The PC has started acting up over the last few months and got progressively worse. Initially, general speed got noticeably slower all of a sudden, particularly startup. I played along with this for a few months. Then, more recently (last few weeks), WiFi connection speed via my USB adaptor slowed right down to a consistent 8m/s download from a consistent 50m/s. Very old, cheap, wifi adaptor from China so I thought that was likely cause and binned it. Bought new adaptor, (modern one from high street seller, not cheap crap from China). It refused to work unless I manually set the wifi protocol to IEEExxx/n every time I start the PC. ***EDIT - I tried to cure this by installing Windows updates.*** Then, within a day, the PC failed to boot. Tried several of the recovery options in this order: auto repair, system restore, full reset. None successful but when returning to PC after reset it had started up and was displaying a message saying the reset was unsuccessful. Since then all seems to be working fine with the exception of slow startup. Just waiting for it to die again, would appreciate some assistance to give it a check over as it belongs to my teenage son so there may be all manner of nasties lurking so far undetected.
Help gratefully received, thank you! Logs below:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by maxxy (administrator) on DESKTOP-JSB8L0E (Gigabyte Technology Co., Ltd. B550M DS3H) (13-02-2023 19:56:19)
Running from C:\Users\maxxy\Desktop
Loaded Profiles: maxxy
Platform: Microsoft Windows 11 Home Version 22H2 22621.963 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <52>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\WINDOWS\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\WINDOWS\System32\RtkAudUService64.exe <2>
(services.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(svchost.exe ->) (iolo technologies, LLC -> iolo technologies, LLC) [File not signed] C:\Program Files (x86)\Phoenix360\System Mechanic\ioloGovernor64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [MicrosoftEdgeAutoLaunch_EA410C61FB31D73AFA3C71DD38F22C9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32613856 2022-04-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Discord] => C:\Users\maxxy\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7313360 2022-04-21] (Voicemod Sociedad Limitada -> Voicemod)
HKLM\...\Print\Monitors\EPSON Universal Print Driver 64MonitorBE: C:\Windows\system32\E_2LM0DE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [134872 2022-12-03] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
AppInit_DLLs-x32: C:\PROGRA~1\VIRTUA~1\VIRTUA~3.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector32.dll [114904 2022-11-30] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0418EB53-E754-4DDB-AF11-8778E3C6D314} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {19BFBE79-ADBF-4B24-B0BF-6C2E7393A663} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {202FAAA2-A05F-4EEA-8C68-1B643FE31001} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {33942BC2-782A-4FE3-B955-8643255A0AE0} - System32\Tasks\ioloSystemShield => C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe [344304 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {441F6C7F-8BAB-44C7-A14A-6C53C7CDE757} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveMessenger.exe [323328 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {4608EE82-2324-4B9F-B280-4CAECD489D08} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\Phoenix360\System Mechanic\iologovernor64.exe [713648 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) [File not signed]
Task: {47CCF1DC-86EC-4F7E-B333-ECA12ECB9E05} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files (x86)\Phoenix360\System Mechanic\SSDefs.exe [134888 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {5C93D029-D6DD-4A3B-A3D8-E1A45CCE348A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5D6F7FD4-CF08-481C-8327-94DE8C184853} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {87FACB63-E6D8-4842-9D68-C183027AD9F3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {93DB6238-2CE7-44C1-BB42-8AF9C66F7A75} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {95CB09EA-1ADC-4A59-AB41-BBEB7ABA4C51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96B3D3BF-F4AD-4E73-871C-1E1858C5105B} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-10-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C59FF48-5D64-410E-B834-911D96546B6E} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\Phoenix360\System