Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018 Ran by iSu (30-06-2018 13:04:04) Running from C:\Users\iSu\Desktop\New folder Windows 10 Pro Version 1803 17134.137 (X64) (2018-06-26 22:30:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1780440095-4180245696-420238287-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1780440095-4180245696-420238287-503 - Limited - Disabled) Guest (S-1-5-21-1780440095-4180245696-420238287-501 - Limited - Enabled) iSu (S-1-5-21-1780440095-4180245696-420238287-1001 - Administrator - Enabled) => C:\Users\iSu WDAGUtilityAccount (S-1-5-21-1780440095-4180245696-420238287-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1Password (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\{507707B9-C68C-4986-A4AD-F25B24C152FA}_is1) (Version: 7.1.567 - AgileBits Inc.) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) NiceHash Miner 2 0.2.4 (only current user) (HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.2.4 - NiceHash d.o.o) NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0612.060119 - Razer Inc.) VietPN 1.3 (HKLM-x32\...\VietPN) (Version: 1.3 - ) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1780440095-4180245696-420238287-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\iSu\AppData\Local\Microsoft\OneDrive\18.116.0610.0002_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1780440095-4180245696-420238287-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\iSu\AppData\Local\Microsoft\OneDrive\18.116.0610.0002_1\amd64\FileCoAuthLib64.dll => No File CustomCLSID: HKU\S-1-5-21-1780440095-4180245696-420238287-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\iSu\AppData\Local\Microsoft\OneDrive\18.116.0610.0002_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1780440095-4180245696-420238287-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\iSu\AppData\Local\Microsoft\OneDrive\18.116.0610.0002_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-1780440095-4180245696-420238287-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\iSu\AppData\Local\Microsoft\OneDrive\18.116.0610.0002_1\amd64\FileSyncShell64.dll => No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {336BBA86-3B32-4D57-8723-D5665490B50D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation) Task: {548199EE-A366-4D7A-820B-E8224C574090} - System32\Tasks\S-1-5-21-1780440095-4180245696-420238287-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {A5F97BE6-6BF8-4C30-97EE-D6F0019EC05B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation) Task: {A993AAB8-3279-40E6-8C4D-84002E490522} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1780440095-4180245696-420238287-1001 => C:\Users\iSu\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B8CC7A9A-8508-425B-A19B-6A8A43F55454} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation) Task: {E02E2895-02E9-445A-8AC3-8AD13AC59BAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\iSu\Desktop\AdsFix_Donate.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN ShortcutWithArgument: C:\Users\iSu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2018-04-12 06:34 - 2018-04-12 06:34 - 000444416 _____ () c:\windows\system32\SSDM.dll 2018-06-26 16:19 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-06-26 16:19 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 06:34 - 2018-04-12 06:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 06:34 - 2018-04-12 06:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-06-01 17:46 - 2018-06-01 17:46 - 000283888 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe 2018-06-26 16:17 - 2018-06-08 15:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-06-01 17:46 - 2018-06-01 17:46 - 000292080 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe 2018-06-01 18:36 - 2018-06-01 18:36 - 000428272 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe 2018-06-27 03:40 - 2018-06-27 03:40 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2018-06-27 03:50 - 2018-06-27 03:59 - 025120768 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.UI.exe 2018-06-27 03:50 - 2018-06-27 03:59 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-06-27 03:50 - 2018-06-27 03:59 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-03-19 01:35 - 2018-03-19 01:35 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-03-19 01:33 - 2018-03-19 01:33 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-06-27 03:50 - 2018-06-27 03:59 - 009347584 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-03-19 01:32 - 2018-03-19 01:32 - 000214080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.Effects.dll 2018-03-19 01:32 - 2018-03-19 01:32 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL 2018-06-28 19:11 - 2018-06-28 19:11 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-06-28 19:11 - 2018-06-28 19:11 - 068184064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-06-27 04:04 - 2018-06-27 05:01 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-06-27 04:04 - 2018-06-27 05:01 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-06-27 04:04 - 2018-06-27 05:01 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 014918656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 002939392 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-06-27 04:04 - 2018-06-27 05:01 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2018-03-19 01:34 - 2018-03-19 01:34 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.15120.0_x64__8wekyb3d8bbwe\SKU.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 000198144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.5.