I am very sorry, wont happen again.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by jama2 (administrator) on MOHAMED (Micro-Star International Co., Ltd. MS-7C95) (03-05-2024 21:06:16)
Running from C:\Users\jama2\Desktop\FRST64.exe
Loaded Profiles: jama2
Platform: Microsoft Windows 11 Home Version 23H2 22631.3447 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe <8>
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe <2>
(C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNetFilter.exe
(Discord Inc. -> Discord Inc.) C:\Users\jama2\AppData\Local\Discord\app-1.0.9144\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe <2>
(services.exe ->) (Sophos BV -> Sophos B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(services.exe ->) (Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe
(services.exe ->) (Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1803724721d1a34c\RtkAudUService64.exe [1945544 2024-02-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [6851392 2024-04-30] (Sophos Ltd -> Sophos Limited)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\Run: [MicrosoftEdgeAutoLaunch_00B7C720392020D54AEEC5E271F90525] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\Run: [Discord] => C:\Users\jama2\AppData\Local\Discord\Update.exe [1525024 2024-04-09] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.119\Installer\chrmstp.exe [2024-05-03] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {035DA146-B94B-45A1-A892-29E998EE1367} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6441.0{D80113BB-830D-44E6-B8A4-06F8F2D489C8} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {CF4D5968-C381-4EA5-ABB1-5C36173C99F5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {D1E007AB-7BC9-4189-81FD-234939FA1394} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1026589745-2252998717-1832492364-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {7D4ED313-64B2-4E6C-BAB9-07BA15BA1D4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-05-01] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c43f08e-ab0f-416b-a921-9443adf4b029}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c43f08e-ab0f-416b-a921-9443adf4b029}: [DhcpDomain] broadband
Tcpip\..\Interfaces\{63d09afe-d664-4045-a8fe-3bb0e1e71b97}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{90b39e03-26cc-41d2-9efe-b31e1784890a}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
=======
Edge Profile: C:\Users\jama2\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-03]
Edge Extension: (Google Docs Offline) - C:\Users\jama2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\jama2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-21]
FireFox:
========
FF DefaultProfile: 5juomq5b.default
FF ProfilePath: C:\Users\jama2\AppData\Roaming\Mozilla\Firefox\Profiles\5juomq5b.default [2024-05-01]
FF ProfilePath: C:\Users\jama2\AppData\Roaming\Mozilla\Firefox\Profiles\3yx6yv8x.default-release [2024-05-03]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jama2\AppData\Local\Google\Chrome\User Data\Default [2024-05-03]
CHR Extension: (Google Docs Offline) - C:\Users\jama2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
CHR Extension: (EPUBReader) - C:\Users\jama2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2024-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jama2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-25]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 GoogleUpdaterInternalService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [154928 2024-05-02] (Sophos BV -> Sophos B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5270952 2024-04-30] (Sophos Ltd -> SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe [13339672 2024-04-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [3832952 2024-04-30] (Sophos Limited -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1312464 2024-04-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [2665640 2024-04-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [2725536 2024-04-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [2702824 2024-04-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13425488 2024-04-30] (Sophos Ltd -> Sophos Limited)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 13387732; C:\WINDOWS\System32\drivers\13394897.sys [281376 2024-05-03] (Kaspersky Lab -> Kaspersky Lab, Yury Parshin)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [732688 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> SurfRight B.V.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [234312 2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
S3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [91560 2023-08-14] (WDKTestCert lev,132435948852968539 -> OpenVPN, Inc)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_81b332badcdcaabe\rt68cx21x64.sys [752600 2023-09-18] (Realtek Semiconductor Corp. -> Realtek)