Mechanic\systemmechanic.exe [414968 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {B0815A57-15C1-47BD-9760-679B30CB5076} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {B0C596CC-ABE3-4972-909F-5A466C1EC69C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BA34769F-FB6D-458D-9A38-028113600E69} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {BBFA1805-340F-4F5F-BD50-75540A53D069} - System32\Tasks\ioloTUDsDownloader => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {BDA47919-4A96-4370-B35B-C6C257713B10} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C03A0CA9-61E4-447F-BB1D-E6E19E9BAB96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D7450E21-60F9-4049-BEDD-F844E64E9DCA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E7F32B52-A864-4614-BE72-56AECBE24658} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EBD8D12C-7D6F-4410-900E-C9B361FD2B1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED342AD8-BAF0-4B18-A8E7-03A88E6D4508} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FE0C3551-D3FE-422A-8031-89B2FBEA8EED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1acad439-652f-45f3-a3ff-e410298e2d98}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1eb97fbb-e8b2-4061-b146-11cd0c7910fa}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{595ff362-39cb-43c0-98e0-46e620079cc4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c646682c-8898-42ab-812b-3452646595dc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-13]
Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.duolingo.com
Edge HomePage: Default -> hxxp://www.google.co.uk/
Edge StartupUrls: Default -> "hxxps://www.google.co.uk/"
Edge Extension: (Google Docs Offline) - C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-12-25] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [231528 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [205928 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [81512 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-03-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-16] (Microsoft Windows -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-16] (Microsoft Windows -> Microsoft Corporation)
S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1163480 2022-12-19] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [10657496 2022-12-16] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [129696 2022-04-29] (Skutta, Kristjan -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-04] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-16] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-09] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-09] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46600 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22536 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [44936 2022-05-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [77864 2022-05-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2022-03-08] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-13 19:56 - 2023-02-13 19:57 - 000022449 _____ C:\Users\maxxy\Desktop\FRST.txt
2023-02-13 19:56 - 2023-02-13 19:56 - 000000000 ____D C:\Users\maxxy\Desktop\FRST-OlderVersion
2023-02-13 19:55 - 2023-02-13 19:56 - 002378240 _____ (Farbar) C:\Users\maxxy\Desktop\FRST64.exe
2023-02-13 19:55 - 2023-02-13 19:56 - 000000000 ____D C:\FRST
2023-02-13 19:53 - 2023-02-13 19:54 - 000000000 ____D C:\Users\maxxy\Desktop\PC Maintenance Tools - Do Not Delete
2023-02-13 19:42 - 2023-02-13 19:43 - 008995336 _____ (Piriform Software Ltd) C:\Users\maxxy\Downloads\spsetup132 (1).exe
2023-02-12 20:55 - 2023-02-12 21:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-12 20:16 - 2022-10-14 17:40 - 000001491 _____ C:\Users\Public\Desktop\Riot Client.lnk
2023-02-12 20:16 - 2022-09-23 18:45 - 000001627 _____ C:\Users\Public\Desktop\VALORANT.lnk
2023-02-12 19:49 - 2023-02-12 21:01 - 000000000 ____D C:\$Windows.~BT
2023-02-12 19:49 - 2023-02-12 20:36 - 000000000 ___HD C:\$SysReset
2023-02-12 14:08 - 2023-02-12 14:08 - 000000000 ___HD C:\$WinREAgent
2023-02-11 14:36 - 2023-02-11 14:36 - 001726298 _____ C:\Users\maxxy\Desktop\dofe-self-teach-workbook-1 (2).pdf
2023-02-11 13:58 - 2023-02-11 13:58 - 001705187 _____ C:\Users\maxxy\Downloads\dofe-self-teach-workbook-1 (1).pdf
2023-02-11 13:38 - 2023-02-11 13:38 - 001698940 _____ C:\Users\maxxy\Downloads\dofe-self-teach-workbook-1.pdf
