My father has an old computer running Windows Vista that all of a sudden need 30+ minutes to boot to desktop. Once it's booted to desktop everything is slow as can be. Trying to copy the log files from FRST to a USB-stick (30kb roughly) takes 30+ minutes. Also Windows Defender and Avast Anti-Virus is disabled and can't be enabled. When I checked CPU usage it was at 100% with 785 Mb of RAM used, so I did some googling and disabled Windows Update and Superfetch to no avail, so I'm thinking perhaps there's some crap running on the system.
I have run FRST and OTL, log files attached to this post.
The system is an HP SR5612CS with an AMD Athlon 4450e and 2GB of RAM running Windows Vista Home SP2.
Thanks in advance!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20.06.2018
Ran by jan (administrator) on JAN-DATOR (01-07-2018 11:37:05)
Running from C:\Users\jan\Desktop
Loaded Profiles: jan (Available Profiles: jan)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Svenska (Sverige)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Prolific Technology Inc.) C:\WINDOWS\System32\IoctlSvc.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
() C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-10] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk [2010-08-27]
ShortcutTarget: NETGEAR WG111v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Presario&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Presario&pf=cndt
HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://se.altavista.com/
HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Presario&pf=cndt
SearchScopes: HKLM -> {0F14F4D6-62A4-49BE-BAEB-566AB17935B6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se
SearchScopes: HKLM -> {60463A28-9362-445C-BD31-DC1ED8320EF3} URL = hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
SearchScopes: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000 -> DefaultScope {0F14F4D6-62A4-49BE-BAEB-566AB17935B6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se
SearchScopes: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000 -> {0F14F4D6-62A4-49BE-BAEB-566AB17935B6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se
SearchScopes: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000 -> {60463A28-9362-445C-BD31-DC1ED8320EF3} URL = hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
BHO: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-10] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-10] (Oracle Corporation)
BHO: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_73-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0073-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_73-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_73-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-29] [Legacy] [not signed]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-25] (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> conduit.search
CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default [2007-01-02]
CHR Extension: (Battlefield Heroes) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-04-04]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-22]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-20] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5830352 2017-09-10] (AVAST Software s.r.o.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-10] (AVAST Software)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [267520 2017-09-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-09-10] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-09-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-09-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-09-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-09-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [70112 2017-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-09-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [773800 2017-09-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [500136 2017-09-10] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [202712 2017-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296192 2017-09-26] (AVAST Software)
S3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [227328 2007-04-23] (NETGEAR Inc. )
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-01 12:05 - 2018-07-01 12:05 - 000001668 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-07-01 12:05 - 2018-07-01 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2018-07-01 12:04 - 2018-07-01 12:07 - 000000000 ____D C:\Program Files\Defraggler
2018-07-01 11:52 - 2018-07-01 11:44 - 006404096 _____ (Piriform Ltd) C:\Users\jan\Desktop\dfsetup222.exe
2018-07-01 11:36 - 2018-07-01 12:44 - 000013077 _____ C:\Users\jan\Desktop\FRST.txt