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-06-28 19:11 - 2018-06-28 19:11 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2018-06-28 00:07 - 2018-06-28 01:39 - 003144576 _____ () C:\Users\iSu\AppData\Roaming\ZHP\ZHPDiag3.exe 2018-06-27 03:39 - 2018-06-23 02:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll 2018-06-27 03:39 - 2018-06-23 02:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll 2018-06-30 12:46 - 2018-06-01 17:43 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll 2018-06-30 12:46 - 2018-06-01 17:44 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll 2018-06-30 12:46 - 2018-06-01 17:44 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll 2018-06-30 12:46 - 2018-06-01 18:14 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll 2018-06-30 12:46 - 2018-06-01 17:44 - 000129776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll 2018-06-30 12:46 - 2018-06-01 18:14 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll 2018-06-30 12:46 - 2018-06-01 18:14 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll 2018-06-30 12:46 - 2018-06-01 18:14 - 000257264 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll 2018-06-30 12:46 - 2018-06-01 17:43 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Battery.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DeviceStatus.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DriverMode.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Mapping.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_MappingBaseM.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_OnboardMem.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PollingRate.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerManagement.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Sensitivity.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalBaseM.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalPixart.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SwapMouseButtons.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Battery.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DeviceStatus.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DriverMode.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Mapping.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_MappingBaseM.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_OnboardMem.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PollingRate.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000327408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerManagement.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Sensitivity.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalBaseM.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalPixart.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SwapMouseButtons.dll 2018-06-30 12:46 - 2018-05-18 17:54 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_KeyboardKeys.dll 2018-06-27 03:40 - 2018-06-27 03:40 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2018-06-27 03:40 - 2018-06-27 03:40 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2018-06-28 17:01 - 2018-06-11 11:48 - 001014160 _____ () C:\Users\iSu\AppData\Local\1password\app\7\x86\opw.dll 2018-06-28 17:01 - 2018-06-11 11:48 - 000806288 _____ () C:\Users\iSu\AppData\Local\1password\app\7\x86\e_sqlite3.dll 2018-05-31 04:02 - 2018-05-31 04:04 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll 2018-05-31 04:02 - 2018-05-31 04:04 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll 2018-06-01 18:34 - 2018-06-01 18:34 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll 2018-05-31 04:02 - 2018-05-31 04:04 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll 2018-05-31 04:02 - 2018-05-31 04:04 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll 2018-05-31 04:02 - 2018-05-31 04:04 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-03-19 00:33 - 2018-06-28 11:18 - 000000852 __RSH C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1780440095-4180245696-420238287-1001\Control Panel\Desktop\\Wallpaper -> D:\PM\Wall OS X\empire-state-building-new-york-city--wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKU\S-1-5-21-1780440095-4180245696-420238287-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{3F5C3180-8E84-4481-9B68-7B727256ADA3}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [UDP Query User{5E96819E-41BB-459B-97B3-1C25936CC491}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [TCP Query User{1B3DEE9B-F18A-4A36-856C-643361EB910D}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe FirewallRules: [UDP Query User{01633C8E-421F-45B9-BC78-0D089A906230}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe FirewallRules: [TCP Query User{CEE2CCEE-6EA1-4C98-BCE6-4B5B2244D77F}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe FirewallRules: [UDP Query User{2CB41D83-06F6-46EB-850C-27C41EE0FEBE}C:\program files (x86)\vietpn\vietpnd.exe] => (Allow) C:\program files (x86)\vietpn\vietpnd.exe FirewallRules: [TCP Query User{D7AA4E90-F48C-4E6A-9AE4-C094D590829B}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [UDP Query User{A04085B0-F545-4648-931F-2A40949A7D4C}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe FirewallRules: [TCP Query User{2F57B385-CEFE-4D72-8CD2-381B2B7E14A3}C:\users\isu\desktop\mpc-hcportable\app\mpc-hc\mpc-hc.exe] => (Allow) C:\users\isu\desktop\mpc-hcportable\app\mpc-hc\mpc-hc.exe FirewallRules: [UDP Query User{C999B2F8-1E74-4587-A2AC-7EEC3B091340}C:\users\isu\desktop\mpc-hcportable\app\mpc-hc\mpc-hc.exe] => (Allow) C:\users\isu\desktop\mpc-hcportable\app\mpc-hc\mpc-hc.exe FirewallRules: [TCP Query User{31750625-FF46-48C8-B4F8-81C16857C731}C:\program files (x86)\getflv\youtube zilla\youtube zilla.exe] => (Block) C:\program files (x86)\getflv\youtube zilla\youtube zilla.exe FirewallRules: [UDP Query User{2E92D016-08DE-4767-B980-C7198B673D62}C:\program files (x86)\getflv\youtube zilla\youtube zilla.exe] => (Block) C:\program files (x86)\getflv\youtube zilla\youtube zilla.exe FirewallRules: [TCP Query User{27CE2CE4-1BED-4D8D-8B39-995DBFD67DE0}C:\program files (x86)\getflv\getflv.exe] => (Block) C:\program files (x86)\getflv\getflv.exe FirewallRules: [UDP Query User{FAAEF441-6436-43B0-9BC4-7ECDA5A25711}C:\program files (x86)\getflv\getflv.exe] => (Block) C:\program files (x86)\getflv\getflv.exe ==================== Restore Points ========================= 27-06-2018 23:02:05 moi 28-06-2018 10:34:16 Restore Point Created by FRST 29-06-2018 00:15:34 Installed VMware Workstation 29-06-2018 12:29:52 Removed VMware Workstation ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/30/2018 05:02:03 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program filmora_setup_full846.exe version 2.0.9.