2023-02-11 13:36 - 2023-02-11 13:37 - 000000000 ____D C:\Users\maxxy\AppData\LocalLow\Adobe
2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\com.adobe.dunamis
2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\AppData\Local\SolidDocuments
2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\.ms-ad
2023-02-11 13:30 - 2023-02-11 13:30 - 000000000 ____D C:\Program Files\Adobe
2023-02-11 13:27 - 2023-02-11 13:37 - 000000000 ____D C:\ProgramData\Adobe
2023-02-11 13:27 - 2023-02-11 13:30 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-02-11 13:25 - 2023-02-11 13:37 - 000000000 ____D C:\Users\maxxy\AppData\Local\Adobe
2023-02-11 09:38 - 2023-02-12 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2023-02-11 09:36 - 2023-02-12 10:18 - 000000000 ____D C:\Users\maxxy\AppData\Local\TP-Link
2023-02-11 09:36 - 2023-02-11 09:36 - 000000000 ____D C:\ProgramData\TP-Link
2023-02-11 09:35 - 2023-02-11 09:35 - 047560044 _____ C:\Users\maxxy\Downloads\Archer T3U(EUUS)_V1_180724_Win.zip
2023-02-10 20:23 - 2023-02-12 10:19 - 000000000 ____D C:\Users\maxxy\AppData\Local\MicroApp
2023-02-10 20:23 - 2023-02-12 10:18 - 000000000 ____D C:\Users\maxxy\AppData\Local\ServiceApp
2023-02-10 20:23 - 2023-02-10 20:23 - 000000000 ____D C:\Program Files\Edge Extension
2023-02-10 19:04 - 2023-02-10 19:04 - 000000016 _____ C:\Users\maxxy\Desktop\pword.txt
2023-01-15 17:43 - 2023-02-12 10:19 - 000000000 ____D C:\Users\maxxy\AppData\Local\Home2
2023-01-15 17:43 - 2023-01-15 18:11 - 000000000 ____D C:\Users\maxxy\Documents\Dash
2023-01-15 17:43 - 2023-01-15 17:43 - 000000000 ____D C:\Users\maxxy\AppData\LocalLow\Oculus
2023-01-15 17:35 - 2023-02-11 14:43 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\OculusClient
2023-01-15 17:35 - 2023-02-05 17:39 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Oculus
2023-01-15 17:35 - 2023-01-15 17:37 - 000000000 ____D C:\ProgramData\Oculus
2023-01-15 17:26 - 2023-02-12 10:19 - 000000000 ____D C:\Program Files\Oculus
2023-01-15 17:26 - 2023-01-15 17:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2023-01-15 16:44 - 2023-02-11 14:49 - 000000000 ____D C:\Users\maxxy\AppData\Local\Oculus
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-13 19:49 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-13 19:49 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-13 19:49 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-13 19:43 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-02-13 19:43 - 2021-12-30 16:46 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2023-02-13 19:42 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF
2023-02-13 19:33 - 2021-12-26 06:08 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-13 19:33 - 2021-12-26 06:08 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-02-13 19:29 - 2021-12-25 22:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-13 19:25 - 2022-10-09 18:46 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-13 19:25 - 2022-10-09 18:46 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-13 19:25 - 2022-01-03 19:27 - 000000000 ____D C:\Users\maxxy\AppData\Local\CrashDumps
2023-02-12 21:04 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Local\D3DSCache
2023-02-12 20:57 - 2022-10-09 18:44 - 000013338 _____ C:\WINDOWS\diagwrn.xml
2023-02-12 20:57 - 2022-10-09 18:44 - 000013338 _____ C:\WINDOWS\diagerr.xml
2023-02-12 20:56 - 2022-10-09 18:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-12 20:55 - 2021-12-26 06:06 - 000012288 ___SH C:\DumpStack.log.tmp
2023-02-12 20:53 - 2022-10-09 12:54 - 000000000 ___DC C:\WINDOWS\Panther
2023-02-12 20:44 - 2022-09-23 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-02-12 20:44 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-12 20:44 - 2021-12-30 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2023-02-12 20:44 - 2021-12-30 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-02-12 20:44 - 2021-12-25 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-02-12 19:51 - 2022-06-19 12:34 - 000000000 __SHD C:\found.000
2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-12 14:18 - 2022-05-07 05:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-12 14:15 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-12 14:02 - 2021-12-26 01:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-12 13:58 - 2021-12-26 01:08 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-12 13:47 - 2022-10-09 14:21 - 000000000 ____D C:\Users\maxxy