2018-07-01 11:15 - 2018-06-29 22:39 - 000602112 _____ (OldTimer Tools) C:\Users\jan\Desktop\OTL.exe
2018-07-01 11:15 - 2018-06-29 22:37 - 001773056 _____ (Farbar) C:\Users\jan\Desktop\FRST.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-01 11:36 - 2007-01-01 06:53 - 000000000 ____D C:\FRST
2018-07-01 10:57 - 2006-11-02 14:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-01 10:57 - 2006-11-02 14:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
==================== Files in the root of some directories =======
2013-07-21 09:52 - 2013-07-23 18:33 - 095023320 ____T () C:\ProgramData\4039.pad
2011-03-15 20:36 - 2011-10-16 12:41 - 000000032 _____ () C:\Program Files\plugins-04041e-1f8.dat
2011-03-10 21:38 - 2016-03-23 16:59 - 000000168 _____ () C:\Users\jan\AppData\Roaming\default.pls
2013-01-27 07:33 - 2013-01-27 07:33 - 000138056 _____ () C:\Users\jan\AppData\Roaming\PnkBstrK.sys
2012-01-30 17:58 - 2014-03-23 11:34 - 000001424 _____ () C:\Users\jan\AppData\Roaming\wklnhst.dat
2010-08-27 20:05 - 2016-03-19 11:26 - 000001356 _____ () C:\Users\jan\AppData\Local\d3d9caps.dat
2010-10-17 16:03 - 2007-01-01 22:11 - 000061952 _____ () C:\Users\jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2014-01-13 15:08 - 2010-10-17 14:04 - 000876824 _____ (DivX, Inc. ) C:\Users\jan\AppData\Local\Temp\DivXSetup.exe
2015-04-13 18:25 - 2015-04-13 18:25 - 000938408 _____ (Oracle Corporation) C:\Users\jan\AppData\Local\Temp\jre-7u79-windows-i586-iftw.exe
2017-09-10 16:32 - 2017-09-10 16:32 - 000740416 _____ (Oracle Corporation) C:\Users\jan\AppData\Local\Temp\jre-8u144-windows-au.exe
2016-01-30 10:10 - 2016-01-30 10:10 - 000736352 _____ (Oracle Corporation) C:\Users\jan\AppData\Local\Temp\jre-8u73-windows-au.exe
2013-09-12 11:12 - 2013-09-12 11:12 - 001130576 _____ (BitTorrent Inc.) C:\Users\jan\AppData\Local\Temp\utt2C4F.tmp.exe
2016-08-28 19:52 - 2016-08-28 19:53 - 030533688 _____ () C:\Users\jan\AppData\Local\Temp\vlc-2.2.4-win32.exe
2013-12-25 13:50 - 2013-12-25 13:51 - 000000000 _____ () C:\Users\jan\AppData\Local\Temp\{061E02C4-2B46-4B20-8E65-635B5F625BAB}-31.0.1650.63_chrome_installer.exe
2016-02-18 07:08 - 2016-02-18 07:08 - 044333984 _____ (Google Inc.) C:\Users\jan\AppData\Local\Temp\{0DEC1F2B-C9E7-41FC-A678-85AAC728970E}-48.0.2564.116_chrome_installer.exe
2013-11-17 14:38 - 2013-11-17 14:38 - 000000000 _____ () C:\Users\jan\AppData\Local\Temp\{1D90AA27-9E86-4E5F-88D2-86118533E1B4}-31.0.1650.57_chrome_installer.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2007-01-02 15:45
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20.06.2018
Ran by jan (01-07-2018 13:56:27)
Running from C:\Users\jan\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2010-08-27 17:13:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administratör (S-1-5-21-4037423344-1165896761-4045062565-500 - Administrator - Disabled)
Gäst (S-1-5-21-4037423344-1165896761-4045062565-501 - Limited - Disabled)
jan (S-1-5-21-4037423344-1165896761-4045062565-1000 - Administrator - Enabled) => C:\Users\jan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 - Svenska (HKLM\...\{AC76BA86-7AD7-1053-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Cards_Calendar_OrderGift_DoMorePlugout (HKLM\...\{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Compatibility Pack för Office 2007-systemet (HKLM\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.1.2.2 - DivX, Inc. )
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Chrome Frame (HKLM\...\Google Chrome Frame) (Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard Active Check for Health Check (HKLM\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (HKLM\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 2.0.63.2 - HP) Hidden
HP Demo (HKLM\...\{48BF4489-0C58-4E80-BB17-94A673CE310A}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}) (Version: 5.7.0.2693 - Hewlett-Packard)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPPhotoSmartPhotobookWebPack1 (HKLM\...\{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile Language Pack - SVE (HKLM\...\Microsoft .NET Framework 4 Client Profile SVE Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{2C1B58D5-6549-472C-86B7-17BE57186628}) (Version: 9.7.0621 - Microsoft Corporation)
MPC-BE 1.4.4.286 (HKLM\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.4.4.286 - MPC-BE Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.52 - WildTangent)
Nero 8 (HKLM\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1033}) (Version: 8.3.332 - Nero AG)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.00.0000 - NETGEAR) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.00.0000 - NETGEAR)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PSSWCORE (HKLM\...\{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5657 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.120 (HKLM\...\SafeZone 1.48.2066.120) (Version: 1.48.2066.120 - Avast Software) Hidden
