==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\sharepoint.com -> hxxps://goteam1-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 17:14 - 2022-07-15 05:19 - 000000859 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 keystone.mwbsys.com
2021-11-26 19:01 - 2022-04-22 00:08 - 000000571 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
1 616
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\valynth\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\FSeF846VIAAfra2.jpg
HKU\S-1-5-21-2297796880-1066376711-690406554-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\denise\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2297796880-1066376711-690406554-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "PenTablet"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\Run: => "LenovoVantageToolbar"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2297796880-1066376711-690406554-1002\...\StartupApproved\Run: => "Toolkit"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{57AE0A01-6475-4304-80F4-2F028D5D1F2F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{941B36A9-7FC9-47B5-939D-AD1EC0F3F584}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E43AD11C-FA51-41A5-B672-DA7F77D0B401}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE8D417E-0885-48FE-B935-2103F2AE2C36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7239D2B4-49E6-4F4F-A530-61D8A85A06CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3652B230-C0C0-48FA-986A-76D02E35D161}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A476E0E-A2C7-4D01-AC36-0FF006E23184}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{4EDE7D84-66DF-4F1E-83CB-3E6B893DB798}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{29DB9FCA-D3C4-41F6-B82F-D76BB8F52F1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28C9C66B-176F-4507-AE92-565D019DDD2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DF7920A-D614-4479-A39E-13493ED0B5C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F486CB41-EAD8-4ED1-A789-E724B903C87E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B50BE12-0455-4099-A16B-CB073C83A64A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D97D4F8-5488-4788-9A50-57317DADDEBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{465B4D58-8EF3-4ACF-A5E8-5C562F87288C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{231856DD-6D1D-4B65-B57F-9A201183591E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7226FCD-3A11-484B-AC29-180B5CDB53D1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F35FC24C-0149-49C0-B029-65144D08159E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{195875D4-385A-4659-8FCD-BB56BD8B02B0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8EEA5ABF-1B63-4A84-9AFA-EC669EE02524}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD4DF0EB-0CDE-48D3-ADE1-14255782C788}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{42FEFBB2-AECB-4126-844D-9B1C846627F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DC8B4433-3AEF-41BA-B7C7-A4FBC741EDA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{02FB27C0-DA68-4388-BEB9-D680B63D1DA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{97CBEC1B-6985-47B4-B912-87F1538D1476}] => (Allow) LPort=80
FirewallRules: [{58264059-A0B4-4457-964C-99D80809E5AB}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{4D38396A-418A-4DA0-96DB-7605B9A5DC84}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{10395400-1380-41DA-9348-060BC08B5B0C}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [{0F310EB6-B407-477B-84E7-88FF30BBD210}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{9AFC6A21-8B33-4C1A-889F-5B883C9DDDEC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE754E60-2470-4E51-B45D-8EC0EE842B11}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2C607C-305D-412F-A067-6F0771F1CB42}C:\users\valynth\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\valynth\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{EE171744-7A10-46D8-A77A-05C20E865BCE}C:\users\valynth\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\valynth\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{FDD8EE93-0831-409B-9404-C7033DA50C91}C:\users\valynth\appdata\local\sidekick\application\sidekick.exe] => (Allow) C:\users\valynth\appdata\local\sidekick\application\sidekick.exe (Push Play Labs Inc -> PushPlayLabs, Inc.)
FirewallRules: [TCP Query User{B7C19B2C-AFC1-41BE-9083-8C6729CC2CFB}C:\users\valynth\appdata\local\sidekick\application\sidekick.exe] => (Allow) C:\users\valynth\appdata\local\sidekick\application\sidekick.exe (Push Play Labs Inc -> PushPlayLabs, Inc.)
FirewallRules: [UDP Query User{1EEFB71B-E438-4688-8C38-6D1348DF0F9B}C:\users\valynth\appdata\local\sidekick\application\sidekick.exe] => (Allow) C:\users\valynth\appdata\local\sidekick\application\sidekick.exe (Push Play Labs Inc -> PushPlayLabs, Inc.)
FirewallRules: [TCP Query User{01EFA2A3-566B-4D5B-835F-3D203F8B558D}C:\users\valynth\appdata\local\sidekick\application\sidekick.exe] => (Allow) C:\users\valynth\appdata\local\sidekick\application\sidekick.exe (Push Play Labs Inc -> PushPlayLabs, Inc.)