2023-02-12 10:22 - 2021-12-26 11:03 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-02-12 10:21 - 2022-05-07 10:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-02-12 10:21 - 2022-05-07 10:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-02-12 10:21 - 2022-05-07 10:17 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Com
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\IME
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-02-12 10:21 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\servicing
2023-02-12 10:20 - 2022-08-05 20:21 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Krnl
2023-02-12 10:20 - 2022-05-07 05:25 - 000000000 ____D C:\WINDOWS\system32\Pbr
2023-02-12 10:20 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\Containers
2023-02-12 10:20 - 2021-12-26 11:03 - 000000000 ____D C:\Users\maxxy\AppData\Local\Roblox
2023-02-12 10:19 - 2021-12-26 01:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-02-12 10:19 - 2021-12-25 22:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-12 10:19 - 2021-12-25 22:18 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-12 10:02 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\registration
2023-02-12 09:58 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-02-12 09:53 - 2022-10-09 14:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-02-12 09:53 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-11 14:11 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Local\Packages
2023-02-11 14:11 - 2021-12-25 22:09 - 000000000 ____D C:\ProgramData\Packages
2023-02-11 13:36 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Adobe
2023-02-11 13:25 - 2023-01-01 18:53 - 000000000 ____D C:\ProgramData\Virtual Desktop
2023-02-11 09:37 - 2021-12-30 17:54 - 000000000 ____D C:\temp
==================== Files in the root of some directories ========
2022-01-15 12:47 - 2022-11-06 19:49 - 000000396 _____ () C:\Users\maxxy\AppData\Roaming\jjv5conf.json
2022-03-18 18:02 - 2022-03-18 18:03 - 000000265 _____ () C:\Users\maxxy\AppData\Roaming\MelonLoader.Installer.cfg
2022-10-21 18:45 - 2022-10-21 18:45 - 000007626 _____ () C:\Users\maxxy\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
Ran by maxxy (13-02-2023 19:58:05)
Running from C:\Users\maxxy\Desktop
Microsoft Windows 11 Home Version 22H2 22621.963 (X64) (2022-10-09 18:46:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-589984618-1337359365-324211944-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-589984618-1337359365-324211944-503 - Limited - Disabled)
Guest (S-1-5-21-589984618-1337359365-324211944-501 - Limited - Disabled)
maxxy (S-1-5-21-589984618-1337359365-324211944-1001 - Administrator - Enabled) => C:\Users\maxxy
WDAGUtilityAccount (S-1-5-21-589984618-1337359365-324211944-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\uTorrent) (Version: 3.6.0.46590 - BitTorrent Inc.)
AutoHotkey 1.1.34.04 (HKLM\...\AutoHotkey) (Version: 1.1.34.04 - Lexikos)
blender (HKLM\...\{8E411BEA-E05E-4E73-B9D3-A89A3084D67D}) (Version: 3.0.0 - Blender Foundation)
CORSAIR iCUE 4 Software (HKLM\...\{97E0262E-4B0A-4DD1-B432-8BE71A8BDC0A}) (Version: 4.18.209 - Corsair)
Discord (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
EPSON Universal Print Driver Printer Uninstall (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation)
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
JJSploit 6.4.0 (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\b1e3a7e5-766b-5910-bd89-4bbe7200c627) (Version: 6.4.0 - )
JJS-UI 6.4.12 (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\08d3cffc-d9a7-55a8-82d8-201f042a4e89) (Version: 6.4.12 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.39.173 - MediatekWiFi)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Quadro View 200.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 200.93 - NVIDIA Corporation)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for maxxy (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for maxxy (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\roblox-studio) (Version: - Roblox Corporation)
Save Wizard for PS4 MAX (HKLM-x32\...\{D0DDCFB5-446F-423A-8C72-6CFE537AF959}) (Version: 1.1.0.0 - DataPower)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 17.5.0.116 - iolo technologies, LLC)
VALORANT (HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Virtual Desktop Service (HKLM\...\{12B28B16-C77A-4D19-A5E2-B3648C6EE134}) (Version: 1.18.31 - Virtual Desktop, Inc.)
