Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024 Ran by Owner (27-08-2024 21:23:26) Running from C:\Users\Owner\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2013-12-02 07:38:26) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1677808956-4116654128-3015087007-500 - Administrator - Disabled) Guest (S-1-5-21-1677808956-4116654128-3015087007-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1677808956-4116654128-3015087007-1003 - Limited - Enabled) Owner (S-1-5-21-1677808956-4116654128-3015087007-1001 - Administrator - Enabled) => C:\Users\Owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.008.20458 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden ASIO64_Chord_ (HKLM\...\{A981921C-22DC-4FF5-92D9-F9B9B1EBBAA4}) (Version: 1.0.4 - Chord Electronics Ltd) ASIO64_Chord_ (HKLM\...\{EC718A05-0561-4923-BB82-46846C1BE139}) (Version: 1.0.5 - Chord Electronics Ltd) Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden CMEDIA USB2.0 Audio Device (HKLM-x32\...\{9445E4B8-E875-470A-928A-A665D3F973B4}) (Version: 1.00.0001 - C-Media Electronics, Inc.) CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape) DENAFRIPS Co. Ltd. USB Audio Device Driver v5.0.0 (HKLM-x32\...\Software_Vinshine_Vinshine_UsbAudio_Driver_Setup) (Version: 5.0.0 - DENAFRIPS Co. Ltd.) Free Launch Bar 64-bit Edition (HKLM\...\{85C76689-536B-4CD4-AD94-2F5D259C084B}) (Version: 2.0.0.0 - Tordex) Glary Utilities 5.87 (HKLM-x32\...\Glary Utilities 5) (Version: 5.87.0.108 - Glarysoft Ltd) HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Malwarebytes version 4.6.17.334 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.17.334 - Malwarebytes) Microsoft .NET Framework 4.7 (ARA) (HKLM\...\{5D06CB35-F1C3-3C20-85C7-73353D868BFC}) (Version: 4.7.02053 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7 (DEU) (HKLM\...\{CD88F457-D2FD-3127-B64D-D6E13EBBCED6}) (Version: 4.7.02053 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HEB) (HKLM\...\{F8D18C0A-5894-30D5-8BBF-1B3BC372745B}) (Version: 4.7.02053 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}) (Version: 4.7.02053 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7 (ITA) (HKLM\...\{7D62C67F-E8A3-3D01-9E2A-85428B3F9E05}) (Version: 4.7.02053 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (RUS) (HKLM\...\{786A33CB-0539-37DD-A883-9EBB755198C4}) (Version: 4.7.02053 - Корпорация Майкрософт) Hidden Microsoft .NET Framework 4.7 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.7.02053 - Корпорация Майкрософт) Microsoft .NET Framework 4.7 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Mozilla Firefox 86.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0.1 (x64 en-US)) (Version: 86.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0.1 - Mozilla) NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden PlayReady PC Runtime X64 (HKLM\...\{F76A0D3C-0BF0-4DD6-AB9A-B558259F528F}) (Version: 1.2.0 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6278 - Realtek Semiconductor Corp.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Web-O-Rama (HKLM-x32\...\ST6UNST #1) (Version: - ) Windows Driver Package - Chord Electronics Ltd. (cdh38464) MEDIA (12/30/2013 1.0.57) (HKLM\...\28D9E1DBB65903138E5B97CD584C077338C1A39A) (Version: 12/30/2013 1.0.57 - Chord Electronics Ltd.) Windows Driver Package - Chord Electronics Ltd. (cdh76864) MEDIA (09/22/2015 1.0.58) (HKLM\...\B155261BBAB8E561FEA8232EC6EA8EC3E8F3A702) (Version: 09/22/2015 1.0.58 - Chord Electronics Ltd.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [File not signed] ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers2: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [File not signed] ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-01] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-01] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Loaded Modules (Whitelisted) ============= 2014-06-06 17:04 - 2013-06-25 10:02 - 000239104 ____N (GlobalSCAPE, Inc.) [File not signed] C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll 2020-09-11 12:12 - 2016-11-14 04:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2011-01-26 06:59 - 2016-11-14 07:30 - 003207824 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvapi64.dll 2017-05-27 20:04 - 2016-11-14 07:30 - 017559384 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvd3dumx.dll 2011-01-26 06:59 - 2016-11-14 07:30 - 018634216 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvwgf2umx.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Version 11) (Whitelisted) ============= HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1677808956-4116654128-3015087007-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1677808956-4116654128-3015087007-1001\Software\Microsoft\Internet Explorer\Main,Start Page = DownloadDir: C:\Users\Owner\Documents\New folder BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2024-08-27 19:21 - 000000852 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-1677808956-4116654128-3015087007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 198.88.216.2 - 140.177.128.