R1 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [775328 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S0 Sophos ELAM; C:\WINDOWS\System32\DRIVERS\SophosEL.sys [30712 2024-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\WINDOWS\System32\DRIVERS\SophosED.sys [2559024 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2023-07-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20936 2024-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601376 2024-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-09] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-03 21:04 - 2024-05-03 21:04 - 000000000 ___HD C:\OneDriveTemp
2024-05-03 19:53 - 2024-05-03 19:54 - 000312046 _____ C:\TDSSKiller.3.1.0.28_03.05.2024_19.53.03_log.txt
2024-05-03 19:52 - 2024-05-03 19:52 - 000281376 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\13394897.sys
2024-05-03 19:52 - 2024-05-03 19:52 - 000234312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-05-03 19:52 - 2024-05-03 19:52 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-05-03 19:51 - 2024-05-03 19:52 - 000002446 _____ C:\TDSSKiller.3.1.0.28_03.05.2024_19.51.53_log.txt
2024-05-03 19:00 - 2024-05-03 19:01 - 000313378 _____ C:\TDSSKiller.3.1.0.28_03.05.2024_19.00.23_log.txt
2024-05-03 18:57 - 2024-05-03 19:05 - 000000000 ____D C:\Users\jama2\Desktop\mbar
2024-05-03 18:57 - 2024-05-03 19:05 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2024-05-03 18:57 - 2024-05-03 18:57 - 014178840 _____ (Malwarebytes Corp.) C:\Users\jama2\Downloads\mbar-1.10.3.1001.exe
2024-05-03 18:57 - 2024-05-03 18:57 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\517B1745.sys
2024-05-03 17:43 - 2024-05-03 17:43 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-05-03 17:41 - 2024-05-03 19:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-03 17:41 - 2024-05-03 17:41 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-03 17:41 - 2024-05-03 17:41 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-03 17:41 - 2024-05-03 17:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1026589745-2252998717-1832492364-1001
2024-05-03 17:41 - 2024-05-03 17:41 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1026589745-2252998717-1832492364-1001
2024-05-03 17:41 - 2024-05-03 17:41 - 000000020 ___SH C:\Users\jama2\ntuser.ini
2024-05-03 17:41 - 2024-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-05-03 17:41 - 2024-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-05-03 17:40 - 2024-05-03 17:41 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2024-05-03 17:40 - 2024-05-03 17:41 - 000011433 _____ C:\WINDOWS\diagerr.xml
2024-05-03 17:40 - 2024-05-03 17:40 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-03 17:37 - 2024-05-03 17:37 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-05-03 17:37 - 2024-05-03 17:37 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-05-03 17:36 - 2024-05-03 19:52 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-05-03 17:36 - 2024-05-03 17:41 - 000000000 ____D C:\Windows.old
2024-05-03 17:36 - 2024-05-03 17:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-03 17:36 - 2024-05-03 17:36 - 000295488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-03 17:30 - 2024-05-03 17:36 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Crypto
2024-05-03 17:30 - 2024-05-03 17:30 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\SystemCertificates
2024-05-03 17:30 - 2024-05-03 17:30 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Network
2024-05-03 17:28 - 2024-05-03 17:42 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Windows
2024-05-03 17:28 - 2024-05-03 17:41 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Spelling
2024-05-03 17:28 - 2024-05-03 17:41 - 000000000 ____D C:\Users\jama2
2024-05-03 17:28 - 2024-05-03 17:36 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-05-03 17:27 - 2024-05-03 17:28 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-05-03 17:25 - 2024-05-03 17:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-05-03 17:20 - 2024-05-03 17:20 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-03 17:19 - 2024-05-03 17:19 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-03 17:15 - 2024-05-03 17:15 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2024-05-03 17:15 - 2024-05-03 17:15 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-05-03 17:15 - 2024-05-03 17:15 - 000000000 ____D C:\WINDOWS\addins
2024-05-03 17:06 - 2024-05-03 17:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-05-03 16:45 - 2024-05-03 17:41 - 000000000 ___DC C:\WINDOWS\Panther
2024-05-03 16:25 - 2024-05-03 16:34 - 2517739520 _____ C:\Users\jama2\Downloads\Win11_23H2_English_x64v2.iso
