MiniToolBox by Farbar Version: 17-06-2016 Ran by Irish (administrator) on 11-12-2017 at 17:12:26 Running from "C:\Users\Irish\Downloads" Microsoft Windows 10 Home (X64) Model: N85_N87,HJ,HJ1,HK1 Manufacturer: Notebook Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== ========================= Hosts content: ================================= ========================= IP Configuration: ================================ Intel(R) Dual Band Wireless-AC 8265 = Wi-Fi (Connected) TAP-Windows Adapter V9 = Ethernet 2 (Connected) Realtek PCIe GBE Family Controller = Ethernet (Media disconnected) Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Ethernet (Kernel Debugger)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled set interface interface="Local Area Connection* 10" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : IRISH-SAGER-NP6852 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Ethernet: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller Physical Address. . . . . . . . . : 80-FA-5B-48-B5-CB DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Local Area Connection* 1: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter Physical Address. . . . . . . . . : AC-ED-5C-63-58-72 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8265 Physical Address. . . . . . . . . : AC-ED-5C-63-58-71 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::8c29:1258:1117:a6fc%8(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.128(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Sunday, December 10, 2017 2:33:13 PM Lease Expires . . . . . . . . . . : Tuesday, December 12, 2017 5:53:07 AM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 61664604 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-5E-3C-2F-80-FA-5B-48-B5-CB DNS Servers . . . . . . . . . . . : 173.234.56.115 173.234.159.235 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Ethernet 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Windows Adapter V9 Physical Address. . . . . . . . . : 00-FF-B1-4F-EE-7A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::5436:a6fb:742f:aa90%12(Preferred) IPv4 Address. . . . . . . . . . . : 10.44.208.32(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Lease Obtained. . . . . . . . . . : Sunday, December 10, 2017 5:53:11 PM Lease Expires . . . . . . . . . . : Monday, December 10, 2018 5:53:11 PM Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 10.44.255.254 DHCPv6 IAID . . . . . . . . . . . : 134283185 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-5E-3C-2F-80-FA-5B-48-B5-CB DNS Servers . . . . . . . . . . . : 173.234.159.235 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : AC-ED-5C-63-58-75 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Server: windy.deepdns.cryptostorm.net Address: 173.234.56.115 Name: google.com Addresses: 2607:f8b0:4004:802::200e 172.217.7.238 Pinging google.com [172.217.7.238] with 32 bytes of data: Reply from 172.217.7.238: bytes=32 time=44ms TTL=49 Reply from 172.217.7.238: bytes=32 time=43ms TTL=49 Ping statistics for 172.217.7.238: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 43ms, Maximum = 44ms, Average = 43ms Server: windy.deepdns.cryptostorm.net Address: 173.234.56.115 Name: yahoo.com Addresses: 2001:4998:c:e33::53 2001:4998:58:2201::73 2001:4998:44:204::100d 206.190.39.42 98.139.180.180 98.138.252.38 Pinging yahoo.com [206.190.39.42] with 32 bytes of data: Reply from 206.190.39.42: bytes=32 time=106ms TTL=47 Reply from 206.190.39.42: bytes=32 time=105ms TTL=47 Ping statistics for 206.190.39.42: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 105ms, Maximum = 106ms, Average = 105ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 3...80 fa 5b 48 b5 cb ......Realtek PCIe GBE Family Controller 17...ac ed 5c 63 58 72 ......Microsoft Wi-Fi Direct Virtual Adapter 12...00 ff b1 4f ee 7a ......TAP-Windows Adapter V9 8...ac ed 5c 63 58 71 ......Intel(R) Dual Band Wireless-AC 8265 6...ac ed 5c 63 58 75 ......Bluetooth Device (Personal Area Network) 1...........................Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.128 55 0.0.0.0 128.0.0.0 10.44.0.1 10.44.208.32 55 10.44.0.0 255.255.0.0 On-link 10.44.208.32 311 10.44.208.32 255.255.255.255 On-link 10.44.208.32 311 10.44.255.255 255.255.255.255 On-link 10.44.208.32 311 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 128.0.0.0 128.0.0.0 10.44.0.1 10.44.208.32 55 172.241.166.147 255.255.255.255 192.168.1.1 192.168.1.128 55 173.234.56.117 255.255.255.255 192.168.1.1 192.168.1.128 55 192.168.1.0 255.255.255.0 On-link 192.168.1.128 311 192.168.1.1 255.255.255.255 192.168.1.1 192.168.1.128 55 192.168.1.128 255.255.255.255 On-link 192.168.1.128 311 192.168.1.255 255.255.255.255 On-link 192.168.1.128 311 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 10.44.208.32 311 224.0.0.0 240.0.0.0 On-link 192.168.1.128 311 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 10.44.208.32 311 255.255.255.255 