[SOLVED] [Win7SP1 x86] Javascript doesn't run on MSIE11 (part three)

[antomov]

Hello

This thread is continued from

https://www.sysnative.com/forums/wi...1-does-not-running-javascript.html#post178659

xilolee advised me to post new thread here. Below I am posting the require logs:

Result of Security Analysis by Rocket Grannie (x86) Updated: 16th April, 2017
Running from:C:\Users\User\Desktop (07:48:47 - 04/22/2017)
***---------------------------------------------------------***
Microsoft Windows 7 Ultimate X86 Service Pack 1
UAC is *Disabled*
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
Kaspersky Internet Security (Disabled - Up to Date)
Kaspersky Internet Security (Disabled - Up to Date)
Windows Defender (Disabled - Up to Date)
Kaspersky Internet Security (Disabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player 25 NPAPI (version 25.0.0.148)
Adobe Flash Player 25 ActiveX (version 25.0.0.148)
Firefox (version 52)
Google Chrome (version 55)
Microsoft Silverlight (version 5.1)
Opera (version 41)

Malwarebytes Anti-Malware, версия (version 2.0.2.1012) is *out of Date*
Windows Live Essentials (version 15.4.3555.0308) is *out of Date*
Windows Live Essentials (version 15.4.3502.0922) is *out of Date*

***----------------Analysis Complete-------------------------***

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2017
Ran by User (administrator) on USER-PC (22-04-2017 07:38:09)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-09-25] (NEC Electronics Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14737664 2016-07-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-17] (Adobe Systems Inc.)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [28344776 2017-04-17] (Dropbox, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-11-12] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-02-07]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1697F879-8B88-444D-A5B8-CE5AB8CB0A72}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-30] (AO Kaspersky Lab)
BHO: No Name -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-30] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3763065651-978722003-3044627540-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3763065651-978722003-3044627540-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-30] (AO Kaspersky Lab)
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} hxxp://webcam.varna.bg:8080/VatDec.cab
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://vpn1.rrcm.biz/CACHE/stc/1/binaries/vpnweb.cab
DPF: {748838B0-D6B1-4B68-B19F-29DE8661F020} hxxps://sogecashnet.sgeb.bg/smartoffice/resources/plugx2.ocx
DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://rbweb.corpbank.bg/CSWebBankASP/capicom.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: AutorunsDisabled\wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll [2012-03-08] (Microsoft Corporation)
Handler: AutorunsDisabled\wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2012-03-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default [2017-04-22]
FF Homepage: Mozilla\Firefox\Profiles\vfn80qav.default -> hxxp://zamunda.net/bananas
FF Extension: (Kino-Filmov.Net) - C:\Users\User\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\kino-filmov.net.xpi [2010-09-19] [not signed]
FF Extension: (ABV Notifier) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\abvnotifier@netinfo.bg.xpi [2015-11-27]
FF Extension: (Mail.BG Mail Checker/Notifier) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\checker@mail.bg.xpi [2016-11-27]
FF Extension: (Classic Theme Restorer) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-04-22]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\marcoagpinto@mail.telepac.pt [2017-03-30]
FF Extension: (B-Trust Tool) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\sc_cert_delete@b-trust.org [2016-01-05]
FF Extension: (Skype) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2017-04-03]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (UnMHT) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vfn80qav.default\Extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2017-02-21]
FF Extension: (Anti-Banner) - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2017-03-11] [not signed]
FF Extension: (Anti-Banner) - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2017-03-11] [not signed]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2017-03-11] [not signed]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2017-03-11] [not signed]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2017-03-11] [not signed]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2017-03-11] [not signed]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2017-03-11] [not signed]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-03-12] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @protectdisc.com/NPMPDRM -> C:\Program Files\Common Files\mpDRM\NPMPDRM.dll [2010-02-03] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3763065651-978722003-3044627540-1000: SkypePlugin -> C:\Users\User\AppData\Local\SkypePlugin\7.31.0.56\npGatewayNpapi.dll [2017-02-03] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-05]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-05]
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-17]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - <no Path/update_url>

Opera:
=======
OPR StartupUrls: "hxxp://mail.bg/"
OPR Extension: (LastPass: Free Password Manager) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2017-04-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S4 AHDDC2; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-09] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42288 2017-04-17] (Dropbox, Inc.)
S4 DfSdkS; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed]
S4 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe [121456 2010-05-17] ()
S4 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [5626376 2015-02-05] ()
R2 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
S3 KSDE1.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [425408 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [425408 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-01] (© pdfforge GmbH.)
S4 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6849808 2015-11-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 RapportMgmtService; no ImagePath