Virtual Desktop Streamer (HKLM\...\{C441ED60-E5A5-4A9D-BC8B-3D7769C0B937}) (Version: 1.25.10 - Virtual Desktop, Inc.)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.30.1.0 - Voicemod S.L.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{BCA59500-933F-4608-A295-104635925BE0}) (Version: 3.5.2204.04001 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-02-12] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2023-02-12] (Disney)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2023-02-12] (Apple Inc.) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.37.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-08-26] (Microsoft Studios)
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-02-12] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-02-12] (ms-resource:ProductPublisherDisplayName)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2023-02-12] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2023-02-12] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2023-02-12] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-06-17] (0)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-589984618-1337359365-324211944-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-589984618-1337359365-324211944-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\Incinerator.dll [2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\Incinerator.dll [2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-10-05] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-11 16:41 - 2021-10-11 16:41 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10470]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-589984618-1337359365-324211944-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maxxy\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
WiFi 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_EA410C61FB31D73AFA3C71DD38F22C9A"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\StartupApproved\Run: => "Voicemod"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4A178632-653C-4EB5-AB49-74ECAB874E26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A025DCD7-791B-4FF2-90F0-53B5639ECDFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E93CBCFF-D0FA-487D-BFEF-BE1B46356A83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D709A2A2-4AF0-4396-B450-FD03933435ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F34DBE26-9B81-42CD-99A7-39802E28C6FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{81A71A95-1CFA-4895-A0FE-8F5E36D33606}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5715D549-E0C7-481C-925C-49A9B3120F81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BDEF31A-12B9-4096-88F4-24CDF6B7D057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [UDP Query User{FE8B4F8C-B683-4ABA-A75A-2552B81E9C07}C:\users\maxxy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\maxxy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{F93E33E5-45D6-4358-8B7D-42F377F28FC9}C:\users\maxxy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\maxxy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{619749B8-82D5-45B4-AFF2-6CA753C17024}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{A2A54FBE-CE43-4FA4-9713-CB5D78000A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{F1D5DA29-2ED8-49D4-8EF1-25FB253D7B2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{A6AE7A4E-8BC0-426A-A488-348378E9F30B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{0FFCF6DF-D27C-4240-8ADC-2E4AD256ADD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{185FDA5A-E0B4-43B9-B8F4-387B84BC475A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4653FA05-A4C0-4AC5-97E7-CEA98629172A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BAAC3112-3C6F-4665-AB26-98628F07F89D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{735A2AB9-8707-480D-AD24-7AAD6278D3A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{5DCF850E-59BC-4A4F-A0FD-708861458E3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{CDB5AF47-C937-47F7-BD96-1F2F86787094}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E102F-D554-469C-8FF5-DA6C9A50CFB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DF8F7084-AE2A-4F57-9F76-04591DD2DEFB}] => (Allow) D:\Driver Tool\DriverTalent.exe => No File
FirewallRules: [{139E3148-8778-4673-8159-96CF633676CE}] => (Allow) D:\Driver Tool\DTLService.exe => No File
FirewallRules: [{CCF3E7C8-3BB8-4ABB-A4AD-4457A8EDAAD6}] => (Allow) D:\Driver Tool\download\MiniThunderPlatform.exe => No File
FirewallRules: [{57F76B62-75A4-4A0D-A58E-9AED332D9CF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{189C20B9-0A93-45C3-9763-4EEADDA7CCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{3A380407-4752-4D5A-A4A6-BC9789422866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{FA9B54B7-7F91-45FB-A579-85604C313E48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{57A82355-B769-4024-B766-B4B5180E0BC7}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{45319983-04B2-459C-87C5-A9481E7B9EE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{201E8315-E9E9-4970-AE56-31EB32884F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{A1D450B4-1F19-4F04-83B3-9DD1E17329E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{80BEDA79-42FD-408C-BA7D-D984ECD92006}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{640B0180-444E-48BC-B734-2BB0E3C88587}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{18A87070-7AE0-4BB3-96B1-BB8C91289654}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D7173273-5CA8-4E00-871A-3D3C3FB2EDE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe (Epic Games, Inc) [File not signed]