2024-05-03 15:21 - 2024-05-03 15:21 - 000001226 _____ C:\Users\jama2\Downloads\Malwarebytes Scan Report 2024-05-03 151931.txt
2024-05-03 15:18 - 2024-05-03 19:41 - 000000000 ____D C:\Users\jama2\AppData\Local\Malwarebytes
2024-05-03 15:18 - 2024-05-03 18:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-05-03 15:18 - 2024-05-03 15:18 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-05-03 15:18 - 2024-05-03 15:18 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-05-03 15:16 - 2024-05-03 15:18 - 000000000 ____D C:\Program Files\Malwarebytes
2024-05-03 15:15 - 2024-05-03 15:15 - 002589624 _____ (Malwarebytes) C:\Users\jama2\Downloads\MBSetup.exe
2024-05-03 15:13 - 2024-05-03 15:13 - 000010475 _____ C:\Users\jama2\Downloads\Fixlog2.txt
2024-05-02 22:01 - 2024-05-03 19:12 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2024-05-02 22:01 - 2024-05-03 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2024-05-02 22:01 - 2024-05-02 22:01 - 000000000 ____D C:\Program Files\HitmanPro
2024-05-02 21:01 - 2024-05-02 21:01 - 000035844 _____ C:\Users\jama2\Desktop\FRST2.txt
2024-05-02 21:01 - 2024-05-02 21:01 - 000034734 _____ C:\Users\jama2\Desktop\Addition2.txt
2024-05-02 20:57 - 2024-05-03 21:06 - 000016871 _____ C:\Users\jama2\Desktop\FRST.txt
2024-05-02 20:57 - 2024-05-02 21:00 - 000034718 _____ C:\Users\jama2\Desktop\Addition.txt
2024-05-02 20:29 - 2024-05-02 20:29 - 008791352 _____ (Malwarebytes) C:\Users\jama2\Downloads\AdwCleaner.exe
2024-05-02 20:29 - 2024-05-02 20:29 - 008790880 _____ (Malwarebytes) C:\Users\jama2\Downloads\adwcleaner(1).exe
2024-05-02 20:29 - 2024-05-02 20:29 - 000000000 ____D C:\AdwCleaner
2024-05-01 17:14 - 2024-05-01 17:15 - 000308740 _____ C:\TDSSKiller.3.1.0.28_01.05.2024_17.14.39_log.txt
2024-05-01 15:49 - 2024-05-01 15:50 - 014287912 _____ (Sophos B.V.) C:\Users\jama2\Downloads\HitmanPro_x64 (1).exe
2024-05-01 15:32 - 2024-05-01 15:32 - 000471950 _____ C:\Users\jama2\Downloads\msinfo.dll
2024-05-01 15:31 - 2024-05-01 15:31 - 000495803 _____ C:\Users\jama2\Downloads\ATL.DLL
2024-05-01 14:52 - 2024-05-03 15:13 - 000010475 _____ C:\Users\jama2\Desktop\Fixlog.txt
2024-05-01 14:50 - 2024-05-01 14:50 - 002394112 _____ (Farbar) C:\Users\jama2\Desktop\FRST64.exe
2024-05-01 13:57 - 2024-05-01 13:58 - 000309118 _____ C:\TDSSKiller.3.1.0.28_01.05.2024_13.57.14_log.txt
2024-05-01 13:10 - 2024-05-01 13:11 - 000036302 _____ C:\Users\jama2\Downloads\Addition.txt
2024-05-01 13:09 - 2024-05-03 21:06 - 000000000 ____D C:\FRST
2024-05-01 13:09 - 2024-05-01 13:11 - 000038530 _____ C:\Users\jama2\Downloads\FRST.txt
2024-05-01 13:08 - 2024-05-03 15:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-30 22:16 - 2024-05-03 19:53 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2024-04-30 22:16 - 2024-05-03 17:43 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2024-04-30 22:16 - 2024-05-03 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\SophosED
2024-04-30 22:16 - 2024-05-03 17:36 - 000000000 ____D C:\WINDOWS\system32\SophosED
2024-04-30 22:16 - 2024-05-03 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2024-04-30 22:16 - 2024-04-30 22:17 - 000000000 ____D C:\WINDOWS\CryptoGuard
2024-04-30 22:16 - 2024-04-30 22:15 - 001040872 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2024-04-30 22:16 - 2024-04-30 22:15 - 000990216 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2024-04-30 22:16 - 2024-04-30 22:15 - 000060192 _____ (Sophos Limited) C:\WINDOWS\system32\SophosNA.exe
2024-04-30 22:15 - 2024-04-30 22:20 - 000000000 ____D C:\ProgramData\Sophos
2024-04-30 22:15 - 2024-04-30 22:16 - 000000000 ____D C:\Program Files\Sophos
2024-04-30 22:15 - 2024-04-30 22:15 - 000000000 ____D C:\Program Files\Common Files\Sophos
2024-04-30 22:14 - 2024-04-30 22:17 - 000000000 ____D C:\Program Files (x86)\Sophos
2024-04-30 22:14 - 2024-04-30 22:14 - 003770440 _____ (Sophos Limited) C:\Users\jama2\Downloads\SophosInstall.exe
2024-04-30 22:13 - 2024-04-30 22:13 - 000303364 _____ C:\TDSSKiller.3.1.0.28_30.04.2024_22.13.16_log.txt
2024-04-30 21:07 - 2024-04-30 21:07 - 005964808 _____ (Opera Software) C:\Users\jama2\Downloads\OperaGXSetup (4).exe
2024-04-30 13:41 - 2024-04-30 13:42 - 000303214 _____ C:\TDSSKiller.3.1.0.28_30.04.2024_13.41.21_log.txt
2024-04-30 13:40 - 2024-04-30 13:40 - 000002446 _____ C:\TDSSKiller.3.1.0.28_30.04.2024_13.40.35_log.txt
2024-04-30 13:38 - 2024-04-30 13:39 - 000302832 _____ C:\TDSSKiller.3.1.0.28_30.04.2024_13.38.29_log.txt
2024-04-30 13:37 - 2024-04-30 13:37 - 000002446 _____ C:\TDSSKiller.3.1.0.28_30.04.2024_13.37.37_log.txt
2024-04-30 13:36 - 2024-04-30 13:36 - 000061901 _____ C:\Users\jama2\Downloads\UCD35_Mahamed_Jama (1).pdf
2024-04-29 23:55 - 2024-04-29 23:55 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Xiaomi
2024-04-29 23:52 - 2024-04-29 23:52 - 098374170 _____ C:\Users\jama2\Downloads\MiFlash20220507.zip