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2013-12-12] (Cisco Systems, Inc.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2012-12-04] (Advanced Micro Devices Inc.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [71880 2014-09-23] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2014-09-23] (Advanced Micro Devices)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-07-10] (Alcor Micro, Corp.)
S4 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [49248 2013-05-02] (Advanced Micro Devices)
S4 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16512 2009-10-11] (Adaptec) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-04-05] (HID Global Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131856 2008-08-28] (Deterministic Networks, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-08-31] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [17488 2016-01-25] (Windows (R) 2000 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [17488 2017-04-09] (Windows (R) 2000 DDK provider)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2016-07-10] (GenesysLogic)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-07-10] (REALiX(tm))
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2012-09-17] (JMicron Technology Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [71504 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [155360 2017-04-12] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [129520 2017-04-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [805088 2017-04-12] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49744 2017-03-30] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [46000 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [71088 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [116960 2017-03-30] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-04-09] (AO Kaspersky Lab)
S4 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S4 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 mv91cons; C:\Windows\System32\DRIVERS\mv91cons.sys [20616 2016-07-10] (Marvell Semiconductor Inc.)
R0 mvs91xx; C:\Windows\System32\DRIVERS\mvs91xx.sys [294024 2016-07-10] (Marvell Semiconductor, Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [86408 2012-08-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [178568 2012-08-27] (Renesas Electronics Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [40384 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [69160 2017-04-01] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [155648 2009-07-17] (Realtek Semiconductor Corp.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [428088 2011-11-10] (Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S4 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [110208 2016-07-02] (BigNox Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-10-02] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-10-02] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-10-02] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-10-02] (Microsoft Corporation)
S4 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43376 2013-12-12] (Cisco Systems, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
S4 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S4 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S4 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S4 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S4 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S4 dbx; system32\DRIVERS\dbx.sys [X]
U5 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2017-04-09] ()
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S4 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S4 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-22 07:38 - 2017-04-22 07:38 - 00029084 _____ C:\Users\User\Desktop\FRST.txt
2017-04-22 07:37 - 2017-04-22 07:37 - 00000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2017-04-22 07:36 - 2017-04-22 07:36 - 00899584 _____ C:\Users\User\Desktop\RGSA.exe
2017-04-22 07:29 - 2017-04-22 07:37 - 01766912 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2017-04-21 07:57 - 2017-04-21 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-20 19:24 - 2017-04-20 19:24 - 14176256 _____ C:\Users\User\Downloads\SkypeWebPlugin (2).msi
2017-04-18 13:01 - 2017-04-18 13:01 - 01100686 _____ C:\Users\User\dumpfile.xml
2017-04-18 13:01 - 2017-04-18 13:01 - 00013665 _____ C:\Users\User\summary.txt
2017-04-17 18:14 - 2017-04-17 18:14 - 00042288 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-17 11:53 - 2017-04-17 11:53 - 00000000 ____D C:\Users\User\Desktop\Windows reapair
2017-04-14 19:12 - 2017-04-22 07:38 - 00000000 ____D C:\FRST
2017-04-14 17:31 - 2017-04-14 17:32 - 239126136 _____ C:\Users\User\Downloads\Windows6.1-KB947821-v34-x86.msu
2017-04-14 15:36 - 2017-04-15 07:15 - 00000000 ____D C:\SFCFix
2017-04-13 07:06 - 2017-03-25 22:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-13 07:06 - 2017-03-07 18:06 - 02746880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-13 07:06 - 2017-03-07 18:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-13 07:05 - 2017-03-27 20:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-13 07:05 - 2017-03-25 22:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-13 07:05 - 2017-03-25 22:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-13 07:05 - 2017-03-25 21:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-13 07:05 - 2017-03-25 21:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-13 07:05 - 2017-03-25 21:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-13 07:05 - 2017-03-25 21:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-13 07:05 - 2017-03-25 21:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-13 07:05 - 2017-03-25 21:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-13 07:05 - 2017-03-25 21:47 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-13 07:05 - 2017-03-25 21:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-13 07:05 - 2017-03-25 21:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-13 07:05 - 2017-03-25 21:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-13 07:05 - 2017-03-25 21:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-13 07:05 - 2017-03-25 21:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-13 07:05 - 2017-03-25 21:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-13 07:05 - 2017-03-25 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-13 07:05 - 2017-03-25 21:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-13 07:05 - 2017-03-25 20:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-13 07:05 - 2017-03-25 20:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-13 07:05 - 2017-03-25 19:57 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-13 07:05 - 2017-03-25 19:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-13 07:05 - 2017-03-25 01:41 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-13 07:05 - 2017-03-22 18:24 - 02953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-13 07:05 - 2017-03-22 18:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-13 07:05 - 2017-03-22 18:20 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-13 07:05 - 2017-03-22 18:06 - 02091520 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-13 07:05 - 2017-03-22 18:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-13 07:05 - 2017-03-22 18:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-13 07:05 - 2017-03-22 18:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-13 07:05 - 2017-03-22 18:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-13 07:05 - 2017-03-22 18:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-13 07:05 - 2017-03-22 18:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-13 07:05 - 2017-03-22 18:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-13 07:05 - 2017-03-14 18:23 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-13 07:05 - 2017-03-14 18:23 - 00218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-13 07:05 - 2017-03-14 18:17 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-13 07:05 - 2017-03-10 19:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-13 07:05 - 2017-03-10 19:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-13 07:05 - 2017-03-10 19:19 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-13 07:05 - 2017-03-10 19:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-13 07:05 - 2017-03-10 18:54 - 02400256 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-13 07:05 - 2017-03-10 18:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-13 07:05 - 2017-03-08 23:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-13 07:05 - 2017-03-08 07:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-04-13 07:05 - 2017-03-08 07:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-13 07:05 - 2017-03-08 07:26 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-13 07:05 - 2017-03-08 07:26 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-13 07:05 - 2017-03-08 07:24 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-13 07:05 - 2017-03-08 07:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 06:58 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-13 07:05 - 2017-03-08 06:58 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-13 07:05 - 2017-03-08 06:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-13 07:05 - 2017-03-08 06:58 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-13 07:05 - 2017-03-08 06:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-13 07:05 - 2017-03-08 06:56 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-13 07:05 - 2017-03-08 06:55 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-13 07:05 - 2017-03-08 06:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-13 07:05 - 2017-03-08 06:54 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-13 07:05 - 2017-03-08 06:54 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-13 07:05 - 2017-03-08 06:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-13 07:05 - 2017-03-08 06:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-13 07:05 - 2017-03-08 06:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-13 07:05 - 2017-03-08 06:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-13 07:05 - 2017-03-08 06:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 06:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 06:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-13 07:05 - 2017-03-08 06:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-13 07:05 - 2017-03-07 19:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-13 07:05 - 2017-03-07 18:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-13 07:05 - 2017-03-04 04:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-13 07:05 - 2017-03-04 04:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-10 16:28 - 2017-04-10 16:28 - 00024673 _____ C:\ComboFix.txt
2017-04-10 16:08 - 2017-04-10 17:13 - 00000000 ____D C:\Windows\erdnt
2017-04-10 16:06 - 2017-04-10 16:07 - 00227990 _____ C:\TDSSKiller.3.1.0.12_10.04.2017_16.06.00_log.txt
2017-04-10 16:05 - 2017-04-10 16:05 - 04747704 _____ (AO Kaspersky Lab) C:\Users\User\Downloads\tdsskiller.exe
2017-04-09 18:49 - 2017-04-15 17:55 - 00000000 ___RD C:\Users\User\Dropbox
2017-04-09 18:46 - 2017-04-22 06:59 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-09 18:46 - 2017-04-22 06:59 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-09 18:46 - 2017-04-21 07:57 - 00000000 ____D C:\Program Files\Dropbox
2017-04-09 18:46 - 2017-04-09 18:58 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
2017-04-09 18:46 - 2017-04-09 18:46 - 00690080 _____ (Dropbox, Inc.) C:\Users\User\Downloads\DropboxInstaller.exe
2017-04-09 18:46 - 2017-04-09 18:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2017-04-09 18:46 - 2017-04-09 18:46 - 00000000 ____D C:\ProgramData\Dropbox
2017-04-09 07:09 - 2017-04-09 07:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2017-04-09 06:58 - 2017-04-09 06:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-04-09 06:56 - 2017-04-12 16:16 - 00805088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-04-09 06:56 - 2017-04-12 16:16 - 00155360 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-04-09 06:56 - 2017-04-09 06:58 - 00000000 ____D C:\Program Files\Kaspersky Lab
2017-04-09 06:56 - 2017-04-09 06:56 - 00000000 ____D C:\Windows\ELAMBKUP
2017-04-08 14:11 - 2017-04-15 07:15 - 00000000 ____D C:\Users\User\AppData\Local\niemiro
2017-04-08 13:53 - 2017-04-08 13:53 - 00001413 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-08 09:34 - 2017-04-08 09:34 - 18005296 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE9-WindowsVista-x86-enu.exe
2017-04-08 09:17 - 2017-04-08 09:17 - 00037455 _____ C:\Windows\system32\sfcdetails.txt
2017-04-08 08:49 - 2017-04-08 08:49 - 00000368 _____ C:\Users\User\Downloads\SystemLook.txt
2017-04-08 08:48 - 2017-04-08 08:48 - 00139264 _____ C:\Users\User\Downloads\SystemLook.exe
2017-04-06 22:10 - 2017-03-11 00:17 - 00525600 _____ C:\Windows\system32\vulkan-1.dll
2017-04-06 22:10 - 2017-03-11 00:17 - 00233760 _____ C:\Windows\system32\vulkaninfo.exe
2017-04-06 22:07 - 2017-04-01 06:18 - 35280320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 28560440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 09316648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 09014792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 08876272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 03012152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 01097272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3238165.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00991800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00929728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3238165.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00912952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00577544 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00499136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00426312 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00148016 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00131720 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2017-04-06 22:07 - 2017-04-01 06:18 - 00000669 _____ C:\Windows\system32\nv-vk32.json
2017-04-06 22:07 - 2017-04-01 03:41 - 00069160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-04-06 10:43 - 2017-04-06 13:14 - 00000000 ____D C:\Users\User\Desktop\NCR
2017-04-04 12:51 - 2017-04-04 12:51 - 00000662 _____ C:\Users\User\Desktop\Working.lnk
2017-04-02 13:35 - 2017-04-02 13:35 - 01217024 _____ C:\Users\User\Downloads\MicrosoftEasyFix50974.msi
2017-04-02 13:05 - 2017-04-02 13:05 - 00738368 _____ (Oracle Corporation) C:\Users\User\Downloads\jre-8u121-windows-i586-iftw (1).exe
2017-04-02 10:38 - 2017-04-02 10:38 - 00000709 _____ C:\Users\User\Desktop\Irina Rabota.lnk
2017-04-02 10:30 - 2017-04-02 10:30 - 00000642 _____ C:\Users\User\Desktop\Anton.lnk
2017-04-02 10:26 - 2017-04-02 10:26 - 00000638 _____ C:\Users\User\Desktop\Viki.lnk
2017-04-02 07:01 - 2017-04-02 07:01 - 44240896 _____ C:\Users\User\Downloads\SkypeSetup_7.15.0.103.msi
2017-04-02 00:45 - 2017-04-02 00:45 - 00000000 ____D C:\Users\User\Downloads\JavaRa-2.6
2017-04-02 00:12 - 2017-04-02 00:13 - 00159578 _____ C:\Users\User\Downloads\JavaRa-2.6.zip
2017-04-01 23:54 - 2017-04-01 23:54 - 00036864 _____ (Appleoddity) C:\Users\User\Downloads\JavaMSIFix.exe
2017-04-01 23:39 - 2017-04-01 23:39 - 00738368 _____ (Oracle Corporation) C:\Users\User\Downloads\jre-8u121-windows-i586-iftw.exe
2017-04-01 23:37 - 2017-04-02 00:27 - 01157656 _____ (Oracle Corporation) C:\Users\User\Downloads\JavaUninstallTool.exe
2017-04-01 23:31 - 2017-04-01 23:31 - 56427072 _____ (Oracle Corporation) C:\Users\User\Downloads\jre-8u121-windows-i586.exe
2017-04-01 23:13 - 2017-02-14 19:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-01 23:13 - 2017-02-11 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-01 23:13 - 2017-02-09 19:14 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-01 23:13 - 2017-02-09 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-01 23:13 - 2017-01-18 18:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-01 23:08 - 2017-04-02 13:02 - 00738880 _____ (Oracle Corporation) C:\Users\User\Downloads\jxpiinstall.exe
2017-04-01 21:46 - 2017-04-01 21:46 - 00000000 ___DL C:\Windows\SysNative
2017-04-01 21:30 - 2017-04-01 21:30 - 33684368 _____ (Microsoft Corporation) C:\Users\User\Downloads\EIE11_BG-BG_WOL_WIN7.EXE
2017-04-01 21:13 - 2017-04-08 09:37 - 29720784 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE11-Windows6.1-x86-en-us.exe
2017-04-01 21:12 - 2017-04-01 21:12 - 31194832 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE11-Windows6.1-x86-bg-bg(1).exe
2017-04-01 21:09 - 2017-04-01 21:09 - 31194832 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE11-Windows6.1-x86-bg-bg.exe
2017-04-01 13:13 - 2017-04-01 13:13 - 14176256 _____ C:\Users\User\Downloads\SkypeWebPlugin (1).msi
2017-04-01 12:51 - 2017-04-01 12:57 - 00000025 _____ C:\Users\User\Downloads\Skype.bat
2017-04-01 12:50 - 2017-04-01 12:50 - 00000000 _____ C:\Users\User\Downloads\Skype.txt
2017-04-01 12:46 - 2017-04-01 12:46 - 00000000 ____D C:\Users\User\Downloads\skype-for-desktop-logging
2017-04-01 12:45 - 2017-04-01 12:45 - 00000606 _____ C:\Users\User\Downloads\skype-for-desktop-logging.zip
2017-04-01 11:57 - 2017-04-01 11:57 - 00066560 _____ (PCdust.com) C:\Users\User\Downloads\SRT.exe
2017-04-01 11:54 - 2017-04-01 11:54 - 43520000 _____ C:\Users\User\Downloads\SkypeSetup_7.30.0.103.msi
2017-04-01 11:39 - 2017-04-01 11:40 - 44048864 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skype_7.32.0.104.exe
2017-04-01 11:19 - 2017-04-20 19:24 - 00000000 ____D C:\Users\User\AppData\Local\SkypePlugin
2017-04-01 11:19 - 2017-04-01 11:19 - 14176256 _____ C:\Users\User\Downloads\SkypeWebPlugin.msi
2017-04-01 08:26 - 2017-04-01 08:47 - 00221662 _____ C:\Users\User\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2017-04-01 07:35 - 2017-04-01 07:35 - 44208128 _____ C:\Users\User\Downloads\SkypeSetup_7.33.0.105.msi
2017-04-01 07:32 - 2017-04-01 07:32 - 00066560 _____ (PCdust.com) C:\Users\User\Downloads\SRTa.exe
2017-03-30 06:19 - 2017-04-12 16:13 - 00129520 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-30 06:19 - 2017-03-30 06:19 - 00116960 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-30 06:19 - 2017-03-30 06:19 - 00049744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2017-03-24 22:15 - 2017-03-24 21:25 - 00405373 _____ C:\Users\User\Desktop\Map.pdf
