Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023
Ran by Elder Arthur-Kaye (21-09-2023 00:57:09)
Running from C:\Users\Elder Arthur-Kaye\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) (2023-06-08 09:14:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1494128663-690690108-2164932681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1494128663-690690108-2164932681-503 - Limited - Disabled)
Elder Arthur-Kaye (S-1-5-21-1494128663-690690108-2164932681-1001 - Administrator - Enabled) => C:\Users\Elder Arthur-Kaye
Guest (S-1-5-21-1494128663-690690108-2164932681-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1494128663-690690108-2164932681-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2019 Computer Bible Study Library -- English (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\2019 Computer Bible Study Library -- English) (Version: - )
4K Video Downloader (HKLM\...\{AEA8BC01-FEBD-4A5B-B695-7CF5CE587CC8}) (Version: 4.24.3.5420 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{59d432e9-0cee-4e47-83ab-c9251bdb2bd9}) (Version: 4.24.3.5420 - Open Media LLC)
AirDroid 3.7.1.2 (HKLM-x32\...\AirDroid) (Version: 3.7.1.2 - Sand Studio)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.1.16 - AnyDesk Software GmbH)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.12.1.1001 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\BlueStacksServices) (Version: 3.0.1 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\BlueStacks X) (Version: 10.2.5.1002 - now.gg, Inc.)
ChatGPT (HKLM\...\{79311651-4623-40F8-A0E1-59FBE36000D2}) (Version: 1.0.0 - lencx)
CrystalDiskInfo 9.0.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.0.1 - Crystal Dew World)
CyberLink PowerDVD 22 (HKLM-x32\...\{3584CCD3-8938-45F3-8103-0F3F7ABF4419}) (Version: 22.0.1620.62 - CyberLink Corp.)
Docs (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\a9dd457b8bc8d7c1e498e549a8b7e5cf) (Version: 1.0 - Google\Chrome)
Driver Booster 10 (HKLM-x32\...\Driver Booster_is1) (Version: 10.6.0 - IObit)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3 - )
e-Sword (HKLM-x32\...\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}) (Version: 13.00.0000 - Rick Meyers)
FinePrint (HKLM\...\FinePrint) (Version: 11.12 - FinePrint Software, LLC)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.0.12394 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 80.0.1.0 - Google LLC)
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.70 - Janos Mathe)
IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.0.0.13 - IObit)
ISA3 basic 3.0.2 (HKLM-x32\...\{EB17D8F3-3E62-4A91-96D0-7B2E55C33E07}_is1) (Version: 3.0.2 - Scripture4All Publishing)
LibreOffice 7.5.2.2 (HKLM\...\{B722792A-A194-4906-97A9-58CA688304E8}) (Version: 7.5.2.2 - The Document Foundation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (HKLM\...\{90140000-0015-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0117-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM\...\{90140000-00BA-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM\...\{90140000-002C-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM\...\{90140000-0019-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (HKLM\...\{90140000-0043-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0115-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.180.0828.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MightyText (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\MightyText) (Version: 6.1.7 - MightyText)
MiniTool Partition Wizard Free 12.8 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.8 - MiniTool Software Limited)
Monica 1.1.1 (HKLM\...\2c806f82-a8b4-5c1c-97dd-7babf26e0869) (Version: 1.1.1 - )
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 117.0.1 (x64 en-US)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla)
MTN Pocket Internet (HKLM-x32\...\MTN F@stLink) (Version: 23.015.02.05.429 - Huawei Technologies Co.,Ltd)
Net Speed Meter (HKLM-x32\...\{1FB4A8FC-92D9-4ACA-94E5-01351CC71A30}) (Version: 3.0.3 - Zero Byte)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.5.8 - Duodian Technology Co. Ltd.)