2024-04-29 23:28 - 2024-04-29 23:28 - 000000064 _____ C:\Users\jama2\Downloads\a2whitelist.ini
2024-04-29 23:27 - 2024-04-29 23:27 - 000000000 ____D C:\Users\jama2\Downloads\Reports
2024-04-29 23:26 - 2024-04-29 23:28 - 000006900 _____ C:\Users\jama2\Downloads\a2settings.ini
2024-04-29 23:26 - 2024-04-29 23:26 - 000000000 ____D C:\Users\jama2\Downloads\Quarantine
2024-04-29 23:07 - 2024-04-30 19:17 - 000002526 _____ C:\Users\jama2\Downloads\FSS.txt
2024-04-29 22:57 - 2024-04-29 22:59 - 000304710 _____ C:\TDSSKiller.3.1.0.28_29.04.2024_22.57.17_log.txt
2024-04-29 22:55 - 2024-04-29 22:55 - 000000000 ____D C:\TDSSKiller_Quarantine
2024-04-29 22:54 - 2024-04-29 22:56 - 000306936 _____ C:\TDSSKiller.3.1.0.28_29.04.2024_22.54.47_log.txt
2024-04-29 22:53 - 2024-04-29 22:53 - 000002446 _____ C:\TDSSKiller.3.1.0.28_29.04.2024_22.53.49_log.txt
2024-04-29 22:51 - 2024-04-29 22:53 - 005054744 _____ (AO Kaspersky Lab) C:\Users\jama2\Downloads\tdsskiller.exe
2024-04-29 22:51 - 2024-04-29 22:53 - 000000000 ____D C:\ProgramData\HitmanPro
2024-04-29 22:50 - 2024-04-29 22:51 - 014287912 _____ (Sophos B.V.) C:\Users\jama2\Downloads\HitmanPro_x64.exe
2024-04-29 14:25 - 2024-04-29 14:25 - 000000000 ____D C:\Users\jama2\AppData\Local\ToastNotificationManagerCompat
2024-04-29 14:06 - 2024-04-29 14:59 - 000000000 ____D C:\Users\jama2\AppData\Local\DiskDrill
2024-04-29 14:06 - 2024-04-29 14:06 - 000000018 _____ C:\Users\jama2\AppData\Roaming\.cache9050425797200915815.dat
2024-04-29 14:06 - 2024-04-29 14:06 - 000000000 ___HD C:\.cleverfiles
2024-04-29 14:06 - 2024-04-29 14:06 - 000000000 ____D C:\Users\jama2\AppData\Local\CrashRpt
2024-04-29 14:06 - 2024-04-29 14:06 - 000000000 ____D C:\ProgramData\CleverFiles
2024-04-29 14:05 - 2024-04-29 14:05 - 023185752 _____ (CleverFiles) C:\Users\jama2\Downloads\disk-drill-win.exe
2024-04-28 20:22 - 2024-04-28 20:22 - 005964808 _____ (Opera Software) C:\Users\jama2\Downloads\OperaGXSetup (3).exe
2024-04-28 20:22 - 2024-04-28 20:22 - 005964808 _____ (Opera Software) C:\Users\jama2\Downloads\OperaGXSetup (2).exe
2024-04-27 23:28 - 2024-04-27 23:28 - 000001674 _____ C:\Users\jama2\Downloads\mo.pem
2024-04-27 20:51 - 2024-04-27 20:51 - 005964880 _____ (Opera Software) C:\Users\jama2\Downloads\OperaGXSetup (1).exe
2024-04-27 20:06 - 2024-04-27 20:06 - 005387944 _____ (Opera Software) C:\Users\jama2\Downloads\OperaSetup (1).exe
2024-04-25 13:25 - 2024-04-25 13:25 - 000000000 ____D C:\Users\jama2\AppData\Local\PackageManagement
2024-04-25 13:25 - 2024-04-25 13:25 - 000000000 ____D C:\Program Files\PackageManagement
2024-04-25 12:10 - 2024-05-01 22:45 - 008329944 _____ C:\Users\jama2\Downloads\psiphon3.exe
2024-04-25 12:10 - 2024-04-25 12:10 - 008329944 _____ C:\Users\jama2\Downloads\psiphon3.exe.orig
2024-04-25 12:10 - 2024-04-25 12:10 - 000000000 ____D C:\Users\jama2\AppData\Local\Psiphon3
2024-04-25 12:03 - 2024-04-25 12:03 - 000000000 ____D C:\Users\jama2\AppData\Local\Opera Software
2024-04-25 12:02 - 2024-04-25 12:02 - 005388600 _____ (Opera Software) C:\Users\jama2\Downloads\OperaSetup.exe
2024-04-25 12:02 - 2024-04-25 12:02 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Opera Software
2024-04-25 10:03 - 2024-04-25 10:05 - 000000000 ____D C:\Program Files\dotnet
2024-04-25 10:03 - 2024-04-25 10:04 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-04-25 10:03 - 2024-04-25 10:03 - 000000000 ____D C:\Users\jama2\AppData\Local\IsolatedStorage
2024-04-25 10:03 - 2024-04-25 10:03 - 000000000 ____D C:\Users\jama2\AppData\Local\AdvinstAnalytics
2024-04-25 10:03 - 2024-04-25 10:03 - 000000000 ____D C:\ProgramData\Caphyon
2024-04-22 17:38 - 2024-05-01 14:53 - 000000000 ____D C:\Users\jama2\AppData\LocalLow\Temp
2024-04-22 17:38 - 2024-04-22 17:38 - 004120008 _____ C:\Users\jama2\Downloads\Secondary adrenal insufficiency.pdf
2024-04-17 21:17 - 2024-04-17 21:17 - 003582472 _____ (Opera Software) C:\Users\jama2\Downloads\OperaGXSetup.exe
2024-04-17 07:19 - 2024-05-03 21:05 - 000000000 ____D C:\Users\jama2\AppData\Roaming\discord
2024-04-17 07:19 - 2024-05-03 21:04 - 000000000 ____D C:\Users\jama2\AppData\Local\Discord
2024-04-17 07:19 - 2024-05-03 17:36 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-04-17 07:19 - 2024-05-02 19:52 - 000002247 _____ C:\Users\jama2\Desktop\Discord.lnk
2024-04-17 07:19 - 2024-04-17 07:19 - 000000000 ____D C:\Users\jama2\AppData\Roaming\NVIDIA
2024-04-17 07:18 - 2024-04-17 07:19 - 112800488 _____ (Discord Inc.) C:\Users\jama2\Downloads\DiscordSetup.exe
2024-04-15 09:46 - 2024-04-15 09:46 - 000000000 ____D C:\Users\jama2\AppData\Local\Aiseesoft Studio
2024-04-15 09:45 - 2024-04-15 09:45 - 041954296 _____ (Aiseesoft Studio ) C:\Users\jama2\Downloads\android-data-recovery.exe
2024-04-15 09:41 - 2024-04-15 09:41 - 000000000 ____D C:\Users\jama2\Downloads\dmde-4-0-6-806-win64-gui