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1fd8 Start Time: 01d40ff46626d4bb Termination Time: 4294967295 Application Path: C:\Users\iSu\Downloads\Programs\filmora_setup_full846.exe Report Id: 0a9709df-c04d-499f-ac46-293ae191e55b Faulting package full name: Faulting package-relative application ID: Error: (06/29/2018 12:35:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 67.0.3396.99, time stamp: 0x5b2d4175 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffc1fff045f Faulting process id: 0x1500 Faulting application start time: 0x01d40f6b0d5f6fd9 Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module path: unknown Report Id: 756c11cb-8bdf-4b45-8992-1218c99ccc43 Faulting package full name: Faulting package-relative application ID: Error: (06/28/2018 11:24:45 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\AOMEI Partition Assistant Lite Edition 7.0\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/28/2018 11:24:44 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\AOMEI Partition Assistant Lite Edition 7.0\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/28/2018 10:34:16 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {0dfe1b44-2db5-44ce-bd17-72d266d49f19} Error: (06/28/2018 01:40:25 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program ZHPDiag3.exe version 2018.6.22.140 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1530 Start Time: 01d40e463a34e7b5 Termination Time: 4294967295 Application Path: C:\Users\iSu\AppData\Roaming\ZHP\ZHPDiag3.exe Report Id: 78f9d797-fecc-4675-9963-aecf97806ebb Faulting package full name: Faulting package-relative application ID: Error: (06/26/2018 11:56:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mbam.exe version 3.0.0.1496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2ee4 Start Time: 01d40d6e516eacf5 Termination Time: 7 Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Report Id: 2d856fd8-6038-424d-9470-698127bf010d Faulting package full name: Faulting package-relative application ID: Error: (06/27/2018 05:30:27 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A System errors: ============= Error: (06/30/2018 12:59:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/30/2018 12:53:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NKJG6GH) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-NKJG6GH\iSu SID (S-1-5-21-1780440095-4180245696-420238287-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/30/2018 12:52:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (06/30/2018 12:52:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect. Error: (06/30/2018 12:52:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (06/30/2018 12:52:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect. Error: (06/30/2018 12:52:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (06/30/2018 12:52:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Browser service to connect. Windows Defender: =================================== Date: 2018-06-30 12:48:14.429 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0 Name: Trojan:Win32/Fuery.B!cl ID: 2147718514 Severity: Severe Category: Trojan Path: file:_C:\Users\iSu\Downloads\Unconfirmed 2039.crdownload Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Signature Version: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0 Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-06-30 12:47:31.182 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0 Name: Trojan:Win32/Fuery.B!cl ID: 2147718514 Severity: Severe Category: Trojan Path: file:_C:\Users\iSu\Downloads\Unconfirmed 205555.crdownload Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Signature Version: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0 Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-06-30 12:42:39.363 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {40ED4D2C-B22B-4023-A552-3F11E33AED22} Scan Type: Antimalware Scan Parameters: Full Scan Date: 2018-06-30 12:33:37.688 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0 Name: Trojan:Win32/Fuery.B!cl ID: 2147718514 Severity: Severe Category: Trojan Path: file:_C:\Users\iSu\Desktop\ZHPDiag3.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Internet Download Manager\IDMan.exe Signature Version: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0 Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-06-30 12:33:12.601 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0 Name: Trojan:Win32/Fuery.B!cl ID: 2147718514 Severity: Severe Category: Trojan Path: file:_C:\Users\iSu\Desktop\ZHPDiag3.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Internet Download Manager\IDMan.exe Signature Version: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0 Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-06-28 12:45:39.445 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =================================== Date: 2018-06-30 12:25:04.165 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 12:24:45.679 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 12:24:45.449 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 12:24:30.250 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 12:24:30.250 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 01:01:33.484 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 01:01:33.268 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-30 01:01:33.020 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Percentage of memory in use: 22% Total physical RAM: 16322.45 MB Available physical RAM: 12648.93 MB Total Virtual: 17346.45 MB Available Virtual: 12246.01 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:476.34 GB) (Free:301.61 GB) NTFS Drive d: (Data) (Fixed) (Total:3726.02 GB) (Free:1981.97 GB) NTFS ==>[system with boot components (obtained from drive)] Drive g: () (Fixed) (Total:931.5 GB) (Free:895.98 GB) NTFS \\?\Volume{fa1bd71f-bcef-4dc5-80ce-53ace8e1a70c}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS \\?\Volume{88eeeaf5-e19b-44a9-98d7-c4973aaac19f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 078C078C) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 5509F4CD) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 9CE9E907) Partition: GPT. ==================== End of Addition.txt ============================