Office Tab Enterprise (HKLM-x32\...\{E89DCA17-E99C-4186-92EB-912EB010364F}) (Version: 14.50 - ExtendOffice.com) Hidden
Office Tab Enterprise (HKLM-x32\...\Office Tab Enterprise 14.50) (Version: 14.50 - ExtendOffice.com)
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Peace (HKLM\...\Peace) (Version: 1.6.4.1 - P.E. Verbeek)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.51.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D4D48631-AC28-4250-B882-C956555B0B1D}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{944EFCFD-823D-4C0A-9B01-CD76EEAEA1F3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version: - Microsoft) Hidden
Smart Defrag 8 (HKLM-x32\...\Smart Defrag_is1) (Version: 8.5.0.281 - IObit)
Soft4Boost Document Converter (HKLM-x32\...\Soft4Boost Document Converter_is1) (Version: Release - Sorentio Systems Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SumatraPDF (HKU\S-1-5-21-1494128663-690690108-2164932681-1001\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
SuperCopier2 (HKLM-x32\...\SuperCopier2) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.195 - Synaptics Incorporated)
TheSage (HKLM-x32\...\TheSage-7) (Version: 7.42.2714 - Sequence Publishing)
theWord (HKLM-x32\...\The Word) (Version: 6.0.0.1527 - Costas Stergiou)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wise Disk Cleaner 10.9.2 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.9.2 - WiseCleaner.com, Inc.)
WordWeb (HKLM-x32\...\WordWeb) (Version: 10 - WordWeb Software)
XnView 2.50.2 (HKLM-x32\...\XnView_is1) (Version: 2.50.2 - Gougelet Pierre-e)
Youtube Downloader HD v. 5.3.3 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
YTD Video Downloader 7.4.0.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 7.4.0.3 - Azureus Software, Inc.) <==== ATTENTION
Packages:
=========
audiomack -> C:\Program Files\WindowsApps\audiomack.com-8C4EA766_1.0.0.0_neutral__j8eyvfkm909kr [2023-07-13] (audiomack.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2023-08-27] (Meta)
Google Keep -> C:\Program Files\WindowsApps\keep.google.com-28152D5D_1.0.0.0_neutral__x6wzt11gmmj3r [2023-08-10] (keep.google.com)
Multi Version Bible -> C:\Program Files\WindowsApps\17348SiphamandlaN.MultiVersionBible_1.1.1.0_x64__cnmz77m8fd77r [2023-06-15] (Siphamandla N)
Pinterest -> C:\Program Files\WindowsApps\1424566A.147190DF3DE79_1.1.1.0_neutral__5byw4zywtsh80 [2023-06-21] (Pinterest Inc.)
Security Verification LinkedIn -> C:\Program Files\WindowsApps\www.linkedin.com-388E59C3_1.0.0.3_neutral__mjhyd36r1mcqe [2023-07-10] (www.linkedin.com)
Shepherd Bible -> C:\Program Files\WindowsApps\46614NiceView.BibleUniversal_1.1.276.0_x64__mbkqqar0c2q2m [2023-09-16] (NxeCcde24 Labs)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-26] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-16] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.9.7.0_x64__t4vj0pshhgkwm [2023-09-16] (Telegram Messenger LLP) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-07-14] (Bytedance Pte. Ltd.)
Twitter -> C:\Program Files\WindowsApps\twitter.com-EF1E79A9_1.0.0.3_neutral__9wdrbcd1pw7ja [2023-07-10] (twitter.com)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm [2023-09-16] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1494128663-690690108-2164932681-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [$PowerDVD22] -> {E8C54B6B-C540-43A5-BDDA-2B0038830F63} => C:\ProgramData\CyberLink\PowerDVD22\OpenWith\PDVD_Shell64.dll [2022-05-10] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-10] (Goversoft LLC -> )
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2006-12-03] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-10] (Goversoft LLC -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-10] (Goversoft LLC -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-22] (Mega Limited -> )
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-10] (Goversoft LLC -> )
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2006-12-03] () [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-10] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-06-10] (Goversoft LLC -> )
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2006-12-03] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\Desktop\APPS\audiomack.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=mkdihegnapdopdbfpaplffhjcghajdca --app-url=hxxps://audiomack.com/?homescreen=1 --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\Desktop\APPS\Proton VPN.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jmlnodannmnfnbjgmglpoplkfofcpgji
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__mkdihegnapdopdbfpaplffhjcghajdca\audiomack.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=mkdihegnapdopdbfpaplffhjcghajdca --app-url=hxxps://audiomack.com/?homescreen=1 --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jgeocpdicgmkeemopbanhokmhcgcflmi\Twitter.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi --app-url=hxxps://twitter.com/?utm_source=homescreen&utm_medium=shortcut --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__eloghjaeeccnacngnpkojdlndlkohhmf\Security Verification LinkedIn.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eloghjaeeccnacngnpkojdlndlkohhmf --app-url=hxxps://www.linkedin.com/checkpoint/challenge/verify --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__eilembjdkfgodjkcjnpgpaenohkicgjd\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__ajinkohnfhbdebdnggdbjkgjflfhcnkk\Pinterest.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ajinkohnfhbdebdnggdbjkgjflfhcnkk --app-url=hxxps://www.pinterest.com/?utm_source=homescreen_icon --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Proton VPN.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jmlnodannmnfnbjgmglpoplkfofcpgji
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\audiomack.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=mkdihegnapdopdbfpaplffhjcghajdca --app-url=hxxps://audiomack.com/?homescreen=1 --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd --app-url=hxxps://keep.google.com/?usp=installed_webapp --app-launch-source=4
ShortcutWithArgument: C:\Users\Elder Arthur-Kaye\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Twitter.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi --app-url=hxxps://twitter.com/?utm_source=homescreen&utm_medium=shortcut --app-launch-source=4
==================== Loaded Modules (Whitelisted) =============
2023-09-20 23:01 - 2023-09-20 23:01 - 002319872 _____ () [File not signed] \\?\C:\Users\Elder Arthur-Kaye\AppData\Local\Temp\1d460b86-07dc-4927-9b66-5946275c823e.tmp.node
2023-06-08 22:49 - 2015-11-30 11:01 - 000098304 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\AboutPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:10 - 001124864 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\AddrBookPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:09 - 000672768 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\AddrBookSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:36 - 001104896 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\AddrBookUIPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:05 - 000646144 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\AtCodec.dll
2023-06-08 22:49 - 2015-11-30 10:14 - 000168960 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\ATR2SMgr.dll
2023-06-08 22:49 - 2015-11-30 10:03 - 000628224 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\Common.dll
2023-06-08 22:49 - 2015-11-30 11:09 - 000119296 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\ConnectMgrUIPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:21 - 000566272 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\core.dll
2023-06-08 22:49 - 2015-11-30 10:07 - 000155136 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DataServicePlugin.dll
2023-06-08 22:49 - 2015-11-30 10:13 - 000732672 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DeviceAppPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:40 - 000651776 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DeviceMgrUIPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:12 - 000734208 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DeviceSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 11:00 - 000315904 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DiagnosisPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:08 - 000236032 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DialUpPlugin.dll
2023-06-08 22:49 - 2015-11-30 16:11 - 000607744 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\DialupUIPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:43 - 000118784 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\LayoutPlugin.dll
2023-06-08 22:50 - 2009-06-23 02:42 - 000043008 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\libgcc_s_dw2-1.dll
2023-06-08 22:49 - 2013-10-26 09:08 - 000692224 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\LiveUpdateInterface.DLL
2023-06-08 22:49 - 2015-11-30 13:54 - 000340480 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\MenuMgrPlugin.dll
2023-06-08 22:50 - 2009-01-10 18:32 - 000011362 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\mingwm10.dll
2023-06-08 22:49 - 2013-12-05 10:36 - 001146880 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NDISAPI.dll
2023-06-08 22:49 - 2015-11-30 10:08 - 000201728 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NDISPlugin.dll
2023-06-08 22:49 - 2015-11-30 13:53 - 000421888 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NetConnectPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:07 - 000158720 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NetConnectSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:14 - 000707072 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NetInfoSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 11:01 - 000597504 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NetInfoUIExPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:08 - 000253952 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NetSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:31 - 000097792 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\NotifyServicePlugin.dll
2023-06-08 22:49 - 2015-11-30 10:06 - 000102400 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\OSAdapt.dll
2023-06-08 22:49 - 2015-11-30 10:06 - 000166912 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\OSDialup.dll
2023-06-08 22:49 - 2015-11-30 10:06 - 000131584 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\OSNDIS.dll
2023-06-08 22:49 - 2015-11-30 10:06 - 000065536 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\OSPowerMgr.dll
2023-06-08 22:50 - 2013-08-31 08:43 - 000306176 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\phonon4.dll
2023-06-08 22:49 - 2015-11-30 10:04 - 000583168 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\PluginContainer.dll
2023-06-08 22:50 - 2013-06-08 03:45 - 000082944 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\plugins\imageformats\qgif4.dll
2023-06-08 22:50 - 2013-06-08 03:45 - 000081920 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\plugins\imageformats\qico4.dll
2023-06-08 22:50 - 2013-06-08 03:45 - 000192000 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\plugins\imageformats\qjpeg4.dll
2023-06-08 22:50 - 2013-06-08 03:45 - 000350720 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\plugins\imageformats\qmng4.dll
2023-06-08 22:50 - 2013-06-08 03:45 - 000370176 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\plugins\imageformats\qtiff4.dll
2023-06-08 22:49 - 2015-11-30 10:07 - 000413696 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\Proxy.DLL
2023-06-08 22:50 - 2013-08-31 05:44 - 002417152 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtCore4.dll
2023-06-08 22:50 - 2013-08-31 05:59 - 009559040 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtGui4.dll
2023-06-08 22:50 - 2013-08-31 05:46 - 001148416 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtNetwork4.dll
2023-06-08 22:50 - 2013-02-18 07:22 - 015675904 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtWebKit4.DLL
2023-06-08 22:50 - 2013-08-31 05:44 - 000398336 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtXml4.dll
2023-06-08 22:50 - 2013-08-31 08:42 - 003962368 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\QtXmlPatterns4.dll
2023-06-08 22:49 - 2015-11-30 13:52 - 000291840 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\sdk.dll
2023-06-08 22:49 - 2015-11-30 10:11 - 000704000 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\SmsAppPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:10 - 000220160 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\SmsSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:31 - 000920064 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\SMSUIPlugin.dll
2023-06-08 22:49 - 2016-03-08 09:02 - 000334848 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\StatusBarMgrPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:10 - 000157184 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\STKSrvPlugin.dll
2023-06-08 22:49 - 2016-03-04 06:27 - 000303104 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\ToolBarMgrPlugin.dll
2023-06-08 22:49 - 2015-11-30 10:04 - 000157696 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\Trace.dll
2023-06-08 22:49 - 2015-11-30 10:10 - 000142336 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\USSDSrvPlugin.dll
2023-06-08 22:49 - 2015-11-30 11:03 - 000910336 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\USSDUIPlugin.dll
2023-06-08 22:49 - 2013-12-05 10:36 - 000155648 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\Win7Support.dll
2023-06-08 22:49 - 2015-11-30 10:05 - 000195584 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\XCodec.dll
2023-06-08 22:49 - 2015-11-30 13:53 - 000283136 _____ () [File not signed] C:\Program Files (x86)\MTN Pocket Internet\XFramePlugin.dll
2023-06-08 22:51 - 2009-06-23 02:42 - 000043008 _____ () [File not signed] C:\ProgramData\MTN Pocket Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2023-06-08 22:51 - 2009-01-10 18:32 - 000011362 _____ () [File not signed] C:\ProgramData\MTN Pocket Internet\OnlineUpdate\mingwm10.dll
2023-06-08 22:51 - 2013-08-31 05:44 - 002417152 _____ () [File not signed] C:\ProgramData\MTN Pocket Internet\OnlineUpdate\QtCore4.dll
2023-06-08 22:51 - 2013-08-31 05:46 - 001148416 _____ () [File not signed] C:\ProgramData\MTN Pocket Internet\OnlineUpdate\QtNetwork4.dll
2023-07-02 02:07 - 2023-09-18 13:19 - 002862080 _____ () [File not signed] C:\Users\Elder Arthur-Kaye\AppData\Local\Programs\bluestacks-services\ffmpeg.dll
2023-07-02 02:07 - 2023-09-18 13:19 - 000479232 _____ () [File not signed] C:\Users\Elder Arthur-Kaye\AppData\Local\Programs\bluestacks-services\libegl.dll
2023-07-02 02:07 - 2023-09-18 13:19 - 007513600 _____ () [File not signed] C:\Users\Elder Arthur-Kaye\AppData\Local\Programs\bluestacks-services\libglesv2.dll
2023-07-02 02:07 - 2023-09-18 13:19 - 005209088 _____ () [File not signed] C:\Users\Elder Arthur-Kaye\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll
2009-08-16 17:45 - 2009-08-16 17:45 - 000100864 _____ (SFX TeAm) [File not signed] C:\Program Files (x86)\SuperCopier2\SC2ShellExt64.dll
2022-06-23 00:43 - 2022-06-23 00:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Elder Arthur-Kaye\AppData\Local\MEGAsync\Qt5Core.dll
2023-06-08 22:49 - 2013-12-05 10:36 - 000176128 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\MTN Pocket Internet\mcciwin32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.linkzb.com
SearchScopes: HKU\S-1-5-21-1494128663-690690108-2164932681-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2023-07-21] (IObit CO., LTD -> IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2023-06-30 00:12 - 2023-07-11 20:37 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1494128663-690690108-2164932681-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 8.8.8.8 - 196.201.62.141
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66223C83-FE69-4293-8FD5-4B838BA1E1BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{39274BFE-3285-496B-9CAF-205D3587DBDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DCE0816-3107-4D78-A32A-F6CFD9642B18}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{97AE7EB5-FC69-4E2E-A239-9889B71DB904}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{37ED8BAF-969A-46B6-A4BC-28822560D904}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A4F22D1B-8362-4F1D-9A7C-6DDCB372FA65}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\ShareModule32\Kernel\DMS\CLMSServerPDVD22.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{4D7D3F4A-7C4B-4BAA-A4A0-A3CAE5F8DBE7}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\PowerDVD22Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{34CFC767-33CB-47E7-90A6-7FF54484D45A}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{34DC78CC-9B79-4F8E-AD2E-6072746689D6}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AA6692ED-5BD8-421B-8AE7-C7122BDBFC09}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5D26F17E-0647-48B5-99D8-FA6EB6FA5CC3}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F32BCC06-4D38-498A-AB0C-45F046638C7C}] => (Allow) C:\Program Files\CyberLink\PowerDVD22\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{56BE8A39-9199-4F82-9556-8A9C24B606CC}] => (Allow) LPort=31302
FirewallRules: [{F9B44B28-0BF7-4555-8602-9BD91A860093}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [{A1817577-4D10-4EDC-B3B3-939C2C8245DE}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [{3875AD8D-E48A-4907-AD16-499264D4C482}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [{D0E26A77-59C9-4C40-AAC5-FD0A088E30CE}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [{63DD4788-239D-4B95-AE34-5071C835C205}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [{AF19D4A6-1C42-45F8-A65A-20595BC7FE9B}] => (Allow) C:\Users\Elder Arthur-Kaye\Downloads\Programs\AnyDesk.exe => No File
FirewallRules: [TCP Query User{57C6766A-00DB-4F59-BD7B-3277D7A9AD2D}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{8AFBF9CD-02B6-4FFF-ABA7-60E2E1A0A42C}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [{609A5A28-9890-4602-BF2A-1764E6B23349}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{4D95152C-593D-4C51-9E1F-CDF4C03C87E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{FA558361-CDC4-4EFC-AD04-2026CFA22CE1}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{53B88978-46AB-4EF7-A426-26B2ED99FCBE}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{84D36065-3EC3-4F49-A46E-4576E3EC7F8C}C:\users\elder arthur-kaye\appdata\local\mightytext\app-6.1.7\mightytext.exe] => (Allow) C:\users\elder arthur-kaye\appdata\local\mightytext\app-6.1.7\mightytext.exe (Openphone Inc. -> MightyText)
FirewallRules: [UDP Query User{54A707C0-4BDC-4D42-9AFC-9FDC71E9032E}C:\users\elder arthur-kaye\appdata\local\mightytext\app-6.1.7\mightytext.exe] => (Allow) C:\users\elder arthur-kaye\appdata\local\mightytext\app-6.1.7\mightytext.exe (Openphone Inc. -> MightyText)
FirewallRules: [{3B9F0AD4-E635-4DC0-A8B8-7DCC733FB759}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{A370DDA8-9272-41B5-A385-0E4FC1447168}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [{BDDD562A-FEFA-4B37-81AA-E962A084E7BD}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{7B8355B6-6764-42B7-951F-0411D7FAA4C1}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{F69603FA-DBB9-4096-920E-20D8FFD5119C}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{AA5EB965-461C-44B7-9852-78CFFC270F36}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{5FFF460C-0563-42A4-AE8D-91B4E6EA718B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4CD30B9-7209-4603-BBB5-A89A511370F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D325B1F2-A280-49F0-A8B1-D89E099C931B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F1580A7-9E0A-493E-8420-6EB54E70169B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8DBFCE1-F10A-4482-968A-B7D692D0B569}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C145EB68-595F-4852-A910-97979053FD4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D67C325C-533E-47F6-9DE0-7C2407C575A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B5DF1C74-A618-4DEC-8752-C44801F2E346}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F0F5F9CA-C54E-461C-8E74-05CDC175ACA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C25D8AD2-774B-43C0-86C4-8144DD10F8A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{845D87B1-ECE6-4AA0-9BDE-EF19CC472987}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{64E16FD1-D11A-4FB8-9899-8C30BCFD7797}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{22D8D891-4B1B-4FCA-9F8B-0EED73CD8937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AEC3ED1A-15B4-4602-B537-0B4E8327BF9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7089760C-D46C-4F59-9DE7-AED75804C1E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{35AF999A-0602-4434-8873-CC6FF3891044}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{222D71DE-7DA5-423A-969A-6DE295EF804B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{F4D25EB6-6AFF-4324-A841-0DD423DCC722}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{436A5FA3-792F-43B0-8D8C-7FA742486632}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CBA762C5-4E90-44BA-85C7-76E4571AA204}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{9CFD9468-F58B-4AA0-AB31-08BF87AA4C51}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3D18CAE0-F962-46D7-AEB2-5BB373E9D11B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Restore Points =========================
15-09-2023 21:49:58 Scheduled Checkpoint
16-09-2023 10:29:23 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/15/2023 09:49:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete re-trim on DATA (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/15/2023 09:49:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete re-trim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
System errors:
=============
Error: (09/20/2023 10:58:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The MessagingService_50357 service terminated with the following error:
The device is not ready.
Error: (09/20/2023 10:58:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MTN Pocket Internet. RunOuc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/20/2023 10:58:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the MTN Pocket Internet. RunOuc service to connect.
Error: (09/18/2023 03:57:58 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (09/18/2023 03:57:58 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (09/18/2023 03:57:29 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (09/18/2023 03:57:29 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (09/18/2023 03:57:06 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Windows Defender:
================
Date: 2023-09-21 00:57:03
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Fakecsrss.A
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Elder Arthur-Kaye\AppData\Roaming\terra.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Elder Arthur-Kaye\Desktop\FRST64english.exe
Security intelligence Version: AV: 1.397.1174.0, AS: 1.397.1174.0, NIS: 1.397.1174.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-21 00:57:02
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Users\Elder Arthur-Kaye\AppData\Roaming\KMSpico-setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Elder Arthur-Kaye\Desktop\FRST64english.exe
Security intelligence Version: AV: 1.397.1174.0, AS: 1.397.1174.0, NIS: 1.397.1174.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-18 17:02:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-18 16:40:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-17 04:59:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-09-18 16:40:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. 1.80 01/27/2014
Motherboard: TOSHIBA Portable PC
Processor: AMD A6-5200 APU with Radeon HD Graphics
Percentage of memory in use: 62%
Total physical RAM: 7634.36 MB
Available physical RAM: 2861.5 MB
Total Virtual: 8850.36 MB
Available Virtual: 2903.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:140 GB) (Free:50.79 GB) (Model: WDC WD5000LPLX-60ZNTT1) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (MTN) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
Drive e: (DATA) (Fixed) (Total:325.19 GB) (Free:206.13 GB) (Model: WDC WD5000LPLX-60ZNTT1) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:48.25 GB) (Model: WDC WD5000LPLX-60ZNTT1) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2E340C41)
Partition 1: (Active) - (Size=140 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=325.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================