2024-04-15 09:40 - 2024-04-15 09:40 - 001936420 _____ C:\Users\jama2\Downloads\dmde-4-0-6-806-win64-gui.zip
2024-04-15 09:29 - 2024-04-15 09:30 - 020447360 _____ (iMobie Inc.) C:\Users\jama2\Downloads\droidkit-en-setup (1).exe
2024-04-15 09:28 - 2024-04-15 09:28 - 000000000 ____D C:\Tenorshare
2024-04-15 09:27 - 2024-04-15 09:27 - 000000000 ___HD C:\UltData_Android
2024-04-15 09:18 - 2024-04-26 20:06 - 000000000 ____D C:\Users\jama2\AppData\Local\CrashDumps
2024-04-15 09:18 - 2024-04-15 09:18 - 000000000 ____D C:\Users\jama2\AppData\Roaming\TSMonitor
2024-04-15 09:18 - 2024-04-15 09:18 - 000000000 ____D C:\Program Files\DIFX
2024-04-15 09:17 - 2024-04-15 09:17 - 002293520 _____ (Tenorshare Co., Ltd.) C:\Users\jama2\Downloads\ultdata-android.exe
2024-04-15 09:17 - 2024-04-15 09:17 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2024-04-15 09:10 - 2024-04-15 09:54 - 000000000 ____D C:\Program Files (x86)\iCare Data Recovery Free
2024-04-15 09:10 - 2024-04-15 09:10 - 004400366 _____ C:\Users\jama2\Downloads\icarefree.zip
2024-04-15 09:01 - 2024-04-15 09:25 - 000000000 ____D C:\Program Files (x86)\EaseUS
2024-04-15 09:01 - 2024-04-15 09:01 - 181483424 _____ (EaseUS ) C:\Users\jama2\Downloads\saverforandroid_free_easeus.exe
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\Users\jama2\AppData\Roaming\SystemAcCrux
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\Users\jama2\AppData\Roaming\EaseUS
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\Users\jama2\AppData\Local\NVIDIA
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\Users\jama2\AppData\Local\MobiSaverForAndroid
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\Users\jama2\AppData\Local\EaseUS
2024-04-15 09:01 - 2024-04-15 09:01 - 000000000 ____D C:\ProgramData\MobiSaver for Android
2024-04-15 09:00 - 2024-04-15 09:00 - 001692544 _____ C:\Users\jama2\Downloads\saverforandroid_free_Installer_20240415.682.exe
2024-04-15 09:00 - 2024-04-15 09:00 - 001692544 _____ C:\Users\jama2\Downloads\saverforandroid_free_Installer_20240415.17131680357627b682.exe
2024-04-15 07:27 - 2024-04-15 07:27 - 000000000 ____D C:\Users\jama2\Tracing
2024-04-15 02:58 - 2024-04-15 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2024-04-15 02:58 - 2024-04-15 02:58 - 000000000 ____D C:\Users\jama2\AppData\Roaming\iMobie
2024-04-15 02:58 - 2024-04-15 02:58 - 000000000 ____D C:\Users\jama2\AppData\Local\iMobie_Inc
2024-04-15 02:57 - 2024-04-15 09:53 - 000000000 ____D C:\Program Files (x86)\iMobie
2024-04-15 02:57 - 2024-04-15 09:30 - 000000352 _____ C:\Users\jama2\Downloads\dk_log.txt
2024-04-15 02:57 - 2024-04-15 02:57 - 020447360 _____ (iMobie Inc.) C:\Users\jama2\Downloads\droidkit-en-setup.exe
2024-04-15 02:43 - 2024-04-15 02:44 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Apple Computer
2024-04-15 02:43 - 2024-04-15 02:43 - 000000000 ____D C:\Users\jama2\AppData\Local\Apple Computer
2024-04-15 02:43 - 2024-04-15 02:43 - 000000000 ____D C:\Users\jama2\.android
2024-04-15 02:41 - 2024-04-15 02:41 - 002506232 _____ C:\Users\jama2\Downloads\drfone_recover_setup_full3848.exe
2024-04-14 01:31 - 2024-04-14 01:31 - 000000000 ____D C:\WINDOWS\system32\o2
2024-04-14 01:31 - 2024-04-14 01:31 - 000000000 ____D C:\Users\jama2\AppData\Local\CEF
2024-04-14 01:30 - 2024-04-30 22:15 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-03 21:05 - 2023-09-25 14:50 - 000000000 ____D C:\Users\jama2\AppData\Local\Packages
2024-05-03 21:05 - 2023-09-25 14:50 - 000000000 ____D C:\ProgramData\Packages
2024-05-03 21:05 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-03 21:04 - 2023-09-25 14:52 - 000000000 ___RD C:\Users\jama2\OneDrive
2024-05-03 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-03 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-03 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-03 19:53 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-05-03 19:52 - 2023-09-25 14:33 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-03 19:52 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-03 19:43 - 2023-09-25 14:52 - 000000000 ____D C:\Users\jama2\AppData\Local\PlaceholderTileLogoFolder
