoders
"CDisplayEx_is1" = CDisplayEx 1.10.29
"Combined Community Codec Pack 64bit_is1" = Combined Community Codec Pack 64bit 2015-10-18
"EPSON WF-3520 Series" = EPSON WF-3520 Series Printer Uninstall
"Lexmark Z700-P700 Series" = Lexmark Z700-P700 Series
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.WORD" = Microsoft Word 2010
"WinRAR archiver" = WinRAR 4.11 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0522A804-7B80-CEBF-DE81-597E5BA14D2F}" = Catalyst Control Center Localization All
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A352E1C-7868-2D98-165C-FCBD37F1E4AF}" = CCC Help Chinese Traditional
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{138FE2EF-B1A5-40E1-A385-B771BF75E86D}_is1" = Free MKV Player version 1.0
"{13F59C8F-FC81-D786-77E7-CDFA6E2FE018}" = CCC Help Spanish
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A4DFE9C-F186-65E5-E2EE-2EA5B8FD2147}" = CCC Help Portuguese
"{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}" = Minecraft
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{25D47128-0A98-2F03-AFC7-F2F3963CFB3E}" = CCC Help French
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29DB9165-5FC1-48F0-9188-26123F526848}" = Apple Application Support (32-bit)
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{330977BC-E980-4D58-DEE4-7E768CFC3EEF}" = CCC Help Japanese
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{379FBC79-1693-C2C9-5F34-BB0FAFFF5394}" = AMD VISION Engine Control Center
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{44F72193-F59C-4303-BAE8-E3E4BC1C122C}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{50060B25-2B8B-D852-7303-B64D2F7CDD90}" = CCC Help Turkish
"{55065080-504F-43BB-BE00-36B80D7D39A5}" = HP Support Solutions Framework
"{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59111E3F-59C0-A8A5-9B49-253D6625F194}" = Catalyst Control Center InstallProxy
"{5A513137-7B05-E84C-B679-747AD17034F1}" = CCC Help German
"{5AA9CA89-29E1-6216-05BC-7C479A0FCF80}" = CCC Help Czech
"{5CE60812-BE7F-391C-99BF-2E3A4AE0C3E2}" = CCC Help Hungarian
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61B8A32E-C79E-27DE-41E2-45F378976B96}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BF9F374-EC67-4808-A90C-F127DE6D989D}" = Epson E-Web Print
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70658F33-BAB1-93B6-D365-8053A66762AC}" = CCC Help Dutch
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B20A36-5080-EA59-64CF-B276AD647724}" = CCC Help Polish
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{79C54A05-F146-4EA0-8A70-D4EFE6181E52}" = HP Support Assistant
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85DFA50F-382E-6337-4B68-8454A29DFB50}" = CCC Help Danish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink 802.11n Wireless LAN Card
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{952D0DBE-C9E2-2931-9F8F-C1230B6CAB4C}" = CCC Help Thai
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BE22D4-0F66-455E-9783-1D7113CC6F00}" = Catalyst Control Center - Branding
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93AC7AF-0247-E038-2B78-A327A3267D78}" = CCC Help Finnish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{BCA47823-6ACE-9B28-B3ED-1D63E9B7794F}" = Catalyst Control Center Graphics Previews Common
"{BF3913A7-D083-F383-928F-BB93D48DB8F5}" = CCC Help Greek
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C33F3EF6-3625-4FE5-BCBA-41361C99AF1D}" = Camera Assistant Software for ViewSonic
"{C4C6C4A5-955C-C86D-E804-7325CE584F79}" = CCC Help Chinese Standard