FirewallRules: [{CE3C9902-8AEF-4E2C-96FD-E392D1D09C8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe (Epic Games, Inc) [File not signed]
FirewallRules: [{7F8CA51F-5289-4FFF-9B80-26503204B633}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{15C875D1-6145-4520-9348-F201E5EC8E5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{B267731D-1ED8-4BCB-8727-5566106DE5C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{F3CF7546-9099-4FA0-86C5-0F625418AD7C}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{4BCA4DDE-57FA-49C4-A039-5B7C73867321}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{2A8C3C15-E282-4358-B0F1-10501F039472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{2BBA5860-F31B-4299-85E5-014E540A8B3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{7C5B0CE6-635B-475E-A4DA-ADCF2E9E610B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{B3A616D8-809C-4FE1-9069-3D6EF9B91E5A}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{7EA67384-F17B-4BD1-9091-D8317EA4FB91}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{FB617EEB-BA27-4B8B-AE33-C5E804A974D6}C:\program files\windowsapps\spotifyab.spotifymusic_1.195.893.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.195.893.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{6748B19D-4663-47BC-B54B-992FEEC400B7}C:\program files\windowsapps\spotifyab.spotifymusic_1.195.893.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.195.893.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [{8CE7CE0E-1DB3-40CF-93E4-D76AD8A5367D}] => (Allow) C:\Users\maxxy\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{0FFD7AD6-8539-4EDE-9B39-CAD48F5230A2}] => (Allow) C:\Users\maxxy\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{EF765D15-9E03-400F-9E86-A300741DB970}] => (Allow) C:\Users\maxxy\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{425084C0-1556-443D-9BDE-71D628459DD7}] => (Allow) C:\Users\maxxy\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FC609945-DD61-4A6E-A3B6-3687B3FFD640}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03255B51-C0BF-4095-86BE-0DE909C5DCDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E169E8E-B169-4245-B22B-FCA77FC13E8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9CF022F-B874-4616-A5B0-D5F645AF600B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21CA6C23-6F0E-4C20-8D01-B49E9A7D4AE1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23BF4BBD-F57F-4C52-840F-BCF5B5AD760F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3485973B-39E5-420F-B723-002E67EF200E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4B86C02-D689-478A-9955-C29B477BD24D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{500B487C-EE1A-4221-AA79-D51F4D4E72CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5EC5190-0796-4D37-A1E1-54633E16BB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB72BC75-4825-4CD9-AE84-E78FBBFA74CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{735BFFEE-0B65-45E7-A473-7C668BBC51A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E8C60DE-D81B-4B65-AE48-C92559B20BF1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1F8C7F4-C4F1-4981-9890-0FEEAE0D6FD8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44A8485C-21C1-411F-B447-2023D9F1EAC4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E5DB4DF-C7FF-4224-A718-96E1005E7645}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E372E386-21C9-4DA9-A7A9-879E9682E421}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D2646CC-4480-4448-9536-7AF58C51E887}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EAC4928-DCCF-4131-B6D8-94891C053797}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98EB3D6F-FC1F-4FB9-B52B-C29A90E2C480}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5793512-BEAD-4E78-9DCE-E238528179A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{B761E187-DAB0-4B15-B6BD-D5ED8BAA3C9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7376A7C9-9C46-482E-A0A2-D6B5526297E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{EA74BF1A-E619-4435-A1FE-E718318F8A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{c0ef4d58-c5fa-4d06-8df0-bc83d3c87d7b}] => (Allow) C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Streamer.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
FirewallRules: [{3180C962-66FF-4F94-985F-C1274566489E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{330BED93-E5F4-4B3F-9113-68FD757AE85E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{21A62B2B-1FA7-4407-B1EA-405A5F23696A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{E303E827-BB81-458E-9F8E-36E7F9F45240}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{1BF0468F-A69F-491E-8040-2ED04F54C208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{4B3693A3-9CAA-4BCF-B0C0-E62847EF29BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{ED8E3082-B323-41C8-9D96-B8A6DC469C62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gorilla Tag\Gorilla Tag.exe () [File not signed]
FirewallRules: [{B79E2ABE-A3A0-421A-9B82-3EFC379FFB0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gorilla Tag\Gorilla Tag.exe () [File not signed]
FirewallRules: [{9BF86E5F-4BBD-4718-9F22-8775837E1C71}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B02E3FE-EBF1-4080-9B92-3047ABA5A4E7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE374781-900D-4255-B96D-D08DBFE4D69E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-01-2023 11:48:19 Windows Modules Installer
12-02-2023 10:52:17 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: Virtual Desktop Monitor
Description: Virtual Desktop Monitor
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Virtual Desktop, Inc.