Spotify (HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - sve) (Version: - Microsoft Corporation)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Utvärderingsversion av Microsoft Office hem- och studentutgåva 2007 (HKLM\...\OfficeTrial) (Version: - )
VC80CRTRedist - 8.0.50727.4053 (HKLM\...\{5EE7D259-D137-4438-9A5F-42F432EC0421}) (Version: 1.1.0 - DivX, Inc) Hidden
VideoToolkit01 (HKLM\...\{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
XVID Player 1.0 (HKLM\...\XVID Player_is1) (Version: - vsevensoft.com)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000_Classes\CLSID\{B6CE1A28-A831-43E4-A81F-E2B429D66231}\InprocServer32 -> C:\Users\jan\AppData\Local\ASKTOO~1\DOWNLO~1\Nero.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-10] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-10] (AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-03] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-10] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-03] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2008-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-10] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-03] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05976084-F83E-42FD-822B-B2EECBF7CDBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-20] (Adobe Systems Incorporated)
Task: {41A68231-043B-4B2D-A93E-464BB9C8BDC0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-10] (AVAST Software)
Task: {4E9B9504-3A20-42DD-8354-8C5C2EA5B085} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {707C63CF-4116-4C60-A897-E18FBC82E6ED} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {B55B5EA1-6DA4-4512-B121-AF7AABA0206C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {E607BDBA-D789-4253-B278-069094C092A0} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [2008-06-12] ()
Task: {FC935D5A-7376-493B-8064-DF7FB1F9C0BC} - System32\Tasks\SafeZone scheduled Autoupdate 1458736886 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-12] (Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-03-12 19:32 - 2006-12-03 15:53 - 000126464 _____ () C:\Program Files\WinRAR\rarext.dll
2017-09-10 15:49 - 2017-09-10 15:49 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 002121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 007745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 000135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2007-09-14 10:24 - 2007-09-14 10:24 - 001695744 _____ () C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
2017-09-10 15:49 - 2017-09-10 15:49 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-10 13:32 - 2016-07-10 13:33 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-10 15:49 - 2017-09-10 15:49 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-10 15:49 - 2017-09-10 15:49 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-10 15:49 - 2017-09-10 15:49 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-10 15:49 - 2017-09-10 15:49 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\...\videolan.org -> hxxp://www.videolan.org
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4037423344-1165896761-4045062565-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\img22.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\jan\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\jan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Xvid => C:\Program Files\Xvid\CheckUpdate.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{1E703B6C-6CEC-414E-910E-4F635ECE1B86}] => (Allow) c:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{95B4E537-B166-4066-AEE2-3D5A786B60CF}] => (Allow) LPort=80
FirewallRules: [{396FFE24-1B90-4A3E-B9EB-A15CDEDCC75C}] => (Allow) LPort=80
FirewallRules: [{0AA4E5E1-92B3-4C78-B82E-5E6AE64808ED}] => (Allow) LPort=80
FirewallRules: [TCP Query User{8B236DCD-4B74-4B8C-9E0D-D3AA647FF357}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [UDP Query User{2C47FDA2-D4AA-419E-8C05-062AF6D411A1}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [TCP Query User{26C7F677-7EC9-462D-8C15-7EB8A8DA8A3C}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{630B5DC3-2388-4BFB-A01D-15E63AED1A96}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{AB7281CF-C555-49F8-B5FD-16CD157F15FC}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{45DB4AED-D235-4BF9-BC6A-FDAEFCC0E58F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{393ABC74-4689-4054-B141-221C85B3E3FE}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BC1ECB82-76AD-43B5-9E36-0F32E7DBB70B}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{ED4AE71F-2286-4B1D-B73F-EF3676D042B1}] => (Allow) C:\WINDOWS\System32\PnkBstrA.exe
