Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by iSu (28-06-2018 01:54:47)
Running from C:\Users\iSu\Desktop
Windows 10 Pro Version 1803 17134.112 (X64) (2018-06-26 22:30:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1780440095-4180245696-420238287-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1780440095-4180245696-420238287-503 - Limited - Disabled)
Guest (S-1-5-21-1780440095-4180245696-420238287-501 - Limited - Disabled)
iSu (S-1-5-21-1780440095-4180245696-420238287-1001 - Administrator - Enabled) => C:\Users\iSu
WDAGUtilityAccount (S-1-5-21-1780440095-4180245696-420238287-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\OneDriveSetup.exe) (Version: 18.116.0610.0002 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NiceHash Miner 2 0.2.4 (only current user) (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.2.4 - NiceHash d.o.o)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0612.060119 - Razer Inc.)
VietPN 1.3 (HKLM-x32\...\VietPN) (Version: 1.3 - )
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {45136E8D-C7D1-4A9B-B3F2-7F7FAC38B140} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {7F05D82D-20E0-484A-87DD-A17927426F02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {949470A5-53AF-4C9F-8986-0E61DB424928} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {E21F1F57-DE4C-42DF-9C76-8B111D8E1702} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\iSu\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\iSu\Desktop\Person 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2018-06-26 16:19 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-26 16:19 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-01 17:46 - 2018-06-01 17:46 - 000283888 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-06-26 16:17 - 2018-06-08 15:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-01 17:46 - 2018-06-01 17:46 - 000292080 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
2018-06-01 18:36 - 2018-06-01 18:36 - 000428272 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-06-27 03:40 - 2018-06-27 03:40 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-06-27 04:04 - 2018-06-27 05:01 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-27 04:04 - 2018-06-27 05:01 - 067230720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 014850560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 003265536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-27 03:39 - 2018-06-23 02:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-27 03:39 - 2018-06-23 02:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-06-27 22:59 - 2018-06-01 17:43 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000129776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000257264 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-06-27 22:59 - 2018-06-01 17:43 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Battery.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DeviceStatus.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DriverMode.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Mapping.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_MappingBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_OnboardMem.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PollingRate.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerManagement.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Sensitivity.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalPixart.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SwapMouseButtons.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Battery.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DeviceStatus.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DriverMode.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Mapping.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_MappingBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_OnboardMem.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PollingRate.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerManagement.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Sensitivity.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalPixart.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SwapMouseButtons.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_KeyboardKeys.dll
2018-06-27 03:40 - 2018-06-27 03:40 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-06-27 03:40 - 2018-06-27 03:40 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-06-01 18:34 - 2018-06-01 18:34 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-03-19 00:33 - 2018-06-27 22:21 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1780440095-4180245696-420238287-1001\Control Panel\Desktop\\Wallpaper -> D:\PM\Wall OS X\above-ho-chi-minh-city-vietnam-_-do-_-wallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D48E5B16-11A5-4C19-B6A3-F3F43DCE3101}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{BD03CECD-FD0E-4D6F-811A-C45441A2D1E4}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe
FirewallRules: [TCP Query User{13E888E5-4F16-4184-8BCA-C35C24F8159C}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe
FirewallRules: [UDP Query User{5A144D87-814F-42A0-B30D-6014710FB714}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe
==================== Restore Points =========================
27-06-2018 23:02:05 moi
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2018 01:40:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ZHPDiag3.exe version 2018.6.22.140 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1530
Start Time: 01d40e463a34e7b5
Termination Time: 4294967295
Application Path: C:\Users\iSu\AppData\Roaming\ZHP\ZHPDiag3.exe
Report Id: 78f9d797-fecc-4675-9963-aecf97806ebb
Faulting package full name:
Faulting package-relative application ID:
Error: (06/26/2018 11:56:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 3.0.0.1496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2ee4
Start Time: 01d40d6e516eacf5
Termination Time: 7
Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Report Id: 2d856fd8-6038-424d-9470-698127bf010d
Faulting package full name:
Faulting package-relative application ID:
Error: (06/27/2018 05:30:27 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
System errors:
=============
Error: (06/28/2018 01:01:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:18:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:01:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:01:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NKJG6GH)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-06-26 19:51:30.255
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A5E32ED2-9422-438D-AE10-22CD5946B915}
Scan Type: Antimalware
Scan Parameters: Full Scan
CodeIntegrity:
===================================
Date: 2018-06-27 19:41:55.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:33:15.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:34.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:26.999
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:15.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:10.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:02.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:02.071
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16322.45 MB
Available physical RAM: 12336.02 MB
Total Virtual: 19266.45 MB
Available Virtual: 12881.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.34 GB) (Free:310.95 GB) NTFS
Drive d: (Data) (Fixed) (Total:3726.02 GB) (Free:1987.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.29 GB) FAT32
Drive f: (Recovery) (Fixed) (Total:2.93 GB) (Free:2.84 GB) NTFS
Drive g: (Windows 7) (Fixed) (Total:928.29 GB) (Free:673.14 GB) NTFS
\\?\Volume{fa1bd71f-bcef-4dc5-80ce-53ace8e1a70c}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{88eeeaf5-e19b-44a9-98d7-c4973aaac19f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 078C078C)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: ECD22CDF)
Partition 1: (Not Active) - (Size=2.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=300 MB) - (Type=0B)
Partition 3: (Not Active) - (Size=928.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: 9CE9E907)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by iSu (28-06-2018 01:54:47)
Running from C:\Users\iSu\Desktop
Windows 10 Pro Version 1803 17134.112 (X64) (2018-06-26 22:30:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1780440095-4180245696-420238287-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1780440095-4180245696-420238287-503 - Limited - Disabled)
Guest (S-1-5-21-1780440095-4180245696-420238287-501 - Limited - Disabled)
iSu (S-1-5-21-1780440095-4180245696-420238287-1001 - Administrator - Enabled) => C:\Users\iSu
WDAGUtilityAccount (S-1-5-21-1780440095-4180245696-420238287-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\OneDriveSetup.exe) (Version: 18.116.0610.0002 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NiceHash Miner 2 0.2.4 (only current user) (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.2.4 - NiceHash d.o.o)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0612.060119 - Razer Inc.)