2024-05-03 19:42 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-03 17:58 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-03 17:57 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-03 17:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-05-03 17:43 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-03 17:41 - 2023-09-25 14:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-05-03 17:41 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-03 17:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-03 17:41 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-03 17:37 - 2023-09-25 15:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-05-03 17:37 - 2023-09-25 15:00 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-03 17:37 - 2023-09-25 15:00 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-03 17:37 - 2023-09-25 14:34 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-03 17:37 - 2023-09-25 14:34 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-03 17:37 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2024-05-03 17:36 - 2024-01-10 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2024-05-03 17:36 - 2023-11-27 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2024-05-03 17:36 - 2023-09-25 16:45 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2024-05-03 17:36 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-03 17:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-03 17:36 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-05-03 17:36 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-05-03 17:35 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-05-03 17:28 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-05-03 17:26 - 2023-12-04 07:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-05-03 17:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-03 17:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-03 17:25 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-03 17:16 - 2023-12-04 07:25 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2024-05-03 17:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2024-05-03 17:14 - 2022-05-07 07:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-03 17:14 - 2022-05-07 07:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-03 17:14 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-05-03 17:14 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-03 17:14 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-03 16:39 - 2023-09-25 14:50 - 000000000 ____D C:\Users\jama2\AppData\Local\D3DSCache
2024-05-01 19:17 - 2023-09-25 14:52 - 000002383 _____ C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-01 14:33 - 2023-12-13 23:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-01 13:11 - 2023-12-13 23:14 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-04-30 22:28 - 2024-01-10 22:15 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-29 15:22 - 2023-12-13 23:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-04-27 23:28 - 2023-10-04 16:10 - 000000000 ____D C:\Users\jama2\AppData\Local\gnupg
2024-04-25 13:25 - 2023-10-30 12:54 - 000000000 ____D C:\Users\jama2\AppData\Roaming\Microsoft\Teams
2024-04-25 10:16 - 2024-01-10 22:17 - 000000000 ____D C:\Users\jama2\.VirtualBox
2024-04-25 10:09 - 2024-01-10 22:17 - 000000000 ____D C:\ProgramData\VirtualBox
2024-04-17 07:19 - 2023-10-30 12:54 - 000000000 ____D C:\Users\jama2\AppData\Local\SquirrelTemp
2024-04-15 09:01 - 2023-10-04 16:10 - 000000000 ____D C:\Users\jama2\AppData\Local\cache
2024-04-15 07:27 - 2023-09-25 14:49 - 000000000 ___SD C:\Users\jama2\AppData\Roaming\Microsoft\Credentials
2024-04-15 02:43 - 2023-11-24 00:34 - 000000000 ____D C:\ProgramData\Apple
2024-04-09 21:48 - 2023-09-25 19:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-09 21:47 - 2023-09-25 19:18 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-09 21:40 - 2023-09-25 14:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2024-04-29 14:06 - 2024-04-29 14:06 - 000000018 _____ () C:\Users\jama2\AppData\Roaming\.cache9050425797200915815.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by jama2 (03-05-2024 21:07:44)
Running from C:\Users\jama2\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3447 (X64) (2024-05-03 16:41:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1026589745-2252998717-1832492364-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1026589745-2252998717-1832492364-503 - Limited - Disabled)
Guest (S-1-5-21-1026589745-2252998717-1832492364-501 - Limited - Disabled)
jama2 (S-1-5-21-1026589745-2252998717-1832492364-1001 - Administrator - Enabled) => C:\Users\jama2
WDAGUtilityAccount (S-1-5-21-1026589745-2252998717-1832492364-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Home (Enabled - Up to date) {008D2539-910E-337A-85E5-586D97ABA594}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Discord (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\Discord) (Version: 1.0.9039 - Discord Inc.)
DroidKit (HKLM-x32\...\DroidKit) (Version: 1.0.1.1 - iMobie Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.4.3 - The GnuPG Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.119 - Google LLC)
Gpg4win (4.2.0) (HKLM-x32\...\Gpg4win) (Version: 4.2.0 - The Gpg4win Project)
Harver System Checker 2.0.8 (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\57ba83c7-44cc-50c5-93e2-68092ebb1ce7) (Version: 2.0.8 - Harver)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.34.330 - SurfRight B.V.)