FirewallRules: [UDP Query User{02E8533F-47C6-4DF2-BCFD-E3D78FF948B4}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{933E0C05-B991-4DED-80B4-60C3002AAE63}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1C470B6E-454E-496E-8725-C937CFDCAD5C}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{072F1448-49C9-4ECD-BF0D-7866E110E97D}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{1E81DC67-2048-4539-9671-47E7457A7DCD}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [UDP Query User{B29D888A-2D40-4FE9-9494-5BB258E597A8}C:\users\valynth\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\valynth\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{A9F7C08D-B8D7-4936-B8F6-30898400903F}C:\users\valynth\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\valynth\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{18D84DEE-9D7D-45C9-B179-229C35FAAAE8}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{B028603F-5D9B-4883-B00F-0189406C3A3E}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{53DDAC35-72B6-480E-875A-776ECC96DEFB}C:\users\valynth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\valynth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5317ED43-7DA5-4C3F-A86E-586FFA8B2523}C:\users\valynth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\valynth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5059077-6F7C-4092-875B-0BE51D17C6D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F9D51B3D-76C9-4A30-B268-4151793EBFC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{014A1B32-2300-41BF-A7ED-A2230AF6F3BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F640AB0F-73BC-4FFA-9FCA-305C854C0D89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{47F8B96F-7C30-4432-965F-559C900F9421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3D67CCA2-FFBE-4110-AF57-28A6672062E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6FFB4E1E-BFC4-49DA-8589-0914EC5BA797}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2C2E657C-04C7-4552-BE62-17217574A412}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{63F39249-79AD-49D5-B083-6F946D4285E7}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1FC6A7DE-3FEA-4F34-84D2-63DBF5F4686D}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{412A3EF2-6203-45E6-A1C1-5A09DC4B1681}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{596B2C99-F9A8-40E7-89D3-2B3CDCDC834A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{462784B2-1299-4222-82FE-AC66B5B641CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30E1AE7A-192E-4D5E-B083-9A444E29F86A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BD3FF2C-6E2E-4AE6-B31C-AD94754A3FFD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C3F05FB-8BC9-441F-BBB6-7A5F2A839867}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30B64F18-1999-47C4-B8F1-598D4201EA4B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30C5CA5D-5A03-45A4-BBCE-CE59609E57A6}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{8CD88A12-3239-4F53-8BFB-2DB2369D46BE}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{046B55BC-53D6-409C-9A0C-582D73A25F2A}] => (Allow) C:\Users\valynth\AppData\Local\Programs\Opera\82.0.4227.23\opera.exe => No File
FirewallRules: [{91456C03-D3F0-4550-9BBB-011D2DBE3F01}] => (Allow) C:\Users\valynth\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CEFA0625-1B31-4F04-BE42-EE23BC350C18}] => (Allow) C:\Users\valynth\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{725252EC-DAF7-4FDC-B342-8B1070E88074}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0FE7523-9D65-418B-AB96-81C2744A1132}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{435D7875-9B0C-4A98-9130-ED7288E22E5C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3F88A38-3414-4994-A8B6-28FC86C894BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DC0D8B4F-4FF0-40EF-994B-49305093C9E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F1E6C987-A785-4CA3-B2B0-0166DD5A05FE}] => (Allow) C:\Users\valynth\AppData\Local\Programs\Opera\81.0.4196.60\opera.exe => No File
FirewallRules: [{B70431BD-7526-4B74-95E8-6617CEC625B2}] => (Allow) C:\Users\valynth\AppData\Local\Programs\Opera\81.0.4196.54\opera.exe => No File
FirewallRules: [{06145C1C-57B1-47D4-AA37-7164C844FA8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9D7AE8FD-B65B-467B-A299-1E081554DF0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{004BA257-284A-4EB2-8BAA-41D71BF725BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CA524D9B-D864-4858-8B75-11A4C4DB2CE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{FF6907DE-A5C6-4DD4-A9A0-E9C5C60361BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9E210B7A-B0E0-4C28-8127-8A572E860AD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{09DDEC58-1890-45F0-979E-31B520C217B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{36D6DCCB-DB62-464F-99B8-1FA9B7909947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2FA4221E-45D4-4094-A444-942D2A3C4698}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F2B62415-1D71-4046-8F58-95632FC61058}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{48FBE407-70B4-4A53-A501-6D2EF7B846FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EACD7767-B18A-4875-830C-6865E0500E55}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{BCEB237F-29F0-4825-8353-E1DBC69C2D6B}C:\users\valynth\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\valynth\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{4EAAD9A1-DADB-4A18-9368-BCEA140699C9}C:\users\valynth\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\valynth\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F459BCB1-F8F9-4CDB-85C8-6F82C1D69A20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A772FA5-4272-48EC-9FED-2590ECFA0C75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D0DFE593-BBFC-48E1-A817-070A23491572}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64DBC22A-2071-4BF3-86BF-E5C9DC63A1E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3A5EDAFA-2F0C-4D08-9756-C4A2088CFC7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{FB87F1F9-0FC0-4ECF-BE04-9A2F33F4D2F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D7CCB059-D6DA-409E-BDB9-FFB644272F01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{466FC1B8-6CA1-4BCB-8A6A-A187CBCBC4B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2923BCC8-770B-450B-9B57-71EC3F0A27E5}] => (Block) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [TCP Query User{6C1F4045-C275-491F-978A-158E2211EEB3}C:\program files\windowsapps\spotifyab.spotifymusic_1.167.586.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.167.586.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{A3D06926-4057-4CF3-80B3-70294F12ADB9}C:\program files\windowsapps\spotifyab.spotifymusic_1.167.586.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.167.586.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{AC170D5E-029B-4BE0-86D8-5D3DDC662008}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{7A1623BE-89B9-4380-9442-BD0754617B19}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [TCP Query User{24B48657-A8F8-41A6-BD25-6308A5F56923}C:\program files (x86)\neatreader\neatreader.exe] => (Allow) C:\program files (x86)\neatreader\neatreader.exe => No File