VietPN 1.3 (HKLM-x32\...\VietPN) (Version: 1.3 - )
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {45136E8D-C7D1-4A9B-B3F2-7F7FAC38B140} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {7F05D82D-20E0-484A-87DD-A17927426F02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {949470A5-53AF-4C9F-8986-0E61DB424928} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {E21F1F57-DE4C-42DF-9C76-8B111D8E1702} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\iSu\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\iSu\Desktop\Person 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2018-06-26 16:19 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-26 16:19 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-01 17:46 - 2018-06-01 17:46 - 000283888 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-06-26 16:17 - 2018-06-08 15:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-01 17:46 - 2018-06-01 17:46 - 000292080 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
2018-06-01 18:36 - 2018-06-01 18:36 - 000428272 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-06-27 03:40 - 2018-06-27 03:40 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-06-27 04:04 - 2018-06-27 05:01 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-27 04:04 - 2018-06-27 05:01 - 067230720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 014850560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 003265536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-27 04:04 - 2018-06-27 05:01 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-27 03:39 - 2018-06-23 02:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-27 03:39 - 2018-06-23 02:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-06-27 22:59 - 2018-06-01 17:43 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-06-27 22:59 - 2018-06-01 17:44 - 000129776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-06-27 22:59 - 2018-06-01 18:14 - 000257264 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-06-27 22:59 - 2018-06-01 17:43 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Battery.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DeviceStatus.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DriverMode.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Mapping.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_MappingBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_OnboardMem.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PollingRate.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerManagement.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Sensitivity.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalPixart.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SwapMouseButtons.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Battery.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DeviceStatus.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DriverMode.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Mapping.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_MappingBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_OnboardMem.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PollingRate.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerManagement.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Sensitivity.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalBaseM.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalPixart.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SwapMouseButtons.dll
2018-06-27 22:59 - 2018-05-18 17:54 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_KeyboardKeys.dll
2018-06-27 03:40 - 2018-06-27 03:40 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-06-27 03:40 - 2018-06-27 03:40 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-06-01 18:34 - 2018-06-01 18:34 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-05-31 04:02 - 2018-05-31 04:04 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-03-19 00:33 - 2018-06-27 22:21 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1780440095-4180245696-420238287-1001\Control Panel\Desktop\\Wallpaper -> D:\PM\Wall OS X\above-ho-chi-minh-city-vietnam-_-do-_-wallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D48E5B16-11A5-4C19-B6A3-F3F43DCE3101}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{BD03CECD-FD0E-4D6F-811A-C45441A2D1E4}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe
FirewallRules: [TCP Query User{13E888E5-4F16-4184-8BCA-C35C24F8159C}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe
FirewallRules: [UDP Query User{5A144D87-814F-42A0-B30D-6014710FB714}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe
==================== Restore Points =========================
27-06-2018 23:02:05 moi
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2018 01:40:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ZHPDiag3.exe version 2018.6.22.140 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1530
Start Time: 01d40e463a34e7b5
Termination Time: 4294967295
Application Path: C:\Users\iSu\AppData\Roaming\ZHP\ZHPDiag3.exe
Report Id: 78f9d797-fecc-4675-9963-aecf97806ebb
Faulting package full name:
Faulting package-relative application ID:
Error: (06/26/2018 11:56:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 3.0.0.1496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2ee4
Start Time: 01d40d6e516eacf5
Termination Time: 7
Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Report Id: 2d856fd8-6038-424d-9470-698127bf010d
Faulting package full name:
Faulting package-relative application ID:
Error: (06/27/2018 05:30:27 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (06/27/2018 05:29:20 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
System errors:
=============
Error: (06/28/2018 01:01:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:18:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:01:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 11:01:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/27/2018 10:59:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NKJG6GH)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-06-26 19:51:30.255
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A5E32ED2-9422-438D-AE10-22CD5946B915}
Scan Type: Antimalware
Scan Parameters: Full Scan
CodeIntegrity:
===================================
Date: 2018-06-27 19:41:55.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:33:15.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:34.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:26.999
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:15.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:10.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:02.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-27 19:32:02.071
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16322.45 MB
Available physical RAM: 12336.02 MB
Total Virtual: 19266.45 MB
Available Virtual: 12881.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.34 GB) (Free:310.95 GB) NTFS
Drive d: (Data) (Fixed) (Total:3726.02 GB) (Free:1987.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.29 GB) FAT32
Drive f: (Recovery) (Fixed) (Total:2.93 GB) (Free:2.84 GB) NTFS
Drive g: (Windows 7) (Fixed) (Total:928.29 GB) (Free:673.14 GB) NTFS
\\?\Volume{fa1bd71f-bcef-4dc5-80ce-53ace8e1a70c}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{88eeeaf5-e19b-44a9-98d7-c4973aaac19f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 078C078C)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: ECD22CDF)
Partition 1: (Not Active) - (Size=2.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=300 MB) - (Type=0B)
Partition 3: (Not Active) - (Size=928.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: 9CE9E907)
Partition: GPT.
==================== End of Addition.txt ============================