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Voicemod Virtual Audio Device (WDM)
Description: Voicemod Virtual Audio Device (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Voicemod S.L.
Service: VOICEMOD_Driver
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2023 07:25:09 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-JSB8L0E)
Description: Faulting application name: ioloSSTray.exe, version: 17.5.0.116, time stamp: 0x5a2a4485
Faulting module name: KERNELBASE.dll, version: 10.0.22621.963, time stamp: 0x766ca8ae
Exception code: 0xe0434352
Fault offset: 0x00000000000906bc
Faulting process ID: 0x0x2608
Faulting application start time: 0x0x1d93fe0abebcf46
Faulting application path: C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: eedc8263-b50b-4c14-a278-5ab3811e7135
Faulting package full name:
Faulting package-relative application ID:
Error: (02/13/2023 07:25:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ioloSSTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at iolo.Controller.EntitlementController.get_IsServiceExpired()
at iolo.SSTray.SSTrayApp..ctor()
at iolo.SSTray.Program.Main()
Error: (02/12/2023 09:02:12 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-JSB8L0E)
Description: Faulting application name: ioloSSTray.exe, version: 17.5.0.116, time stamp: 0x5a2a4485
Faulting module name: KERNELBASE.dll, version: 10.0.22621.963, time stamp: 0x766ca8ae
Exception code: 0xe0434352
Fault offset: 0x00000000000906bc
Faulting process ID: 0x0xd58
Faulting application start time: 0x0x1d93f2526238f34
Faulting application path: C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: f71be1f3-550f-4775-8063-6105496fa2e7
Faulting package full name:
Faulting package-relative application ID:
Error: (02/12/2023 09:02:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ioloSSTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at iolo.Controller.EntitlementController.get_IsServiceExpired()
at iolo.SSTray.SSTrayApp..ctor()
at iolo.SSTray.Program.Main()
Error: (02/12/2023 09:01:35 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Scheduled Checkpoint).
Error: (02/12/2023 08:57:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-JSB8L0E$ via https://AMD-KeyId-90...plates/Aik/scepfailed:
GetCACaps
Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (02/12/2023 08:57:14 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-90...plates/Aik/scepfailed:
GetCACaps
Method: GET(1031ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
System errors:
=============
Error: (02/13/2023 07:29:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JSB8L0E)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (02/12/2023 08:59:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: 2023-01 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5022303).
Error: (02/12/2023 08:56:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VirtualDesktop.Service.exe service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/12/2023 08:56:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the VirtualDesktop.Service.exe service to connect.
Error: (02/12/2023 08:55:49 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Dump file generation succeded.
Error: (02/12/2023 08:55:44 PM) (Source: RtlWlanu) (EventID: 5003) (User: )
Description: TP-Link Wireless USB Adapter : Could not find a network adapter.
Error: (02/12/2023 08:55:26 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (02/12/2023 01:53:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JSB8L0E)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2023-02-12 20:55:48
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume2\WINDOWS\System32\drivers\vmdrv.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
Date: 2023-02-12 20:55:48
Description:
The driver \Device\HarddiskVolume2\WINDOWS\System32\drivers\vmdrv.sys is blocked from loading as the driver has been revoked by Microsoft.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. F14e 10/14/2021
Motherboard: Gigabyte Technology Co., Ltd. B550M DS3H
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 16289.46 MB
Available physical RAM: 10174.38 MB
Total Virtual: 17313.46 MB
Available Virtual: 8998.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.21 GB) (Free:601.6 GB) (Model: ST1000DM010-2EP102) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.04 GB) (Model: ST1000DM010-2EP102) NTFS
\\?\Volume{bc608de8-b5c5-49c0-a6fd-f6f722dacc54}\ () (Fixed) (Total:0.65 GB) (Free:0.08 GB) NTFS
\\?\Volume{c552ccf1-b8be-11ec-8486-18c04da8b499}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{c552ccf0-b8be-11ec-8486-18c04da8b499}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 06FE7201)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
Edited by valleyboy, 13 February 2023 - 02:20 PM.