FirewallRules: [UDP Query User{1B79E296-1A6B-4BDC-AAF4-B167AB7D1095}C:\program files (x86)\neatreader\neatreader.exe] => (Allow) C:\program files (x86)\neatreader\neatreader.exe => No File
FirewallRules: [TCP Query User{5AE868B8-7DD4-4188-B1CD-376E28D50723}C:\users\valynth\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\valynth\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{10DD2875-E08A-4375-A35E-329C4FFF4207}C:\users\valynth\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\valynth\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{20769638-5F9D-4CD1-B54F-AD159A64FD67}] => (Allow) C:\Users\valynth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C42E234F-B0F9-478A-9D1D-323F33C7F45C}] => (Allow) C:\Users\valynth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F645FAA3-5FAA-4D1B-AE81-7098A11B7D83}] => (Allow) C:\Users\valynth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AB89D474-20EA-4B86-B980-2CA521116E0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1573C3B3-4173-4E9F-AB9A-D138129245CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C984A893-88D0-420A-BBC9-68DD56A16025}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9B7E8650-21D4-4167-93DA-7424ECBB27A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BE233D8B-2930-4C27-A93A-E507BD640190}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5AC811AB-24C6-4788-B9ED-5D0CFB4BFA15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9E61B673-2630-4AFE-84D3-0E0EAC0B9C42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BC6BF9F2-C739-4B13-AA9F-FC64FC8E9042}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [TCP Query User{FC8E815C-0270-4964-AC33-1DC9AF07D1A8}C:\program files (x86)\toolkit\toolkit.exe] => (Block) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{28D96820-CB3A-4D9A-ADAD-2ACB20C74108}C:\program files (x86)\toolkit\toolkit.exe] => (Block) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [{72FD6913-3719-4A43-9AED-52D5758CF473}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2AC0733C-147C-4869-B55B-145894263CE8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6A4C6653-B3D5-4B98-B2EC-100DE81F2A89}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED75740D-7CED-4DD9-BBAC-5EABD6E9AEF6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/02/2023 06:27:40 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\VALYNTH$ via
https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 10:27:43 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: facf61c9-41ce-4042-a05e-c94d1c14031f
Method: GET(6421ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/02/2023 05:45:08 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\VALYNTH$ via
https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 09:45:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8cbc8c04-3846-4514-b758-7e3a62557fe9
Method: GET(1344ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/02/2023 05:05:49 PM) (Source: Application Error) (EventID: 1000) (User: VALYNTH)
Description: Faulting application name: ctfmon.exe, version: 10.0.22621.1, time stamp: 0xf4b8fb49
Faulting module name: InputService.dll, version: 10.0.22621.1105, time stamp: 0x37d665b1
Exception code: 0x00000675
Fault offset: 0x00000000000a05c8
Faulting process id: 0x0x3e48
Faulting application start time: 0x0x1d936e050226be1
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\system32\InputService.dll
Report Id: b7bd5221-fb17-49d6-89a8-a4874cb183ef
Faulting package full name:
Faulting package-relative application ID:
Error: (02/02/2023 04:28:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 4912, ProfSvc PID: 2104.
Error: (02/02/2023 04:28:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 4912, ProfSvc PID: 2104.
Error: (02/02/2023 04:27:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\VALYNTH$ via
https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 08:27:26 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: b3f4ac28-9832-47a2-8271-bf1baa8ed0e4
Method: GET(1000ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/02/2023 04:10:04 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: VALYNTH)
Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy-2147024662
Error: (02/02/2023 04:04:56 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (30956,P,98) TILEREPOSITORYS-1-5-21-2297796880-1066376711-690406554-500: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).
System errors:
=============
Error: (02/02/2023 06:21:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The System Interface Foundation Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LenovoVantageService service terminated unexpectedly. It has done this 1 time(s).
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Lenovo Notebook ITS Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The FileSyncHelper service terminated unexpectedly. It has done this 1 time(s).
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Universal Device Client Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The RogueKiller RTP service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (02/02/2023 06:21:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Windows Defender:
================
Date: 2023-02-02 15:40:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
CodeIntegrity:
===============
Date: 2023-02-03 10:57:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO EECN35WW 04/16/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 4700U with Radeon Graphics
Percentage of memory in use: 71%
Total physical RAM: 15742.16 MB
Available physical RAM: 4407.96 MB
Total Virtual: 25810.28 MB
Available Virtual: 2717.71 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:171.39 GB) (Model: SAMSUNG MZALQ512HALU-000L2) NTFS
Drive g: (Google Drive) (Fixed) (Total:475.69 GB) (Free:162.82 GB) (Model: SAMSUNG MZALQ512HALU-000L2) FAT32
\\?\Volume{3797ef98-3804-4cd8-bf11-4ca4c08440fd}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{72199305-12a4-43b7-9e12-de2da08660e9}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: F194FA30)
Partition: GPT.
==================== End of Addition.txt =======================