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7AA3D65-1F84-4590-AFAA-0777A04B6687}" = Epson Software Updater
"{C8DCD2DD-3999-C9CF-899C-F996D76CCD14}" = CCC Help Swedish
"{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}" = HP Customer Experience Enhancements
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CE101785-F702-BCAD-F286-AF6D1FDD795B}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F910001F-A592-34EE-39B6-9D75D55D2FE7}" = CCC Help English
"{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin
"{FA6AF15B-5E4B-0A8A-7C5F-8F7FA2C0C85E}" = CCC Help Korean
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.29
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}" = QuickTime 7
"{FF7B20F0-9AF0-AE97-8111-60E63D0F3564}" = CCC Help Norwegian
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 23 NPAPI
"BSPlayerf" = BS.Player FREE
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2014-07-13
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Kobo" = Kobo
"LTCM Client" = LTCM Client
"Mozilla Firefox 50.1.0 (x86 en-US)" = Mozilla Firefox 50.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office Suite X 3.3" = Office Suite X 3.3
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"PDF Complete" = PDF Complete Special Edition
"qBittorrent" = qBittorrent 3.3.7
"VLC media player" = VLC media player 2.1.3
"vsfilter_is1" = VSFilter 2.41.322 (0c3a1ea) Nightly
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-00bd8e0d-bc32-4794-8d13-795125148786" = Mystery of Mortlake Mansion
"WTA-0fb47d73-1db3-4451-9096-22bfd3be2d8c" = Penguins!
"WTA-14de0676-9bd7-4dcd-ba15-39c3e7372f73" = Plants vs. Zombies - Game of the Year
"WTA-15cfbcdf-aab9-4e69-88a1-70019a946210" = Virtual Villagers 5 - New Believers
"WTA-1ff9576c-46ac-4dc5-b28e-195380f07ae2" = Namco All-Stars: PAC-MAN
"WTA-28ffb82b-a200-450f-b5ed-5b46236328f4" = Cradle of Rome 2
"WTA-2b2dfe4f-d7c5-4314-85d6-9eb092ffcaac" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-3c7cb67f-5967-4ce5-83c6-09212f247bd3" = Blackhawk Striker 2
"WTA-41e883bb-c5e6-452d-b11f-3e4be09d37d7" = Bejeweled 3
"WTA-5547d01a-b06b-4e5d-b1f5-df0f41795724" = Polar Bowler
"WTA-5b8b1a7b-81b4-4c8c-8f48-244044b83643" = Chuzzle Deluxe
"WTA-604f5e5d-a232-467c-bfe8-fc79fd565afc" = Governor of Poker 2 Premium Edition
"WTA-61ade00b-604c-47cb-9930-97293d3706af" = Farm Frenzy
"WTA-7559db0a-3093-4845-9db9-5312f3360adf" = FATE
"WTA-77247688-bec7-4053-8596-100a952605d5" = Blasterball 3
"WTA-7c9e3cd0-e69a-48bc-8589-0c260f438d22" = Poker Superstars III
"WTA-7f93bbe6-83e6-4101-9825-4ffd7b0dc95a" = Cake Mania
"WTA-9aa5cc3c-8e02-4d96-9b41-1d111f12c3f6" = Vacation Quest - The Hawaiian Islands
"WTA-bcf422f6-f81f-499a-8ee9-131dbb90bc0d" = Slingo Supreme
"WTA-c19ce33e-d26f-470a-97ab-4ca362803e9c" = Chronicles of Albian
"WTA-c78cca66-af7b-49cb-9540-1ad206bafb39" = Agatha Christie - Peril at End House
"WTA-cfac3f8a-ab1a-4fb7-a0f2-bf74bb5d9867" = Polar Golfer
"WTA-d0302f89-2a22-430b-b81a-5c6059768fb0" = Mah Jong Medley
"WTA-d50518e0-167f-43d1-b168-f4d7f2c0c200" = Bounce Symphony
"WTA-fc8886ac-c86d-44f5-bc39-b421e8f9efde" = Zuma Deluxe
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/11/2016 4:31:43 PM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/11/2016 4:35:17 PM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/11/2016 4:38:39 PM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/17/2016 10:12:18 PM | Computer Name = user-HP | Source = System Restore | ID = 8193
Description = 
 