2017-03-24 21:25 - 2017-03-24 21:25 - 00405373 _____ C:\Users\User\Downloads\Map.pdf
2017-03-23 20:25 - 2017-04-17 22:02 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-03-23 19:36 - 2017-03-23 19:13 - 00001165 _____ C:\Users\User\Desktop\Adobe Photoshop CS6.lnk
2017-03-23 19:13 - 2017-03-23 19:13 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2017-03-23 19:12 - 2017-03-23 19:12 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2017-03-23 19:10 - 2017-03-23 19:10 - 00001477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-03-23 19:10 - 2017-03-23 19:10 - 00001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-03-23 19:06 - 2017-03-23 19:06 - 00001500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-03-23 00:21 - 2017-03-23 00:21 - 00035432 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-23 00:21 - 2017-03-23 00:21 - 00035432 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-23 00:21 - 2017-03-23 00:21 - 00035432 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-22 07:23 - 2010-04-15 09:13 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2017-04-22 07:17 - 2012-11-19 00:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-22 07:07 - 2013-02-21 18:19 - 00000000 ____D C:\Users\User\AppData\Roaming\GoodSync
2017-04-22 07:07 - 2009-07-14 07:34 - 00025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-22 07:07 - 2009-07-14 07:34 - 00025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-22 07:06 - 2015-04-09 15:29 - 00000000 ____D C:\Users\User\Desktop\Desktop Shortcuts
2017-04-22 07:04 - 2016-11-18 13:50 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2017-04-22 07:03 - 2012-05-04 07:23 - 00000000 ____D C:\Users\User\Documents\Outlook Files
2017-04-22 07:01 - 2017-02-07 15:58 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-22 07:01 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\inetsrv
2017-04-22 06:59 - 2012-04-25 14:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-04-22 06:59 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-21 17:00 - 2017-03-11 10:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-21 07:17 - 2017-01-24 09:09 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2017-04-21 07:17 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\NDF
2017-04-18 14:20 - 2014-08-14 06:58 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2017-04-18 08:22 - 2017-03-13 08:10 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2017-04-17 22:07 - 2016-08-20 08:29 - 00000000 ____D C:\Users\User\Desktop\New folder (3)
2017-04-17 21:44 - 2016-03-31 20:35 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape
2017-04-16 16:48 - 2016-06-29 16:45 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2017-04-15 22:32 - 2013-08-15 21:05 - 00000000 ____D C:\ProgramData\Home Media Server
2017-04-14 20:15 - 2011-11-28 08:01 - 00000000 ___SD C:\Users\User\AppData\LocalLow\Temp
2017-04-13 12:37 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache
2017-04-13 07:35 - 2009-01-03 02:35 - 00006604 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-13 07:25 - 2009-07-14 07:33 - 03812664 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-13 07:21 - 2013-07-11 06:54 - 00000000 ____D C:\Windows\system32\MRT
2017-04-13 07:14 - 2010-04-15 23:45 - 145733648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 16:24 - 2012-03-31 14:43 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-04-12 16:24 - 2011-05-16 06:53 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-04-12 16:24 - 2010-04-15 11:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-12 16:17 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\inf
2017-04-12 16:07 - 2015-11-01 15:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-10 16:25 - 2009-07-14 05:04 - 00000215 _____ C:\Windows\system.ini
2017-04-09 17:54 - 2010-04-21 18:27 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2017-04-09 17:54 - 2010-04-15 09:01 - 00024944 _____ C:\Windows\system32\Drivers\GVTDrv.sys
2017-04-09 17:52 - 2012-01-07 11:28 - 00000000 ____D C:\Windows\pss
2017-04-09 07:47 - 2010-04-16 22:44 - 00000000 ____D C:\Program Files\Adobe
2017-04-09 07:16 - 2014-10-16 20:51 - 00000000 ____D C:\Users\User\Desktop\Kaspersky
2017-04-09 07:09 - 2016-06-14 17:47 - 00165088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-04-09 07:00 - 2015-09-09 20:26 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-09 06:54 - 2017-03-12 11:18 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-08 22:58 - 2017-03-13 09:46 - 00766734 _____ C:\Windows\ntbtlog.txt
2017-04-08 08:33 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-06 22:10 - 2017-03-20 21:48 - 00000000 ____D C:\Program Files\VulkanRT
2017-04-06 22:08 - 2011-03-31 19:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-05 16:32 - 2010-04-17 23:38 - 00000000 ____D C:\Users\User\Desktop\Win_Care
2017-04-05 13:55 - 2017-02-13 09:56 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2017-04-04 07:23 - 2016-12-15 00:51 - 00046933 _____ C:\Users\User\Downloads\MTB.txt
2017-04-03 10:28 - 2016-09-05 12:43 - 00190520 ____H C:\Windows\system32\mlfcache.dat
2017-04-03 07:24 - 2010-05-02 19:01 - 00000000 ____D C:\Windows\Minidump
2017-04-03 06:55 - 2015-01-15 18:43 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-03 06:40 - 2010-04-16 19:00 - 00007642 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2017-04-03 06:33 - 2010-07-26 21:19 - 00000000 ____D C:\ProgramData\Codemasters
2017-04-03 05:02 - 2009-07-14 07:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-03 05:02 - 2009-07-14 07:52 - 00000000 ____D C:\Program Files\Microsoft Games
2017-04-03 05:02 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\registration
2017-04-02 17:09 - 2009-07-14 07:53 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-02 10:57 - 2012-06-03 07:51 - 00000000 ____D C:\Program Files\SmartSound Software
2017-04-02 10:57 - 2009-01-03 02:41 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-04-02 10:54 - 2014-02-16 13:20 - 00000000 ____D C:\Python33
2017-04-02 10:51 - 2013-03-25 18:37 - 00000000 ____D C:\ProgramData\Rosetta Stone
2017-04-02 10:51 - 2013-03-24 20:39 - 00000000 ____D C:\ProgramData\FLEXnet
2017-04-02 10:46 - 2012-05-31 16:59 - 00000000 ____D C:\Program Files\AVS4YOU
2017-04-02 10:46 - 2010-06-04 16:56 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2017-04-02 10:46 - 2010-05-07 08:11 - 00000000 ____D C:\Users\User\AppData\Roaming\AnvSoft
2017-04-02 10:43 - 2010-04-16 16:53 - 00000000 ___RD C:\Users\User\Desktop\Snimki
2017-04-02 09:11 - 2017-01-04 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-02 09:11 - 2017-01-04 11:09 - 00000000 ____D C:\Program Files\mbar
2017-04-02 08:35 - 2015-01-15 18:43 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-04-01 23:08 - 2011-10-26 20:28 - 00000000 ____D C:\Program Files\Java_old
2017-04-01 21:03 - 2009-01-03 12:20 - 00000000 ____D C:\Windows\Panther
2017-04-01 10:27 - 2009-07-14 05:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-01 08:10 - 2017-01-24 09:08 - 00000000 ____D C:\MATS
2017-04-01 06:18 - 2017-03-20 21:41 - 12665912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-04-01 06:18 - 2017-02-07 16:42 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-01 06:18 - 2017-02-07 15:56 - 17418608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2017-04-01 06:18 - 2017-02-07 15:56 - 13398512 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2017-04-01 06:18 - 2017-02-07 15:56 - 03588376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2017-04-01 06:18 - 2017-02-07 15:56 - 00406736 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2017-04-01 06:18 - 2017-02-07 15:56 - 00037368 _____ C:\Windows\system32\nvinfo.pb
2017-04-01 05:09 - 2017-02-07 15:58 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-01 04:48 - 2017-02-07 15:59 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-04-01 04:48 - 2017-02-07 15:59 - 04004288 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 02103864 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 00463928 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 00381888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-04-01 04:48 - 2017-02-07 15:59 - 00070200 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-03-31 21:45 - 2017-03-13 09:28 - 57796056 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetupFull.exe
2017-03-31 21:40 - 2017-02-23 14:55 - 01631704 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2017-03-31 06:49 - 2017-03-13 07:48 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-31 06:49 - 2010-04-16 00:26 - 00000000 ____D C:\Users\User\Desktop\Start
2017-03-27 21:14 - 2016-03-03 09:26 - 00000000 ____D C:\Users\User\Desktop\Сметки
2017-03-27 16:34 - 2010-04-15 11:15 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2017-03-27 10:31 - 2017-03-13 07:58 - 00000000 ____D C:\Users\User\AppData\Local\PDFCreator
2017-03-23 19:35 - 2009-01-03 02:54 - 00111576 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-23 19:14 - 2013-01-11 08:08 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-03-23 19:11 - 2011-06-17 15:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-03-23 19:10 - 2010-04-16 22:43 - 00000000 ____D C:\ProgramData\Adobe
2017-03-23 07:47 - 2010-04-15 12:38 - 00000000 ____D C:\Program Files\Opera