Malwarebytes version 5.1.3.110 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.3.110 - Malwarebytes)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft .NET Host - 7.0.18 (x64) (HKLM\...\{8B68385D-2790-41EE-8D7C-3B82B4DF2E78}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.18 (x86) (HKLM-x32\...\{389F17A6-E821-4C30-AD19-6C6F9A295808}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.18 (x64) (HKLM\...\{97B1AA87-A6DA-474C-B607-7627F2D7B98A}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.18 (x86) (HKLM-x32\...\{3E6B2806-21EF-4D42-85B6-96E043850F51}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.18 (x64) (HKLM\...\{2BC88C2F-92B5-4BB0-B40E-EC88F0EEA057}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.18 (x86) (HKLM-x32\...\{5CE21DDB-895C-43B1-BAC6-61E65884FFB2}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.18 - Shared Framework (x64) (HKLM-x32\...\{18b6ac9e-c37f-4b56-825e-e8ccb5430cbb}) (Version: 7.0.18.24169 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.18 - Shared Framework (x86) (HKLM-x32\...\{7f65fae2-11ca-4610-8e43-a7897d8c6bf6}) (Version: 7.0.18.24169 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.18 Shared Framework (x64) (HKLM\...\{D9DA4FA8-A5C9-39A5-A6BE-7FD7CBEB4FB6}) (Version: 7.0.18.24169 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.18 Shared Framework (x86) (HKLM-x32\...\{80344068-0B48-3E92-B17B-4FB97857397D}) (Version: 7.0.18.24169 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\OneDriveSetup.exe) (Version: 24.076.0414.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{ACF2602E-BD31-4BE5-AC03-9C8FDB638ADA}) (Version: 4.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM\...\{F91C5C9A-FDEF-44D0-88D8-40113345FAA7}) (Version: 56.72.12035 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM-x32\...\{9926fb6d-a007-472d-b0dc-38d7e8c475e0}) (Version: 7.0.18.33520 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.18 (x86) (HKLM-x32\...\{76BE2305-940F-4B0D-9B46-6F4EEEF8B17D}) (Version: 56.72.12035 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.18 (x86) (HKLM-x32\...\{909f452d-77d0-4433-91a8-e6d5c5e40ede}) (Version: 7.0.18.33520 - Microsoft Corporation)
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 124.0.2 (x64 en-GB)) (Version: 124.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
NVIDIA Graphics Driver 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
Oracle VM VirtualBox 7.0.12 (HKLM\...\{63D7619C-79C2-42B6-A463-060F52EAF7C0}) (Version: 7.0.12 - Oracle and/or its affiliates)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.15.0717.2023 - Realtek)
Sophos AMSI Protection (HKLM\...\{0EA5323F-DE1B-480C-911E-7827E5EA20E9}) (Version: 1.9.2935 - Sophos Limited) Hidden
Sophos AutoUpdate (HKLM\...\{0877470A-EA34-42E2-920A-495E92386A0C}) (Version: 6.16.878 - Sophos Limited) Hidden
Sophos Diagnostic Utility (HKLM\...\{8078549C-CFF0-48C5-9B77-6BA48A14673D}) (Version: 6.16.846 - Sophos Limited) Hidden
Sophos Endpoint Defense (HKLM\...\Sophos Endpoint Defense) (Version: 3.2.0.1560 - Sophos Limited) Hidden
Sophos Exploit Prevention (HKLM\...\{866151B2-E14E-40E0-B6D9-64B1D428F5CB}) (Version: 3.9.0.1391 - Sophos Limited) Hidden
Sophos File Scanner (HKLM\...\{CD39E739-F480-4AC4-B0C9-68CA731D8AC6}) (Version: 1.11.3.1567 - Sophos Limited) Hidden
Sophos Health (HKLM-x32\...\{5E8436D5-3688-4007-94C7-55D017275F89}) (Version: 2.13.568 - Sophos Limited) Hidden
Sophos Home (HKLM\...\Sophos Endpoint Agent) (Version: 2023.2.2.2 - Sophos Limited)
Sophos Home (HKLM-x32\...\{8CE5BFB6-E8E8-46BA-AAA4-FF75114B7778}) (Version: 5.4.118.0 - Sophos Limited) Hidden
Sophos Home Clean (HKLM\...\Sophos Home Clean) (Version: 3.9.109.0 - Sophos Limited) Hidden
Sophos Management Communications System (HKLM-x32\...\{2C14E1A2-C4EB-466E-8374-81286D723D3A}) (Version: 4.20.46 - Sophos Limited) Hidden
Sophos ML Engine (HKLM\...\Sophos ML Engine) (Version: 1.8.25.436 - Sophos Limited) Hidden
Sophos Network Threat Protection (HKLM\...\{2D2A1891-4657-4E6F-9373-BFCE4C9AC5BA}) (Version: 2023.2.886 - Sophos Limited) Hidden
Sophos Standalone Engine (HKLM\...\Sophos Standalone Engine) (Version: 3.89.0.57 - Sophos Limited) Hidden
Chrome apps:
============
Docs (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\cfe71410a73e4741a5c74e8377b19021) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\b1e4745b2953f7d4351fb4be3dcb8fdd) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\1a3529433473e75c899d37ca65c99f7f) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\...\c83dd905636f0ef7e9682e7147fed614) (Version: 1.0 - Google\Chrome)
Packages:
=========
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1300.477.0_x64__8wekyb3d8bbwe [2024-05-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-05-03] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.23.0_neutral__8xx8rvfyw5nnt [2024-05-03] (Instagram)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa [2024-03-27] (Apple Inc.) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2024-05-03] (Microsoft Corp.)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-05-03] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-05-03] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_0.24041.34.0_x64__cw5n1h2txyewy [2024-05-03] (Microsoft Windows)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-03] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.324.0_x64__dt26b99r8h8gj [2024-04-12] (Realtek Semiconductor Corp)
Reddit -> C:\Program Files\WindowsApps\redditTV.Reddit_1.0.1.0_neutral__99kbdge22ed1a [2024-05-03] (Reddit Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0 [2024-05-03] (Spotify AB) [Startup Task]
Windows CoPilot MSIX Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.CoPilot_724.1301.930.5_x64__cw5n1h2txyewy [2024-05-03] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-05-03] (Microsoft Corporation)
Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.1.20151.0_x64__8wekyb3d8bbwe [2024-04-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2023-07-14] (g10 Code GmbH -> g10 Code GmbH)
ContextMenuHandlers1: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2024-04-30] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers2: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2024-04-30] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2023-07-14] (g10 Code GmbH -> g10 Code GmbH)