Error - 12/19/2016 4:41:47 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/19/2016 4:47:28 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/19/2016 4:52:02 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/20/2016 3:16:21 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/20/2016 3:21:34 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
Error - 12/20/2016 3:27:22 AM | Computer Name = user-HP | Source = Microsoft-Windows-CAPI2 | ID = 256
Description = The Cryptographic Services service failed to initialize the Catalog
 Database. The error was: 1117 (0x45d) : The request could not be performed because
 of an I/O device error.  .
 
[ Hewlett-Packard Events ]
Error - 5/11/2012 4:58:00 AM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 5/27/2012 7:55:25 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 5616  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 5/27/2012 7:55:25 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 5616  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 6/3/2012 7:15:17 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 5616  Ram Utilization:   TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 6/3/2012 7:15:18 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 5616  Ram Utilization:   TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 6/10/2012 9:57:02 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 7/11/2012 6:00:47 AM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 8/10/2012 12:34:18 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 11/19/2012 8:55:44 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 5616
Ram
 Utilization: 60  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

 
Error - 11/19/2012 10:58:50 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 5616
Ram
 Utilization: 60  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

 
[ HP Software Framework Events ]
Error - 4/15/2016 5:13:02 PM | Computer Name = user-HP | Source = hpqwmiex | ID = 5
Description = 2016/04/15 14:13:02.865|00000C70|Error      |ChpqWmiExModule::Start|The
 hpqwmiex service failed to start (1063).  A system restart may correct this problem.
 
[ System Events ]
Error - 12/21/2016 6:28:32 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:29:24 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:29:24 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:29:24 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:30:34 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:30:34 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:30:34 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:31:32 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:31:32 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
Error - 12/21/2016 6:31:32 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
 to start because of the following error:   %%1068
 
 
< End of report >

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Please download aswMBR from here


  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below




Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives


  • Once the scan finishes click Save log to save the log to your Desktop


  • Copy and paste the contents of aswMBR.txt back here for review

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
It's asking me if I want to download Avast definitions. Yes or no?