==================== Files in the root of some directories =======

2017-03-23 20:25 - 2017-04-17 22:02 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-05-05 16:38 - 2014-11-30 17:34 - 0038437 _____ () C:\Users\User\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-08-24 21:54 - 2014-08-24 21:54 - 0000033 _____ () C:\Users\User\AppData\Roaming\ezpinst.log
2010-12-19 19:05 - 2013-08-02 12:37 - 0217600 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-16 19:00 - 2017-04-03 06:40 - 0007642 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2012-04-05 07:19 - 2016-11-06 10:45 - 0001892 _____ () C:\Users\User\AppData\Local\Temp1.html
2015-08-30 17:30 - 2015-08-30 17:49 - 0015522 _____ () C:\Users\User\AppData\Local\Temp11.html
2014-05-22 20:52 - 2014-08-01 06:46 - 0020411 _____ () C:\Users\User\AppData\Local\Temp15.html
2016-11-06 10:46 - 2016-11-06 10:46 - 0007295 _____ () C:\Users\User\AppData\Local\Temp6.html
2011-06-18 08:16 - 2011-06-18 08:16 - 0017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2015-05-05 18:20 - 2015-05-05 18:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-13 12:29

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-04-2017
Ran by User (22-04-2017 07:39:48)
Running from C:\Users\User\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2009-01-02 23:28:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3763065651-978722003-3044627540-500 - Administrator - Disabled)
Guest (S-1-5-21-3763065651-978722003-3044627540-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3763065651-978722003-3044627540-1036 - Limited - Enabled)
User (S-1-5-21-3763065651-978722003-3044627540-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3763065651-978722003-3044627540-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AAC ACM Codec 1.8 (HKLM\...\AACACM) (Version: 1.8 - fccHandler)
Absolute MP3 Splitter version 2.8.1 (HKLM\...\Absolute MP3 Splitter_is1) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Ansel (Version: 381.65 - NVIDIA Corporation) Hidden
Ashampoo HDD Control 2 v.2.1.0 (HKLM\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Barbie(R) Fashion Show - An Eye For Style(TM) (Version: 1.0 - Activision Value) Hidden
Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version: - )
CDRoller version 8.70 (HKLM\...\CDRoller_is1) (Version: 8.70 - Digital Atlantic Corp.)
Compiled Driver Disk (Samsung) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 1.0.8.1 - COMPELSON Labs)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Daum PotPlayer 1.5.35174 (HKLM\...\PotPlayer) (Version: - )
DiRT Rally v1.1 (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Dnevnici (HKLM\...\{056F7778-78DC-41A8-BA8E-99DECC179459}) (Version: 3.01 - NRA)
Dropbox (HKLM\...\Dropbox) (Version: 24.4.16 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Easy Poster Printer (HKLM\...\{1B5979B5-FE79-405A-A023-592DCE48C522}) (Version: 6.0.0 - GD Software)
Easy Tune 6 B11.0120.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0120.1 (Version: 1.00.0000 - GIGABYTE) Hidden
F1 2014 (HKLM\...\RjEyMDE0_is1) (Version: 1 - )
Favorite-Games 5.22 (HKLM\...\Favorite-Games_is1) (Version: - Favorite-Games 2001-2013 ©)
ffdshow v1.3.4532 [2014-07-17] (HKLM\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Folder Size 3.4.0.0 (HKLM\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
FramePhotoEditor 1.0.0 (HKLM\...\FramePhotoEditor_is1) (Version: - FramePhotoEditor, Inc.)
Free DWG Viewer 16.0 (HKLM\...\{86DBA993-F0F0-4C5C-8B33-36D67702167F}) (Version: 16.0.2.7 - IGC)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.15.5 - Siber Systems)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
GRID Autosport (HKLM\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - )
H.264 Encoder (HKLM\...\{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1) (Version: - H.264 Encoder - freeware encode video to H.264 format)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: - HDS)
HD Tune Pro 4.01 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Regenerator (HKLM\...\{B7C076CA-126E-497C-8724-B589F54031AF}) (Version: 1.61.0011 - Abstradrome)
Inpaint 5.5 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
JT2Go (HKLM\...\{5C2CC390-5E77-4161-904C-3C731EA6D8BB}) (Version: 10.1.15309 - Siemens PLM Software)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (Version: 17.0.0.611 - Kaspersky Lab) Hidden
KMPlayer (HKLM\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV)
Luxor Mega Pack (HKLM\...\Luxor Mega Pack) (Version: - )
Malwarebytes Anti-Malware, версия 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Manager (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
MC@WebSign (Software) (HKLM\...\OmikronNPES01) (Version: - )
MediaInfo 0.7.57 (HKLM\...\MediaInfo) (Version: 0.7.57 - MediaArea.net)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM\...\Office14.OMUI.bg-bg) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5026 (HKLM\...\{761AB0B8-FC68-3AE2-B7D9-A0CC6F0ED045}) (Version: 9.0.30729.5026 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{DCFD26A8-60A5-4C69-A52D-264D0386FDB3}) (Version: 1.20.146.0 - Microsoft)
MKVtoolnix 3.0.0 (HKLM\...\MKVtoolnix) (Version: 3.0.0 - Moritz Bunkus)
MOBILedit! Support Libraries (HKLM\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)
MOBILedit! ver. 6.9.0.2876 (HKLM\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 6.9.0.2876 - COMPELSON Labs)
Mozilla Firefox 53.0 (x86 bg) (HKLM\...\Mozilla Firefox 53.0 (x86 bg)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
MPEG2 Codec(libmpeg2/mad) (HKLM\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.14.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.14.0 - NEC Electronics Corporation) Hidden
Nero 7 Lite v7.5.7.0 (HKLM\...\Nero7Lite_is1) (Version: - Updatepack.nl)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version: - )
Opera Stable 44.0.2510.857 (HKLM\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picture Collage Maker Pro 3.2.6 (HKLM\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: - PearlMountain Technology Co., Ltd)
Pivot Software (Version: 9.03.004 - Portrait Displays, Inc.) Hidden
PrimoPoi version 1.8.0 (HKLM\...\{9200B68F-51D5-46E4-8C7E-9F5A8A60DB2C}_is1) (Version: 1.8.0 - Hansiwenna)
PRO100 ver. 4.28 (HKLM\...\PRO100_is1) (Version: - )
Quantum of Solace(TM) (Version: 1.00.0000 - Activision) Hidden
Rapport (Version: 3.5.1404.75 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7829 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Room Arranger (HKLM\...\Room Arranger) (Version: 7.2.5 - Jan Adamec)
SA Dictionary® 2012 Beta 1 (HKLM\...\SA Dictionary® 2012 Beta 1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM\...\{083988D7-BDA9-4244-983B-409A634BBC09}) (Version: 13.0.1.220 - SAP)
SDK (Version: 2.22.002 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0402-0000-0000000FF1CE}_Office14.OMUI.bg-bg_{19EC17F0-B5A9-45D6-9BDD-E198B4E15CF9}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype Web Plugin (HKLM\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
SmartControl (HKLM\...\{F4EF231A-7218-41B1-AB84-F5B48B74C50A}) (Version: 2.02.005 - Portrait Displays, Inc.)
SnapTouch 2.90 (HKLM\...\SnapTouch) (Version: 2.90 - AccentSoft Team)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.51091 Beta - TeamViewer)
Vit Registry Fix 12.6.3 (Remove only) (HKLM\...\Vit Registry Fix) (Version: - VITSOFT)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WhoCrashed 3.02 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XTREME GAMING ENGINE (HKLM\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.1.1 - GIGABYTE Technology Co.,Inc.)
Декларация Обр.1 и 6 (HKLM\...\{65CE3464-B22F-4B0F-A160-AEF937E0D8D4}) (Version: 9.01 - НАП)
Домашний медиа-сервер (UPnP, DLNA) (HKLM\...\HMS) (Version: 2.21 - Evgeny Lachinov)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F5D760B-9468-D082-5DE6-2CEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{229ACC2D-2478-4076-85C1-DD82058384E6}\localserver32 -> C:\Program Files\Siemens\JT2Go\Products\JT2Go\JT2GOFV.EXE (Siemens)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{5F044920-5590-472D-962F-2468E2F0CAF1}\localserver32 -> C:\Users\User\AppData\Local\SkypePlugin\PluginHost.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{7253b364-18c5-555a-4b07-26abb39c9f99}\InprocServer32 -> C:\Users\User\AppData\Local\SkypePlugin\7.31.0.56\EdgeBrokerPS.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\User\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\User\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5D1937A1-9468-D082-F7A7-68AC85889A47} => No File