255.255.255.255 On-link 192.168.1.128 311 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 331 ::1/128 On-link 12 311 fe80::/64 On-link 8 311 fe80::/64 On-link 12 311 fe80::5436:a6fb:742f:aa90/128 On-link 8 311 fe80::8c29:1258:1117:a6fc/128 On-link 1 331 ff00::/8 On-link 12 311 ff00::/8 On-link 8 311 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation) Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation) Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation) Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation) Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation) Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation) Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation) x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 11 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 12 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) x64-Catalog9 13 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (12/10/2017 06:36:11 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (12/10/2017 06:28:09 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (12/10/2017 04:46:31 PM) (Source: Perflib) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 Error: (12/10/2017 04:46:31 PM) (Source: PerfNet) (User: ) Description: Error: (12/10/2017 04:46:31 PM) (Source: Perflib) (User: ) Description: LsaC:\Windows\System32\Secur32.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib) (User: ) Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8 Error: (12/09/2017 06:26:24 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (12/08/2017 06:25:32 PM) (Source: Perflib) (User: ) Description: rdyboost4 System errors: ============= Error: (12/10/2017 08:45:12 PM) (Source: DCOM) (User: IRISH-SAGER-NP6) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}IRISH-SAGER-NP6IrishS-1-5-21-2499629449-1295038772-1953104983-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:36:20 PM) (Source: DCOM) (User: IRISH-SAGER-NP6) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}IRISH-SAGER-NP6IrishS-1-5-21-2499629449-1295038772-1953104983-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/10/2017 02:33:07 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 2:32:18 PM on ‎12/‎10/‎2017 was unexpected. Error: (12/10/2017 02:18:34 PM) (Source: DCOM) (User: IRISH-SAGER-NP6) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}IRISH-SAGER-NP6IrishS-1-5-21-2499629449-1295038772-1953104983-1001LocalHost (Using LRPC)UnavailableUnavailable Microsoft Office Sessions: ========================= Error: (12/10/2017 06:36:11 PM) (Source: Perflib)(User: ) Description: rdyboost4 Error: (12/10/2017 06:28:09 PM) (Source: Perflib)(User: ) Description: rdyboost4 Error: (12/10/2017 04:46:31 PM) (Source: Perflib)(User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8 Error: (12/10/2017 04:46:31 PM) (Source: PerfNet)(User: ) Description: Error: (12/10/2017 04:46:31 PM) (Source: Perflib)(User: ) Description: LsaC:\Windows\System32\Secur32.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib)(User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib)(User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (12/10/2017 04:46:31 PM) (Source: Perflib)(User: ) Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8 Error: (12/09/2017 06:26:24 PM) (Source: Perflib)(User: ) Description: rdyboost4 Error: (12/08/2017 06:25:32 PM) (Source: Perflib)(User: ) Description: rdyboost4 CodeIntegrity Errors: =================================== Date: 2017-12-08 11:45:43.643 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-08 11:42:15.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-07 17:03:26.157 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-07 17:03:25.950 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:53:13.090 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:53:12.929 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:49:31.611 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:49:31.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:49:30.665 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-06 21:49:24.378 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. =========================== Installed Programs ============================ 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) America's Army: Proving Grounds (HKLM\...\Steam App 203290) (Version: - U.S. Army) Backup and Sync from Google (HKLM-x32\...\{604582EB-8259-4ED6-9B1B-6F2494D4B640}) (Version: 3.37.7411.4599 - Google, Inc.) Betrayal in Antara (HKLM-x32\...\1207660983_is1) (Version: 2.1.0.19 - GOG.com) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.50.60.2528 - BlueStack Systems, Inc.) Brave (HKCU\...\Brave) (Version: 0.19.48 - Brave Software) CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform) Control Center 5.0001.1.17 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 5.0001.1.17 - ) Cryptostorm Client (HKLM-x32\...