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Yes please

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-12-23 18:19:45
-----------------------------
18:19:45.055    OS Version: Windows x64 6.1.7601 Service Pack 1
18:19:45.055    Number of processors: 2 586 0x100
18:19:45.070    ComputerName: USER-HP  UserName: user
18:53:59.847    Initialize success
19:27:44.327    AVAST engine defs: 16122301
23:49:13.379    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a
23:49:13.379    Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 11
23:53:43.914    Disk 0 MBR read successfully
23:53:43.914    Disk 0 MBR scan
23:56:33.222    Disk 0 Windows 7 default MBR code
23:56:33.300    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
23:57:19.663    Disk 0 default boot code
23:57:36.465    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       941949 MB offset 206848
23:57:53.313    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        11817 MB offset 1929318849
00:03:14.128    Disk 0 scanning C:\Windows\system32\drivers
02:45:04.365    Service scanning
02:52:51.836    Modules scanning
02:52:51.836    Disk 0 trace - called modules:
02:52:52.024    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
02:52:52.039    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005fc2790]
02:52:52.039    3 CLASSPNP.SYS[fffff88000db943f] -> nt!IofCallDriver -> [0xfffffa8005ee0ac0]
02:52:52.039    5 amd_xata.sys[fffff88000fe18f7] -> nt!IofCallDriver -> \Device\0000005a[0xfffffa8005edc9c0]
03:05:43.961    AVAST engine scan C:\Windows
03:22:40.679    AVAST engine scan C:\Windows\system32
06:33:33.441    File: C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\8ea4c536da1434c796df396e7f5384c4\PresentationFramework-SystemCore.ni.dll **HIDDEN**
06:34:59.195    AVAST engine scan C:\Windows\system32\drivers
06:37:05.508    AVAST engine scan C:\Users\user
00:02:17.389    File: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\cache2\entries\2BE3EACB19D60511FCA3E6E25B35749A14D5EBEA **HIDDEN**
00:25:26.745    File: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\cache2\entries\AAA282BCF7A610E7BC04498192186490B649EEAD **HIDDEN**
00:26:13.093    File: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\cache2\entries\C7A9A97BB1EE4ADE748FDDE36A67D0D7D07A8D2A **HIDDEN**
00:26:15.620    File: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\cache2\entries\C8D6DE9FD41EAE09D67AA4896DEC861791522F14 **HIDDEN**
00:27:02.779    File: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\fcpzgi7g.default-1395282151623\cache2\entries\E6BCB4F6C8A55AEF4CC446B55669C85658EDC939 **HIDDEN**
00:28:46.098    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe **HIDDEN**
00:28:47.705    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_31893.exe **HIDDEN**
00:28:49.296    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe **HIDDEN**
00:28:50.856    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe **HIDDEN**
00:28:52.447    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_34024.exe **HIDDEN**
00:28:54.054    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe **HIDDEN**
00:28:55.676    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe **HIDDEN**
00:28:57.127    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe **HIDDEN**
00:28:58.718    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_38429.exe **HIDDEN**
00:29:00.294    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.2_38656.exe **HIDDEN**
00:29:01.636    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe **HIDDEN**
00:29:03.336    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe **HIDDEN**
00:29:04.974    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.4_40911.exe **HIDDEN**
00:29:05.286    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe **HIDDEN**
00:29:05.926    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41073.exe **HIDDEN**
00:29:06.175    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41162\utorrentie.exe **HIDDEN**
00:29:06.799    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41162.exe **HIDDEN**
00:29:07.236    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe **HIDDEN**
00:29:07.907    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe **HIDDEN**
00:29:08.032    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe **HIDDEN**
00:29:08.671    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe **HIDDEN**
00:29:09.139    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe **HIDDEN**
00:29:09.763    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41712.exe **HIDDEN**
00:29:09.919    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe **HIDDEN**
00:29:10.606    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.5_41865.exe **HIDDEN**
00:29:11.417    File: C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.6_42094.exe **HIDDEN**
00:29:11.542    File: C:\Users\user\AppData\Roaming\uTorrent\updates\updates\3.4.6_42094\utorrentie.exe **HIDDEN**
00:29:12.181    File: C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe **HIDDEN**
00:29:17.969    AVAST engine scan C:\ProgramData
00:53:54.545    Disk 0 statistics 6337659/0/0 @ 0.13 MB/s
00:53:54.545    Scan finished successfully
12:31:17.538    Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
12:31:17.538    The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Run ESET Online Scan Please do an online scan with ESET Online Scanner . Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescannerlog.txt.

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iBryte\browseforchange\uninstall.exe.vir    Win32/Adware.iBryte application   
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iBryte\playbryte\uninstall.exe.vir    Win32/Adware.iBryte application   
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setupx.dll.vir    a variant of Win32/Adware.Yontoo.B application   
C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Babylon\Setup\BExternal.dll.vir    a variant of Win32/Toolbar.Babylon.F potentially unwanted application   
C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Babylon\Setup\IECookieLow.dll.vir    a variant of Win32/Toolbar.Babylon.E potentially unwanted application   
C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Babylon\Setup\Setup.exe.vir    a variant of Win32/Toolbar.Babylon.E potentially unwanted application   
C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application   
C:\AdwCleaner\Quarantine\C\users\user\AppData\Roaming\Speedial\UpdateProc\UpdateTask.exe.vir    a variant of Win32/DealPly.S potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSS.exe    a variant of Win32/Systweak.L potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll    a variant of Win32/Systweak.N potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe    a variant of Win32/Systweak.L potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe    a variant of Win32/Systweak.L potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe    a variant of Win32/Systweak.L potentially unwanted application   
C:\Program Files (x86)\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe    a variant of Win32/Systweak.L potentially unwanted application   
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000    a variant of Win32/4Shared.O potentially unwanted application   
C:\Users\Guest\Downloads\amnesia_the_dark_descent.exe    Win32/Toggle.H potentially unwanted application   
C:\Users\Guest\Downloads\Word-Installer.exe    a variant of Win32/InstallCore.AF potentially unwanted application   
C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe    a variant of Win32/AdkDLLWrapper.A potentially unwanted application   
C:\Windows\Installer\1937337.msi    a variant of Win32/Systweak.L potentially unwanted application,a variant of Win32/Systweak.N potentially unwanted application