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{E103C2B6-AE44-4f01-8391-F29BABE0B780}\localserver32 -> C:\Program Files\Siemens\JT2Go\Products\JT2Go\VisView.exe (Siemens)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\User\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{EAC179B1-B2AD-4695-902B-43D77A3D8D11}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {035FD859-37CC-49B4-BF6A-CC313DA18D98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {0BA0E6A0-F4B4-47CA-9E2D-FA6F178BFAE4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {36A98BD6-9906-4F61-8D79-60086EFAA7B9} - System32\Tasks\{9182D86A-9F06-48D8-AE8A-F735340A26B3} => pcalua.exe -a C:\Users\User\Downloads\jre-8u121-windows-i586.exe -d C:\Users\User\Downloads
Task: {40DDDC5B-1247-4ED1-937A-FF410C697EAE} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {4DC446B0-8ECE-4F14-B2ED-C4F4450B8A51} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {63AC22F1-A417-4C07-A85A-CFD705CF9A5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-13] (Google Inc.)
Task: {69D6DC1D-0A08-4125-8551-3E2D14F53370} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2017-04-09] (Dropbox, Inc.)
Task: {6A8BFF5D-4937-47FD-A818-FA376B99C149} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {7667C695-BD28-4BBE-9988-4FD075A7A49A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-02-23] (NVIDIA Corporation)
Task: {7E39339C-0B99-4356-BCD4-FD617F1A0DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-13] (Google Inc.)
Task: {9807D8D9-ABEF-4056-ADA6-E7C5F36EA226} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {990919A4-5879-44A5-B3A6-62B2D1FF974C} - System32\Tasks\Microsoft\Windows\PLA\System\{6D0DD131-1A72-4ACE-A0BB-5A60443944B4}_System Diagnostics => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {A6086B82-5FD5-413F-AD24-D655C0ECD810} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-02-23] (NVIDIA Corporation)
Task: {AC57D4B6-3CBC-462D-8AF7-7FF9CFB3B72F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {BAA05C1B-AC2C-425A-B249-AD16BC4F5B81} - System32\Tasks\Opera scheduled Autoupdate 1480232953 => C:\Program Files\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {C29BA0F6-07E2-4467-92A2-2A0C129C0092} - System32\Tasks\{8965BB48-2627-4178-87FA-07F18B496790} => pcalua.exe -a C:\Users\User\Downloads\JavaUninstallTool.exe -d C:\Users\User\Downloads
Task: {C8EE59B7-2AC0-499C-B669-32373AE8D939} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {D6A9E500-6A79-4515-B9DA-7E438CBDE05A} - \Driver Booster SkipUAC (User) -> No File <==== ATTENTION
Task: {DA4B3EB9-E7C0-4743-B920-14CABBC11FB8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2017-04-09] (Dropbox, Inc.)
Task: {DAC240D8-2277-4A1F-922F-0749287D57E7} - System32\Tasks\Microsoft\Windows\PLA\System\{0C129934-5397-4E9C-8874-B0C6CA171E59}_System Diagnostics => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {F6E56F5B-6030-4215-9202-CE1CAB564943} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-06-03 06:35 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2013-06-03 06:35 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2017-02-07 16:01 - 2017-02-23 21:35 - 00900032 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-07 16:01 - 2017-02-23 21:35 - 03774400 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-07 16:01 - 2017-02-23 21:35 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2017-02-07 16:02 - 2017-02-23 17:30 - 00338488 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-07 16:02 - 2017-02-23 17:30 - 00252352 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-07 16:02 - 2017-02-23 17:30 - 02443320 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\Downloader.node
2017-02-07 16:02 - 2017-02-23 17:30 - 00385592 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-07 16:02 - 2017-02-23 17:30 - 00543288 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-07 16:02 - 2017-02-23 17:30 - 00468536 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-04-05 03:38 - 2017-04-05 03:38 - 69743184 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2017-04-02 11:52 - 00000826 _RASH C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3763065651-978722003-3044627540-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{8F1A7CB5-49CA-48F3-9D4B-323430E314CD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{7D65DC7A-D486-49EA-9138-CED0843F2870}] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{DE719811-E1C1-4D65-8C9D-B146A12F279F}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{E4EAB5C4-4343-4FDA-98DB-C3F03A5AACF3}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{B6F06680-5146-405E-8912-C5D51A4150AB}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{DACF3313-842A-48E0-A50E-32598C296D69}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{6B67C4E7-2E39-4D09-BB8C-A5E9695F4BE5}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{C596B717-5D9D-4928-ABA1-493E2EF36518}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{A840936E-D7AD-4314-9324-1A37A49D8559}] => (Allow) LPort=33333
FirewallRules: [{86F21791-0CB5-47AD-A923-E4FB0D063E4D}] => (Allow) LPort=33338
FirewallRules: [{790352AB-EE52-45D2-B0E6-0D9FF74081E5}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D02576E9-8B2A-4139-A0BA-1A8E72048400}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31BE6F58-C530-4EDE-B4E1-AB22258D1D30}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67D1C176-93EF-4F72-95C2-6F496A4854BE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67820529-E6BD-4B2B-B74D-6C54E09BC4CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DF98491A-7C64-41F7-AA39-964409351933}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{55A88EC0-B747-43E5-B25E-2EFE57823BDE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{199F8EDF-1002-4111-9579-E186BDAC53EC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{10AA224A-2702-48D9-8C20-E406ADDA7E68}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4FB35079-A09A-4C32-B19B-26249C3477A7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{53D6558C-3341-4959-9459-C432E7D44788}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{05A0195E-C46A-4D8A-8DFC-27E2D655A352}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{9CD436D1-75AD-4A24-B67D-346F2A354192}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{454D9AD4-B3C4-4560-B308-F60D7AEFED80}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{EC939A73-2935-43C7-B65A-03B677D956D2}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{E707FE4A-1D68-4E15-9918-7F280396B456}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{42AA68FE-45EC-4264-A0D7-B87FDCDC8D80}] => (Allow) C
FirewallRules: [{C9B13297-8E61-4114-85B4-E01790879A0F}] => (Allow) C
FirewallRules: [{7A118AF6-7244-43DE-92B6-17396B7538AF}] => (Allow) C
FirewallRules: [{7B9B8C88-612B-498B-AB01-23BFA31BF170}] => (Allow) C
FirewallRules: [{B8C4E8F8-8051-4719-8491-CE2369BDAB68}] => (Allow) C
FirewallRules: [{C85DFB8F-1CE0-45A4-AA8D-553DA99A58D5}] => (Allow) C
FirewallRules: [{F340D633-EEEA-47B9-89ED-DBFE4B3F912A}] => (Allow) LPort=3
FirewallRules: [{132E695E-3477-463D-B88E-7A910444B30C}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{117BBE30-8C89-4A65-908F-3B617ABC1102}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{D5CA792C-8F77-4259-9D59-D25B8836A90D}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{83E301D1-1AA9-42D0-9FF7-3BD9913B3300}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{69CF6FCE-3FB0-47BB-9243-3B212340E02F}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{11008009-B0A8-43BB-8726-90AB4A19D6D4}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{AC99E296-781B-46FB-A89B-74B55EC047A4}] => (Allow) LPort=1433
FirewallRules: [{23FFF56B-91C3-4A4E-B2CF-2A521ED8DF2B}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{FBEAC007-B86E-4EB1-ADA9-3138087A3637}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{484C4D88-7825-45E0-B43F-312574CCF65F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CD22E0C4-61B2-4865-86DA-8008C27A21DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{528495ED-88A7-493F-8A10-8B8D983B3C9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{328B999E-DD61-408E-B3FF-EF493E87E095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{464FF627-AF29-4E6D-BCED-4FDD6901C298}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{336E0EAA-A27B-4787-8FDF-06F67A1FD674}] => (Allow) C:\Program Files\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{4D910760-39CA-4FA4-A452-6D3AAF7FDA13}] => (Allow) C:\Program Files\Opera\44.0.2510.857\opera.exe
FirewallRules: [{1E58CEB0-94AE-40B7-9D7F-388157EDF117}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6CAA4E8-2AAB-4CC1-8010-7AC4F04F9DDE}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe] => EnabledotPlayer
StandardProfile\AuthorizedApplications: [C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe] => EnabledotPlayer