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [VirtualPC-In-TCP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-UDP-2] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [VirtualPC-In-UDP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [FPS-LLMNR-Out-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{9341BD5E-6A4A-4DE4-BD9E-C6A3EE974CDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A8F0A958-4EA8-4E05-8981-36A91FC47871}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{10CF8669-A9A3-4755-8B63-F0D1F46C0D10}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{1168B566-CC0F-460A-8350-586336DF59D4}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{D85B8A16-EA3E-4A35-8299-2DF6D553D09E}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{97F697F1-3A7B-404A-B897-0CB3A171E9BB}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2DFD9154-2819-4E83-BD10-186F805526D6}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{36ED545A-849F-40F5-81CF-E580CA223C19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AAA73A3F-420D-42CA-9E3A-B526C7517A75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6E907FE3-EAF6-4D34-93C2-9D11BD82BFE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{316972B6-02B0-4E3A-A868-685F61AD1AFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9E0B3296-9221-4DD1-9A0B-3F72AB82E0CE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{669AD45C-1858-4D53-B3DC-CF01171A4D5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A36E7E49-4432-4427-90B0-73CC9EE89296}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{A64F1B3D-560F-4A58-B097-E8A0BC404A24}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [TCP Query User{24EA530B-F19D-4328-984E-E41F9816F8E3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A94F13EE-BA29-4750-8AFB-06C57078704B}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File FirewallRules: [{2209C320-1124-40B3-A242-1C10DD5C1789}] => (Block) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft LTD -> Glarysoft Ltd) FirewallRules: [{5158C318-5C35-4094-8C3F-A7FB3386C07F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{058C6D91-A5DA-4A6F-9B4C-93BB12D9074C}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{B548140A-5BEC-4D66-9445-7122958BE53C}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{8F031B35-0A07-405F-A925-D80A816ADF54}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{76A64C33-F1D5-485F-8E46-541F67FC929A}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS7879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{1DFD767C-1C5D-4776-A8BD-086BB47B88E9}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File FirewallRules: [TCP Query User{399331E0-0CD3-4F33-AEC2-32C9D92FA9E8}C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe] => (Allow) C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe (XANDRIE SA -> Qobuz) FirewallRules: [UDP Query User{D96701EA-764D-44AE-A837-B136931E460E}C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe] => (Allow) C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe (XANDRIE SA -> Qobuz) FirewallRules: [{846F6743-1629-44E3-AB33-284A62719338}] => (Block) C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe (XANDRIE SA -> Qobuz) FirewallRules: [{029CCB5C-F571-4241-AFD7-A24F13F014B9}] => (Block) C:\users\owner\appdata\local\qobuz\app-7.0.3-b006\qobuz.exe (XANDRIE SA -> Qobuz) FirewallRules: [{7B89086C-CFA7-49E6-A2A8-2BBCDCB941DE}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{E6FA8F9A-352D-4F7C-A2ED-18DE64687486}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) ==================== Restore Points ========================= 27-08-2024 17:07:54 Device Driver Package Install: Malwarebytes Network adapters 27-08-2024 17:34:13 Malware Restore Point 8-28-24 ==================== Faulty Device Manager Devices ============ Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (08/27/2024 09:18:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 22.8.2024.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 904 Start Time: 01daf8f076b264d4 Termination Time: 0 Application Path: C:\Users\Owner\Desktop\FRST64.exe Report Id: dbfc7d88-64e3-11ef-8bae-00241d73f6cd Error: (08/27/2024 09:07:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/27/2024 08:34:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/27/2024 06:13:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mb-support.exe, version: 1.9.12.1020, time stamp: 0x66b37cc0 Faulting module name: KERNELBASE.dll, version: 6.1.7601.24384, time stamp: 0x5c6e2226 Exception code: 0xe0434352 Fault offset: 0x0000c5af Faulting process id: 0x1698 Faulting application start time: 0x01daf8d6ab3e7423 Faulting application path: C:\Users\Owner\AppData\Local\Temp\mwbD098.tmp\mb-support.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: ebc402e8-64c9-11ef-8580-00241d73f6cd Error: (08/27/2024 06:13:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: mb-support.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NotSupportedException at System.Net.ServicePointManager.ValidateSecurityProtocol(System.Net.SecurityProtocolType) at System.Net.ServicePointManager.set_SecurityProtocol(System.Net.SecurityProtocolType) at mbsupport.Views.MainWindow..ctor() Exception Info: System.Windows.Markup.XamlParseException at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext) at System.Windows.Application.LoadComponent(System.Uri, Boolean) at System.Windows.Application.DoStartup() at System.Windows.Application.