ContextMenuHandlers4: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2024-04-30] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2024-04-30] (Sophos Ltd -> Sophos Limited)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\jama2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\jama2\Downloads\mbar-1.10.3.1001.exe:MBAM.Zone.Identifier [244]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13387732.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13387732.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1026589745-2252998717-1832492364-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Local Area Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9600D680-56B6-43BC-8A7D-08C7CE93B9F1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{77D3655D-DB04-49D0-BF95-8951CF570D3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A635C6DC-BCBD-4ACE-8430-9C3DA066E656}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24088.3902.2792.6069_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CC4B2CE-BEC6-46B0-B8BE-F8729B9880D4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24088.3902.2792.6069_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57ED6FC9-58B0-4B6E-9CCA-62005F2B6339}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17E12536-E6BF-43DC-84C7-72CDD472CA1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4C11414-E158-4920-91D2-62A6CF052188}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{564C8192-C709-4EF5-827F-A9414171BD05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58EBC472-1A69-42BA-89F6-0008D27701FA}] => (Allow) C:\Users\jama2\Downloads\ultdata-android.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{498499E5-D811-47E9-ACB2-AE5BD49F96EC}] => (Allow) C:\Users\jama2\Downloads\ultdata-android.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{9B7E9C36-DE3C-43C0-8DE4-A4C9997C7F41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0BAF795F-C98C-4E96-B1D4-6AA3B10E1523}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC6FA6BE-EB5D-4FE4-8829-2357B97C020C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8F578157-9016-463B-8ADC-3E31365E508E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E6F684D-7AC9-4B5E-B1FA-C0BDCC3CA2E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C64202C-F362-458A-B2B4-45426413D3C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{16C89364-C069-4F20-927C-416375255E3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8EFA9E6-EF3E-4D28-8F9E-338C56F80568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73CAAC93-A3CF-4398-AA76-1C9DFF20777F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDBFFF22-FFC5-46CF-925A-CD6E5947DB1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54C1424B-8F2C-46D9-A8F4-E1B556E7E345}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{558D0298-7EC2-40C7-A244-7E666B0BF7D8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A0E00716-3BEC-4307-BAD2-58A678E43C7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4304FD4B-16F4-4482-9957-7B519A5882B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5B5EA842-2294-4490-88A7-EC9D7EE591A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A7FF96B3-BCD0-45C9-9E1F-E2F2A159BB59}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8EEFF0C6-F095-4A47-A69B-904F7FD4E5F8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CF9FE734-341C-4F8A-89DB-ADB92B1A0C5D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F20EA449-2794-492C-AB60-04255A336863}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0EF8F4A9-2090-4D3A-A7D8-0D1DDDB1127D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7938CD3F-DDF6-4043-A089-7D8073022274}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{3D31501C-F4E0-409C-9A1C-8350705D3BC7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7F221A16-6234-40BD-815C-F7FD049AB6DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12E4BD06-AA5F-4B70-8E2A-8A3DAAAE24F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ECFC0205-BAC0-44FE-BF50-A7E72310A2F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0B642DBB-1B7E-476E-833E-CE0FAAE34218}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94110F9D-F34C-4577-9442-125C53ED27EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{27004058-16D2-4EF1-A703-FF889A7B6354}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B484EDC8-0350-4623-8B3F-DEEF1613F99C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8BAC51A-C9E4-407C-81F2-793CB8D0054A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{555C72C8-B0B7-4C75-9CBE-C68F72AB5A5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
03-05-2024 17:56:54 Windows Update
03-05-2024 17:56:59 Windows Update
03-05-2024 17:57:00 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/03/2024 07:53:03 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
GetCACaps
Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (05/03/2024 07:53:03 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
GetCACaps
Method: GET(312ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (05/03/2024 05:41:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
GetCACaps
Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (05/03/2024 05:41:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
GetCACaps
Method: GET(47ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
System errors:
=============
Error: (05/03/2024 07:52:54 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Error: (05/03/2024 07:52:44 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
Error: (05/03/2024 07:52:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (05/03/2024 07:52:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (05/03/2024 05:41:19 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Error: (05/03/2024 05:37:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
CodeIntegrity:
===============
Date: 2024-05-03 21:06:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sophos\Sophos AMSI Protection\SophosAmsiProvider.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2024-05-03 21:04:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2.00 06/04/2020
Motherboard: Micro-Star International Co., Ltd. B550M PRO-VDH WIFI (MS-7C95)
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 16333.03 MB
Available physical RAM: 9078.11 MB
Total Virtual: 17357.03 MB
Available Virtual: 7393.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.84 GB) (Free:372.66 GB) (Model: WDC WDS500G2B0B-00YS70) NTFS
\\?\Volume{d20a9cc1-0c91-4b3a-9b0d-8f630b8455ac}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS
\\?\Volume{892c5427-a038-4a61-8d1c-9abda5c24e77}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================