\{35A52EE3-6D23-4AA6-B881-3F10658D626C}_is1) (Version: 2.22 - Cryptostorm) Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden EgisTec Fingerprint Driver (HKLM-x32\...\InstallShield_{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.1.0 - Egis Technology Inc.) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - ) Fingerprint Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.1.0 - Egis Technology Inc.) Hidden GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.) Google Play Music Desktop Player (HKCU\...\GPMDP_3) (Version: 4.4.1 - Samuel Attard) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.) GoToMeeting 8.18.0.8034 (HKCU\...\GoToMeeting) (Version: 8.18.0.8034 - LogMeIn, Inc.) Grand Theft Auto III (HKLM\...\Steam App 12100) (Version: - Rockstar Games) Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto: Episodes from Liberty City (HKLM\...\Steam App 12220) (Version: - Rockstar North / Toronto) Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version: - Rockstar Games) Hathi Download Helper version 1.1.4 (HKLM-x32\...\{1AA98952-B224-4FD5-8116-B052000EA286}_is1) (Version: 1.1.4 - https://sourceforge.net/projects/hathidownloadhelper/) Hitman 2: Silent Assassin (HKLM\...\Steam App 6850) (Version: - Io-Interactive A/S) Hitman: Codename 47 (HKLM\...\Steam App 6900) (Version: - Io-Interactive A/S) Hitman: Sniper Challenge (HKLM\...\Steam App 205930) (Version: - IO Interactive) Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.7 - Insyde Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation) KeePass Password Safe 2.37 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.37 - Dominik Reichl) Logos Bible Software (HKLM-x32\...\{9923F404-8C98-47BA-B104-53B20AEFD354}) (Version: 7.176.26 - Faithlife Corporation) Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C3682243-2218-4F80-A94A-EB0D7B7AF739}) (Version: 11.3.6020.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 58.0 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0 (x64 en-US)) (Version: 58.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.0.6550 - Mozilla) Mozilla Thunderbird 52.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 en-US)) (Version: 52.3.0 - Mozilla) Mozilla Thunderbird 52.5.0 (x86 en-US) (HKCU\...\Mozilla Thunderbird 52.5.0 (x86 en-US)) (Version: 52.5.0 - Mozilla) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts) Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) NVIDIA 3D Vision Driver 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.59 - NVIDIA Corporation) NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA Graphics Driver 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.59 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.) Peace (HKLM\...\Peace) (Version: 1.4.3.5 - P.E. Verbeek) Polaris Office 2017 (HKLM-x32\...\{888D578F-BCF2-4E0B-B51D-90AA6B24CA59}) (Version: 8.1.443.24198 - POLARIS OFFICE CORP.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) Railroad Tycoon II Platinum (HKLM-x32\...\1445250876_is1) (Version: 2.0.0.5 - GOG.com) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Reason 4.0 (HKLM-x32\...\Reason4_is1) (Version: 4.0 - Propellerhead Software AB) Saints Row 2 (HKLM-x32\...\1430740458_is1) (Version: 2.1.0.5 - GOG.com) Shadow Warrior Complete (HKLM-x32\...\1207659142_is1) (Version: 2.1.0.8 - GOG.com) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Slack (HKCU\...\slack) (Version: 3.0.0 - Slack Technologies) Sound Blaster Cinema 3 (HKLM-x32\...\{883EEEA5-1C5A-42BD-96C3-796F2ACB9120}) (Version: 1.00.14 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.121 - Synaptics Incorporated) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios) TntConnect (HKLM-x32\...\TntConnect) (Version: 3.4.3.0 - TntWare) Veeam Agent for Microsoft Windows (HKLM\...\{39C68361-38C1-4528-8064-AA5A182DBE0B}) (Version: 2.0.0.700 - Veeam Software AG) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WD SSD Dashboard (HKLM-x32\...\WD SSD Dashboard) (Version: 2.2.0.5 - Western Digital Corporation or its affiliates) WD SSD Dashboard Service (HKLM-x32\...\{33FF4CF4-2BC4-488F-9020-74AC3243979A}) (Version: 1.1.0 - Western Digital Corporation or its affiliates) WinSCP 5.11.2 (HKLM-x32\...\winscp3_is1) (Version: 5.11.2 - Martin Prikryl) ========================= Devices: ================================ ========================= Memory info: =================================== Percentage of memory in use: 77% Total physical RAM: 8080.51 MB Available physical RAM: 1803.97 MB Total Virtual: 11633.81 MB Available Virtual: 2309.68 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:237.16 GB) (Free:175.03 GB) NTFS 2 Drive d: (Storage) (Fixed) (Total:931.39 GB) (Free:748.53 GB) NTFS 3 Drive e: (ESD-USB) (Removable) (Total:29.29 GB) (Free:25.73 GB) FAT32 ========================= Users: ======================================== User accounts for \\IRISH-SAGER-NP6 Administrator DefaultAccount Guest Irish WDAGUtilityAccount **** End of log ****