FirewallRules: [{9B939899-C880-465D-91F2-D08BE3D55A5C}] => (Allow) C:\WINDOWS\System32\PnkBstrA.exe
FirewallRules: [{DC16905E-8DFD-4BD6-8D95-46284F390CCE}] => (Allow) C:\WINDOWS\System32\PnkBstrB.exe
FirewallRules: [{A5D6D34C-3FFD-4484-98E1-99AAD430B6EA}] => (Allow) C:\WINDOWS\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{706AD473-924F-43E0-8CEC-B73BCC0064F8}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Block) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{4F2A987A-BAE5-4D57-885D-CF0A0A954B47}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Block) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{656D9875-5FC2-4212-AA3C-E501C7CB95AC}] => (Allow) C:\Users\jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9570A00F-203F-4B7D-8E51-A846C594802E}] => (Allow) C:\Users\jan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{96D4018B-A51F-42C8-97B6-C4BE4CF4C9E3}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{07D2816F-DB33-4B04-9048-BB19BCA931ED}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{B73D3A3F-253A-484E-A8F9-C85F9DDCB121}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{CD5F4668-899B-4297-A3E0-1476DA056BC5}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{891C6B6B-51B7-42FB-93C5-6BEAFFE5582E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{607748E2-F995-4BDB-8B86-6F6A6CCF9DC0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{499525A3-3D8F-4477-B4F3-ADC45AC0DE9A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft WPD FileSystem Volume Driver
Description: Microsoft WPD FileSystem Volume Driver
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: (WPD file system device)
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2018 12:30:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
Error: (07/01/2018 12:29:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download....throotstl.cab>.Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen.
.
System errors:
=============
Error: (07/01/2018 11:17:01 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Servern {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} registrerades inte med DCOM inom erforderlig timeout.
Error: (01/02/2007 04:09:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Servern {0228576F-6E6C-4E1A-B175-0E46A316AFE2} registrerades inte med DCOM inom erforderlig timeout.
Error: (01/02/2007 04:08:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Windows Media Player Network Sharing Service kunde inte startas på grund av följande fel:
Tjänsten svarade inte på start- eller kontrollbegäran i tid.
Error: (01/02/2007 04:08:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Windows Media Player Network Sharing Service skulle ansluta.
Error: (01/02/2007 04:08:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten ShellHWDetection.
Error: (01/02/2007 04:08:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Background Intelligent Transfer Service kunde inte startas på grund av följande fel:
Tjänsten svarade inte på start- eller kontrollbegäran i tid.
Error: (01/02/2007 04:08:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten BITS.
Error: (01/02/2007 04:08:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
i8042prt
CodeIntegrity:
===================================
Date: 2007-01-02 00:48:11.470
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:47:45.608
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:47:18.406
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:46:52.765
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:46:26.940
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:46:00.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:45:26.954
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2007-01-02 00:45:00.373
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon Dual Core Processor 4450e
Percentage of memory in use: 45%
Total physical RAM: 1917.76 MB
Available physical RAM: 1036.86 MB
Total Virtual: 4078.04 MB
Available Virtual: 3415.55 MB
==================== Drives ================================
Drive c: (COMPAQ) (Fixed) (Total:284.41 GB) (Free:121.96 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.68 GB) (Free:1.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (UNTITLED) (Removable) (Total:14.42 GB) (Free:14.41 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=284.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.7 GB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 14.4 GB) (Disk ID: 4D4CD78C)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0B)
==================== End of Addition.txt ============================