==================== Restore Points =========================

14-04-2017 17:32:42 Windows Update
14-04-2017 20:14:34 Restore Point Created by FRST
15-04-2017 17:04:26 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2017 10:12:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Programs\WIN_TOOLS\Autoruns\Autoruns64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2017 10:12:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Programs\WIN_TOOLS\Autoruns\autorunsc64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2017 10:11:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Programs\WIN_TOOLS\Autoruns64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2017 10:11:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Programs\WIN_TOOLS\autorunsc64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/15/2017 05:04:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {be5573d6-8238-44ea-a2a9-f91e6d026b40}

Error: (04/13/2017 07:35:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (04/13/2017 07:35:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/13/2017 07:10:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: User-PC)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (04/13/2017 07:10:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: User-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/13/2017 07:10:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: User-PC)
Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (04/21/2017 09:08:50 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (04/18/2017 07:13:40 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (04/14/2017 06:25:59 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/14/2017 06:25:59 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/14/2017 06:25:38 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/14/2017 06:25:38 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/14/2017 06:25:16 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/14/2017 06:25:16 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

Error: (04/13/2017 07:34:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (04/13/2017 07:26:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
The authentication service is unknown.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X2 555 Processor
Percentage of memory in use: 60%
Total physical RAM: 3069.09 MB
Available physical RAM: 1211.31 MB
Total Virtual: 11139.42 MB
Available Virtual: 8940.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:27.72 GB) NTFS
Drive d: () (Fixed) (Total:498.51 GB) (Free:77.04 GB) NTFS
Drive f: (Store) (Fixed) (Total:335.35 GB) (Free:16.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 335.4 GB) (Disk ID: B83AB83A)
Partition 1: (Not Active) - (Size=335.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 12C812C7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=498.5 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

 

[Corrine]

Re: [Win7SP1 x86] MSIE11 won't run Javascript

Hi, antomov.

• First, it is not advisable to randomly run tools, particularly those that have not been updated in a long time. That includes both ComboFix and JavaRa.
• Second, use of file-sharing programs such as µTorrent you have no means of identifying or authenticating the source of the download. In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files.
• Third, the steps that xilolee had you follow were the most likely to solve the problem of JavaScript not working in IE11 and it is not likely that what I will ask you to do will solve that problem.

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Open Notepad (Start =>All Programs => Accessories => Notepad).
• Copy/Paste the entire contents of the code box below into Notepad.

start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: No Name -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> No File
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - <no Path/update_url>
S4 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S4 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S4 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S4 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S4 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S4 dbx; system32\DRIVERS\dbx.sys [X]
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S4 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S4 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F5D760B-9468-D082-5DE6-2CEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5D1937A1-9468-D082-F7A7-68AC85889A47} => No File
Task: {6A8BFF5D-4937-47FD-A818-FA376B99C149} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {D6A9E500-6A79-4515-B9DA-7E438CBDE05A} - \Driver Booster SkipUAC (User) -> No File <==== ATTENTION
FirewallRules: [{42AA68FE-45EC-4264-A0D7-B87FDCDC8D80}] => (Allow) C
FirewallRules: [{C9B13297-8E61-4114-85B4-E01790879A0F}] => (Allow) C
FirewallRules: [{7A118AF6-7244-43DE-92B6-17396B7538AF}] => (Allow) C
FirewallRules: [{7B9B8C88-612B-498B-AB01-23BFA31BF170}] => (Allow) C
FirewallRules: [{B8C4E8F8-8051-4719-8491-CE2369BDAB68}] => (Allow) C
FirewallRules: [{C85DFB8F-1CE0-45A4-AA8D-553DA99A58D5}] => (Allow) C
EmptyTemp:
end

• Click Format and ensure Wordwrap is unchecked.
• Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
• Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post the log in your next reply.