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Excellent work!

Now to wrap things up here...

CCleaner Temporary Files Cleaning

NOTE: If you already have this installed, you don't have to reinstall it.

Please download CCleaner

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.


  • Double-click the CCleaner shortcut on the desktop to start the program.
  • A prompt will ask you if you want CCleaner to do a check to see what cookies it needs to keep. Allow that operation.
  • On the Cleaner tab, click on Run Cleaner on the bottom-right to run the program.
  • Important: Make sure that ALL browser windows are closed before selecting Run Cleaner, or it will ask if you want the program to close them for you (when you do this, all unsaved data may be lost in the browser).


Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.




Please download Security Analysis from here
  • Save it to your Desktop.
  • Close your security software to avoid potential conflicts.
  • Double click RGSA.exe
  • Click OK on the copyright-disclaimer
  • It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
  • Please copy and paste the contents of that log in this topic.

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Result of Security Analysis by Rocket Grannie (x86) Updated: 17th December, 2016
Running from:C:\Users\user\Desktop (00:18:59 - 12/30/2016)
***---------------------------------------------------------***
Microsoft Windows 7 Home Premium X64 Service Pack 1
UAC is Enabled!
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Disabled - Up to Date)
Spybot - Search and Destroy (Disabled - Not Up to Date)
Windows Firewall (Enabled)
*No other Firewall Installed*
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player Plugin (version 23.0.0.207) is *out of Date*
CCleaner (version 5.25)
Firefox (version 50)
Google Chrome (version 54)
Microsoft Silverlight (version 5.1)
Spybot - Search & Destroy (version 2.4)

Adobe Flash Player 23 ActiveX (version 23.0.0.207) is *out of Date*
Java 8 Update 77 (version 8.0.770.3) is *out of Date*
Java 8 Update 91 (version 8.0.910.14) is *out of Date*
Windows Live Essentials (version 15.4.3508.1109) is *out of Date*
Windows Live Essentials (version 15.4.3502.0922) is *out of Date*

***----------------Analysis Complete-------------------------***

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Please update the following programs:

Uninstall every version of Adobe Flash Player 23 (version 23.0.0.207)
Then download the new version(s) from: www.adobe.com/products/flashplayer.html *Ensure to download this for each of your browsers.

Uninstall these: Java 8 Update 77 and Java 8 Update 91
Then, download the newest version, if you wish to keep Java, from www.Java.com

If you prefer to have better protection, uninstall Spybot Search & Destroy, and please download at least a free antivirus at www.avast.com

After doing all of this, please let me know how your computer is operating. Smile...

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
I managed to uninstall both Adobes and the Spybot, but when I try either Java, I get this picture.

Also, status update: I am still working in Safe Mode with Networking, but the speed is already significantly better. Proof of that is the fact that I was able to upload this screenshot. I have yet to try anything in a regular boot.

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Not sure if it was attached. It says:

The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Windows Installer service will not work under Safe Mode, this means that programs cannot be installed or uninstalled in Safe Mode without giving a specific command using msiexec in Command Prompt.

Are you able to work in Normal Mode?

Please visit below tutorial link to enable Windows Installer service under Safe Mode.

Make Windows Installer Service Work Under Safe Mode

descriptionRe: [INACTIVE] EXTREMELY slow computer with terrible startup

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum