0% found this document useful (0 votes)

65 views12 pages

HHHH

The document provides the results of a scan of the system. It finds several installed programs, Windows components, shortcuts, and other files. The scan appears to be from a system cleanup or security tool run on a Windows 8.1 system.

Uploaded by

Mohamed Husseini

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

65 views12 pages

HHHH

Uploaded by

Mohamed Husseini

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 12

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2023

Ran by YAOMH1 (16-07-2023 04:56:39)

Running from C:\Users\YAOMH1\Documents
Microsoft Windows 8.1 (Update) (X64) (2023-06-12 04:41:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3957642251-2528715432-444061663-500 - Administrator -

Disabled)
Guest (S-1-5-21-3957642251-2528715432-444061663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3957642251-2528715432-444061663-1003 - Limited - Enabled)
YAOMH1 (S-1-5-21-3957642251-2528715432-444061663-1001 - Administrator - Enabled) =>
C:\Users\YAOMH1

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100})

(Version: 23.003.20244 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{34927EBC-98D4-4D53-98BE-510DF5999F50}) (Version:
17.0.0.124 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems
Incorporated)
Ayat (HKLM-x32\...\{41E2E6F7-F831-A443-D7D8-3B164D6B936F}) (Version: 1.4 - UNKNOWN)
Hidden
Ayat (HKLM-x32\...\sa.edu.ksa.ayat) (Version: 1.4 - UNKNOWN)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Chrone Browser (HKLM-x32\...\Chrone Browser) (Version: 86.0.4240.198 - iStart)
Cold Turkey Blocker (HKLM\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version:
4.4 - Cold Turkey Software, Inc.)
DriverPack (HKLM-x32\...\DriverPack) (Version: 17.11 - DriverPack)
Firefox Browser (HKLM-x32\...\Firefox Browser) (Version: 94.0.2 - iStart)
Free Video to JPG Converter (HKLM-x32\...\Free Video to JPG Converter_is1)
(Version: 5.1.1.1103 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.149 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA})
(Version: 10.18.14.5180 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:
6.41.15 - Tonec Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.115 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-
38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\
{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-
B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Opera Stable 95.0.4635.84 (HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\
Opera 95.0.4635.84) (Version: 95.0.4635.84 - Opera Software)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\
{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.31 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-
958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Telegram Desktop (HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\{53F49750-
6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.3 - Telegram FZ-LLC)
TOSHIBA Web Camera Application (HKLM-x32\...\{6F3C8901-EBD3-470D-87F8-
AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-
87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net
(06/19/2017 10.0.0.352) (HKLM\...\C62AA8965AA7A12E8CC7ABA42C597C2782C73C45)
(Version: 06/19/2017 10.0.0.352 - Qualcomm Atheros Communications Inc.)
WinRAR 6.22 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH)

Packages:
=========
Music -> C:\Program Files\WindowsApps\
Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2023-07-12] (Microsoft
Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\
Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2023-07-12] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\
Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2023-07-12] (Microsoft
Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3957642251-2528715432-444061663-1001_Classes\CLSID\
{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\
igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-
E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\
IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\
Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-04-02]
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\
Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} =>
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-
04-02] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No
File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>
-> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No
File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No
File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\
WINDOWS\system32\igfxDTCM.dll [2021-03-17] (Microsoft Windows Hardware
Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>
-> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\
Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander
Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\DriverPack.lnk -> C:\Program Files (x86)\

DriverPack\start.bat ()
ShortcutWithArgument: C:\Users\YAOMH1\Desktop\facebook.lnk -> C:\Users\YAOMH1\
AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> www.facebook.com
ShortcutWithArgument: C:\Users\YAOMH1\Desktop\Internet-Start.lnk -> C:\Windows\
System32\cmd.exe (Microsoft Corporation) -> /c start hxxp://internet-start.net/?
utm_source=beatle^&utm_medium=icon^&utm_campaign=desktop
ShortcutWithArgument: C:\Users\YAOMH1\Desktop\YouTube.lnk -> C:\Chrone\
chrome_proxy.exe (Cent Studio) -> --profile-directory=Default --app-
id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Windows\Start Menu\
Programs\Internet-Start.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
-> /c start hxxp://internet-start.net/?
utm_source=beatle^&utm_medium=icon^&utm_campaign=pin
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Windows\Start Menu\
Programs\Cent Browser Apps\YouTube.lnk -> C:\Chrone\chrome_proxy.exe (Cent Studio)
-> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Internet Explorer\
Quick Launch\Internet-Start.lnk -> C:\Windows\System32\cmd.exe (Microsoft
Corporation) -> /c start hxxp://internet-start.net/?
utm_source=beatle^&utm_medium=icon^&utm_campaign=pin
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Internet Explorer\
Quick Launch\User Pinned\TaskBar\facebook.lnk -> C:\Users\YAOMH1\AppData\Local\
Programs\Opera\launcher.exe (Opera Software) -> www.facebook.com
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Internet Explorer\
Quick Launch\User Pinned\TaskBar\Internet-Start.lnk -> C:\Windows\System32\cmd.exe
(Microsoft Corporation) -> /c start hxxp://internet-start.net/?
utm_source=beatle^&utm_medium=icon^&utm_campaign=pin
ShortcutWithArgument: C:\Users\YAOMH1\AppData\Roaming\Microsoft\Internet Explorer\
Quick Launch\User Pinned\ImplicitAppShortcuts\c999e1dcb7f93202\Cent Browser.lnk ->
C:\Chrone\chrome.exe (Cent Studio) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2014-04-02 02:25 - 2014-04-02 02:25 - 000011264 _____ () [File not signed] C:\
Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\
ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-02 02:22 - 2014-04-02 02:22 - 000086016 _____ () [File not signed] C:\
Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-02 02:29 - 2014-04-02 02:29 - 000033408 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\CommApi.dll
2014-04-02 02:29 - 2014-04-02 02:29 - 000203392 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\FolderViewImpl.dll
2014-04-02 02:29 - 2014-04-02 02:29 - 000085632 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\GattI.dll
2014-04-02 02:29 - 2014-04-02 02:29 - 000126592 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\gatts.DLL
2014-04-02 02:29 - 2014-04-02 02:29 - 000083072 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\Handsfree.dll
2014-04-02 02:29 - 2014-04-02 02:29 - 000034432 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\ipc.dll
2014-04-02 02:30 - 2014-04-02 02:30 - 000063104 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\ModuleManager.dll
2014-04-02 02:30 - 2014-04-02 02:30 - 001067648 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\OutlookLib.dll
2014-04-02 02:30 - 2014-04-02 02:30 - 000027264 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\TCPConnection.dll
2014-04-02 02:30 - 2014-04-02 02:30 - 000116352 _____ (Qualcomm Atheros ->
Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\
Bluetooth Suite\utils.dll
2014-04-02 02:23 - 2014-04-02 02:23 - 000308224 _____ (Qualcomm Atheros
Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth
Suite\Modules\LE\LE.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000210432 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\
audio.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000162304 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\
BasicPrintProfile\BPP.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000177152 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2014-04-02 02:22 - 2014-04-02 02:22 - 000018432 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2014-04-02 02:22 - 2014-04-02 02:22 - 000035840 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000421888 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\
FileTransfer\FileTransfer.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000096256 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\
GapSdp.dll
2014-04-02 02:19 - 2014-04-02 02:19 - 000097792 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\
goep.dll
2014-04-02 02:22 - 2014-04-02 02:22 - 000029696 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\
Hcrp.dll
2014-04-02 02:23 - 2014-04-02 02:23 - 000142848 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\
HealthDevice\HDP.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000091136 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\
l2caplib.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000066048 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\
OppOperation\OppOperation.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000067072 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\
pbap.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000063488 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\
rfcommlib.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000097280 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2014-04-02 02:25 - 2014-04-02 02:25 - 000087552 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\
sesmgr.dll
2014-04-02 02:24 - 2014-04-02 02:24 - 000055296 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2014-04-02 02:23 - 2014-04-02 02:23 - 000064512 _____ (Qualcomm®Atheros®) [File not
signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\
Sync.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8}

-> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-09]
(Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-
17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
[2021-11-09] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2023-07-15 17:51 - 000000855 _____ C:\WINDOWS\system32\drivers\

etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3957642251-2528715432-444061663-1001\Control Panel\Desktop\\Wallpaper
-> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled:
RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AtherosSvc => 2

MSCONFIG\Services: CCleanerPerformanceOptimizerService => 3
MSCONFIG\Services: pcapsvc => 2
MSCONFIG\Services: Power_a17007 => 2
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "ProxyCap"
HKLM\...\StartupApproved\Run32: => "SearcherBar"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\StartupApproved\
StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\StartupApproved\Run: =>
"IDMan"
HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\StartupApproved\Run: =>
"MicrosoftEdgeAutoLaunch_4D542A5D1C286362363C0CA8D57726FD"
HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\StartupApproved\Run: =>
"Firefox Browser"
HKU\S-1-5-21-3957642251-2528715432-444061663-1001\...\StartupApproved\Run: =>
"CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7990CD25-9AFA-4372-8640-30741187BA51}C:\users\

yaomh1\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\yaomh1\appdata\
local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{31C42AE9-3E81-421E-B729-B6D5A19D3D96}C:\users\
yaomh1\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\yaomh1\appdata\
local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)

==================== Restore Points =========================

14-01-2014 23:19:56 Removed CLINIC

14-01-2014 23:20:59 Installed CLINIC
13-07-2023 23:37:20 Removed Windows 8 Manager
14-07-2023 00:14:42 Installed Adobe Acrobat Reader DC.
14-07-2023 12:25:58 Removed CLINIC
14-07-2023 12:32:46 Installed CLINIC
14-07-2023 12:43:57 Removed CLINIC
14-07-2023 12:44:40 Removed ProxyCap
14-07-2023 23:10:13 Installed CLINIC

==================== Faulty Device Manager Devices ============

Name: SM Bus Controller

Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which
starts the Hardware Update wizard.

Name: Bluetooth Device (RFCOMM Protocol TDI)

Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This
starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)

Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This
starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Stereo

Description: Bluetooth Stereo
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for
this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the
troubleshooting wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (07/16/2023 05:06:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the
IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or
requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {aebc17f6-496b-42f8-877b-8c2618194949}

Error: (07/16/2023 04:43:35 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\
system32\mscoree.dll" failed. Performance data for this service will not be
available. The first four bytes (DWORD) of the Data section contains the error
code.

Error: (07/15/2023 07:32:56 PM) (Source: Microsoft-Windows-Immersive-Shell)

(EventID: 5973) (User: YAOMH)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!
Microsoft.ZuneVideo failed with error: -2144927142 See the Microsoft-Windows-
TWinUI/Operational log for additional information.

Error: (07/15/2023 07:32:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting
with Windows and was closed. To see if more information about the problem is
available, check the problem history in the Action Center control panel.

Process ID: cd4

Start Time: 01d9b742597c14d0

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\wwahost.exe

Report Id: a0e8e740-2335-11ee-8269-2c600c53b61c

Faulting package full name: Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneVideo

Error: (07/15/2023 07:32:55 PM) (Source: Microsoft-Windows-Immersive-Shell)

(EventID: 2486) (User: YAOMH)
Description: App
FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoMan
ager did not launch within its allotted time.

Error: (07/15/2023 07:32:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PhotosApp.exe version 6.3.9600.17418 stopped interacting
with Windows and was closed. To see if more information about the problem is
available, check the problem history in the Action Center control panel.

Process ID: c24

Start Time: 01d9b7425a871cfb

Termination Time: 4294967295

Application Path: C:\WINDOWS\FileManager\PhotosApp.exe

Report Id:

Faulting package full name:

FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: Microsoft.Windows.PhotoManager

Error: (07/15/2023 07:32:54 PM) (Source: Microsoft-Windows-Immersive-Shell)

(EventID: 2486) (User: YAOMH)
Description: App
Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe+Microsoft.ZuneVideo did not launch
within its allotted time.
Error: (07/15/2023 07:32:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.20512 stopped interacting
with Windows and was closed. To see if more information about the problem is
available, check the problem history in the Action Center control panel.

Process ID: 61c

Start Time: 01d9b7422b8abcba

Termination Time: 15

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 8a49a5b6-2335-11ee-8269-2c600c53b61c

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (07/16/2023 05:07:12 AM) (Source: DCOM) (EventID: 10010) (User: YAOMH)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register
with DCOM within the required timeout.

Error: (07/16/2023 05:05:12 AM) (Source: DCOM) (EventID: 10010) (User: YAOMH)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register
with DCOM within the required timeout.