<.ctor>b__1_0(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.DispatcherOperation.InvokeImpl() at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) at System.Windows.Threading.DispatcherOperation.Invoke() at System.Windows.Threading.Dispatcher.ProcessQueue() at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunDispatcher(System.Object) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run(System.Windows.Window) at mbsupport.App.Main() Error: (08/27/2024 06:12:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mb-support.exe, version: 1.9.12.1020, time stamp: 0x66b37cc0 Faulting module name: KERNELBASE.dll, version: 6.1.7601.24384, time stamp: 0x5c6e2226 Exception code: 0xe0434352 Fault offset: 0x0000c5af Faulting process id: 0x11e0 Faulting application start time: 0x01daf8d6938c95e1 Faulting application path: C:\Users\Owner\AppData\Local\Temp\mwbD098.tmp\mb-support.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: d25049d1-64c9-11ef-8580-00241d73f6cd Error: (08/27/2024 06:12:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: mb-support.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NotSupportedException at System.Net.ServicePointManager.ValidateSecurityProtocol(System.Net.SecurityProtocolType) at System.Net.ServicePointManager.set_SecurityProtocol(System.Net.SecurityProtocolType) at mbsupport.Views.MainWindow..ctor() Exception Info: System.Windows.Markup.XamlParseException at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext) at System.Windows.Application.LoadComponent(System.Uri, Boolean) at System.Windows.Application.DoStartup() at System.Windows.Application.<.ctor>b__1_0(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.DispatcherOperation.InvokeImpl() at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) at System.Windows.Threading.DispatcherOperation.Invoke() at System.Windows.Threading.Dispatcher.ProcessQueue() at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunDispatcher(System.Object) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run(System.Windows.Window) at mbsupport.App.Main() Error: (08/27/2024 06:11:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mb-support.exe, version: 1.9.12.1020, time stamp: 0x66b37cc0 Faulting module name: KERNELBASE.dll, version: 6.1.7601.24384, time stamp: 0x5c6e2226 Exception code: 0xe0434352 Fault offset: 0x0000c5af Faulting process id: 0x16ec Faulting application start time: 0x01daf8d667311bac Faulting application path: C:\Users\Owner\AppData\Local\Temp\mwbD098.tmp\mb-support.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: ad019238-64c9-11ef-8580-00241d73f6cd System errors: ============= Error: (08/27/2024 09:27:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout. Error: (08/27/2024 09:07:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (08/27/2024 08:34:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (08/27/2024 07:21:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (08/27/2024 07:21:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/27/2024 07:21:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/27/2024 07:21:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/27/2024 04:48:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Windows Defender: ================ Date: 2023-11-19 23:32:16.452 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Quick Scan Date: 2020-12-12 14:53:16.184 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Full Scan Date: 2020-12-12 14:53:05.238 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Quick Scan Date: 2017-10-27 18:25:53.974 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Full Scan Date: 2017-10-27 18:23:16.118 Description: Windows Defender scan has been stopped before completion. Scan Type:AntiSpyware Scan Parameters:Quick Scan Event[0]: Date: 2023-04-08 23:00:14.496 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Current Error Code:0x80070002 Error description:The system cannot find the file specified. Signature version:0.0.0.0 Engine version:0.0.0.0 Date: 2016-12-29 20:20:42.014 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source:User Signature Type: Update Type: Current Engine Version: Previous Engine Version:1.1.13303.0 Error code:0x8050a003 Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Date: 2016-12-29 10:22:28.984 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source:User Signature Type: Update Type: Current Engine Version: Previous Engine Version:1.1.13303.0 Error code:0x8050a003 Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Date: 2016-10-14 16:26:07.121 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Backup Error Code:0x8050a004 Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version:1.227.1695.0 Engine version:1.1.12603.0 Date: 2016-10-14 12:58:34.166 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Backup Error Code:0x8050a004 Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version:1.227.1695.0 Engine version:1.1.12603.0 ==================== Memory info =========================== BIOS: Award Software International, Inc. F8 02/05/2009 Motherboard: Gigabyte Technology Co., Ltd. G31M-S2L Processor: Intel(R) Celeron(R) CPU E1400 @ 2.00GHz Percentage of memory in use: 82% Total physical RAM: 4094.49 MB Available physical RAM: 716.24 MB Total Virtual: 4292.63 MB Available Virtual: 401.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:202.06 GB) (Model: ST3320620AS ATA Device) NTFS Drive e: () (RAMDisk) (Total:297.99 GB) (Free:202.75 GB) (Model: ST3320620AS ATA Device) NTFS Drive f: () (RAMDisk) (Total:297.99 GB) (Free:201.03 GB) (Model: ST3320620AS ATA Device) NTFS \\?\Volume{151d8a6c-5b33-11e3-a001-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: C4ED2FF3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================