 

[antomov]

Re: [Win7SP1 x86] MSIE11 won't run Javascript

Hello Corrine

Thank you with helping me to fix my issues.
Below is the Fixlog file:
https://www.sysnative.com/forums/members/53-corrine/

Fix result of Farbar Recovery Scan Tool (x86) Version: 22-04-2017 01
Ran by User (22-04-2017 22:45:42) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: No Name -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> No File
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - <no Path/update_url>
S4 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S4 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S4 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S4 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S4 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S4 dbx; system32\DRIVERS\dbx.sys [X]
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S4 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S4 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F5D760B-9468-D082-5DE6-2CEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5D1937A1-9468-D082-F7A7-68AC85889A47} => No File
Task: {6A8BFF5D-4937-47FD-A818-FA376B99C149} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {D6A9E500-6A79-4515-B9DA-7E438CBDE05A} - \Driver Booster SkipUAC (User) -> No File <==== ATTENTION
FirewallRules: [{42AA68FE-45EC-4264-A0D7-B87FDCDC8D80}] => (Allow) C
FirewallRules: [{C9B13297-8E61-4114-85B4-E01790879A0F}] => (Allow) C
FirewallRules: [{7A118AF6-7244-43DE-92B6-17396B7538AF}] => (Allow) C
FirewallRules: [{7B9B8C88-612B-498B-AB01-23BFA31BF170}] => (Allow) C
FirewallRules: [{B8C4E8F8-8051-4719-8491-CE2369BDAB68}] => (Allow) C
FirewallRules: [{C85DFB8F-1CE0-45A4-AA8D-553DA99A58D5}] => (Allow) C
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKU\S-1-5-21-3763065651-978722003-3044627540-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} => key removed successfully.
HKCR\CLSID\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} => key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\dchlnpcodkpfdpacogkljefecpegganj => key removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh => key removed successfully.
HKLM\System\CurrentControlSet\Services\andnetadb => key removed successfully.
andnetadb => service removed successfully.
HKLM\System\CurrentControlSet\Services\AndNetDiag => key removed successfully.
AndNetDiag => service removed successfully.
HKLM\System\CurrentControlSet\Services\ANDNetModem => key removed successfully.
ANDNetModem => service removed successfully.
HKLM\System\CurrentControlSet\Services\anvsnddrv => key removed successfully.
anvsnddrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\catchme => key removed successfully.
catchme => service removed successfully.
HKLM\System\CurrentControlSet\Services\dbx => key removed successfully.
dbx => service removed successfully.
HKLM\System\CurrentControlSet\Services\NVHDA => key removed successfully.
NVHDA => service removed successfully.
HKLM\System\CurrentControlSet\Services\usbbus => key removed successfully.
usbbus => service removed successfully.
HKLM\System\CurrentControlSet\Services\UsbDiag => key removed successfully.
UsbDiag => service removed successfully.
HKLM\System\CurrentControlSet\Services\USBModem => key removed successfully.
USBModem => service removed successfully.
HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B} => key removed successfully.
HKU\S-1-5-21-3763065651-978722003-3044627540-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A8BFF5D-4937-47FD-A818-FA376B99C149} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A8BFF5D-4937-47FD-A818-FA376B99C149} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6A9E500-6A79-4515-B9DA-7E438CBDE05A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6A9E500-6A79-4515-B9DA-7E438CBDE05A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (User) => key removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42AA68FE-45EC-4264-A0D7-B87FDCDC8D80} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9B13297-8E61-4114-85B4-E01790879A0F} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A118AF6-7244-43DE-92B6-17396B7538AF} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B9B8C88-612B-498B-AB01-23BFA31BF170} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8C4E8F8-8051-4719-8491-CE2369BDAB68} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C85DFB8F-1CE0-45A4-AA8D-553DA99A58D5} => value removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12906671 B
Java, Flash, Steam htmlcache => 55213 B
Windows/system/drivers => 271912 B
Edge => 0 B
Chrome => 318787208 B
Firefox => 333010462 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 560 B
LocalService => 0 B
NetworkService => 0 B
User => 76674461 B

RecycleBin => 0 B
EmptyTemp: => 715.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:47:12 ====

 

[Corrine]

Re: [Win7SP1 x86] MSIE11 won't run Javascript

Any change in the status of IE 11 and Javascript?

 

[antomov]

Re: [Win7SP1 x86] MSIE11 won't run Javascript

Unfortunately not. Another issue appeared 10 days ago. My local network connection icon in the task bar is always with a red cross. I have internet connection, can see other computers in the home group but the icon is still with red cross. I tried flush DNS - no success. Probably it is not relevant as it has appeared later. It does not bother me and if it is nothing in common with the IE issue I can live with it.

 

[antomov]

Re: [Win7SP1 x86] MSIE11 won't run Javascript

Hello again. Somehow I managed to uninstall IE 11 completely. I have tried many times but finally I succeeded. I did the following steps:
1. Removed IE 11 from Windows features
2. Uninstalled all IE instances and updates using Method 2 from the following website:
How to Uninstall Internet Explorer 11 for Windows 7: 8 Steps
3. After restarting I am with IE 8 and it is running Javascript.

Should I post this to my initial thread?

P.S. The issue with the red cross remains but as I said it is not a problem for me. If you think you can help me in it and it is within your scope I will follow your instructions.
Otherwise I would like to thank to all of you who helped me with my issue.

 

[Corrine]

Hi, antomov.

You're welcome to post in the initial thread how you solved the problem. It may prove helpful to someone else experiencing the same issue.

Regarding the network icon with the red cross, different solutions have worked for others to solve that issue:

1. Using the Network troubleshooter in Windows 7
2. Make sure the Network Connections service is running: To enable the service, press the Win key, type "Service". Go to Services and locate "Network Connections". Right-click, Properties and choose Startup Type to Manual. Start the service.
3. Please copy/paste the lines in bold below to Notepad:

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
​

Save as flush.bat to your desktop. Double-click flush.bat file to run it. Your computer will reboot.

Note: Right-click flush.bat and select "Run as Administrator".

---

Let's take care of removing the tools used. Please download Delfix from here.

Ensure the following boxes are checked:

• Remove disinfection tools
• Create registry backup
• Purge system restore
  
  
• Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

 

[antomov]

The solution for the red cross didn't help. Never mind, I can live with it :).

Here is the log:

# DelFix v1.013 - Logfile created 23/04/2017 at 19:07:01
# Updated 17/04/2016 by Xplode
# Username : User - USER-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\User\Desktop\FRST-OlderVersion
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.1.0.12_10.04.2017_16.06.00_log.txt
Deleted : C:\Users\User\Desktop\Addition.txt
Deleted : C:\Users\User\Desktop\Fixlog.txt
Deleted : C:\Users\User\Desktop\FRST.exe
Deleted : C:\Users\User\Desktop\FRST.txt
Deleted : C:\Users\User\Desktop\RGSA.exe
Deleted : C:\Users\User\Desktop\SALog.txt
Deleted : C:\Users\User\Downloads\JavaRa-2.6.zip
Deleted : C:\Users\User\Downloads\MiniToolBox.exe
Deleted : C:\Users\User\Downloads\SystemLook.exe
Deleted : C:\Users\User\Downloads\SystemLook.txt
Deleted : C:\Users\User\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1182 [Restore Point Created by FRST | 04/22/2017 19:45:48]
Deleted : RP #1183 [Windows Update | 04/23/2017 07:33:28]
Deleted : RP #1184 [Windows Modules Installer | 04/23/2017 10:40:43]
Deleted : RP #1185 [Windows Modules Installer | 04/23/2017 11:11:30]
Deleted : RP #1186 [Windows Modules Installer | 04/23/2017 11:12:21]
Deleted : RP #1187 [Windows Update | 04/23/2017 11:25:20]
Deleted : RP #1188 [Windows Modules Installer | 04/23/2017 14:14:27]
Deleted : RP #1189 [Windows Modules Installer | 04/23/2017 15:36:05]

New restore point created !

########## - EOF - ##########

 

[xilolee]

Marked as solved.
Special thanks to Corrine! :smile9: