Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Weird recurring disconnect issue - Windows 10

windows 10 wireless ethernet usb disconnect

  • Please log in to reply

#1
Rickie

Rickie

    Member

  • Member
  • PipPipPip
  • 113 posts

I've been meaning to put the feelers out about this particular issue of mine for quite some time. I don't really have enough info to give to really result in an actual diagnosis probably, so I guess I'm seeking ideas for troubleshooting?

 

My desktop computer dual boots Windows 7 and 10. No issues on 7, but on 10, randomly, I'll lose my connection. Whether I'm connected to wifi, ethernet or USB. It'll randomly die without warning. No other devices disconnecting. (And 7 partition doesn't have this issue.)

 

No error messages. Windows 10 Home, up to date. Drivers up to date. Running a GA-B150N Phoenix-WIFI, but yeah, this issue even occurs if connected to internet via USB so I don't think it's a hardware issue.

 

Any help would be massively appreciated. I can't really trust doing anything online on that partition in the meantime which is a shame.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Let's try MiniToolBox and see what it says.
 
Please download [url=https://www.bleepingcomputer.com/download/minitoolbox/[/url], save it to your desktop and run it.
 
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  •  
  • Report FF Proxy Settings
  •  
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • Click Go and post the result (Result.txt). A copy of MTB.txt will be saved in the same directory the tool is run.
     
     
    Run it again in Win 7 so we can look for differences.

    • 0

    #3
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    T

     



     

    Let's try MiniToolBox and see what it says.
     
    Please download [url=https://www.bleepingcomputer.com/download/minitoolbox/[/url], save it to your desktop and run it.
     
    Checkmark the following checkboxes:


    •  




    • Flush DNS




    • Report IE Proxy Settings


     


    • Report FF Proxy Settings


     


    • List content of Hosts




    • List IP configuration




    • List Winsock Entries




    • List last 10 Event Viewer Errors




    • List Installed Programs




    • List Devices




    • List Users, Partitions and Memory size.




    • List Minidump Files


     
    Click Go and post the result (Result.txt). A copy of MTB.txt will be saved in the same directory the tool is run.
     
     
    Run it again in Win 7 so we can look for differences.

     

    Thanks for your reply. Posting results below.

     

    First, Windows 10:

    MiniToolBox by Farbar  Version: 13-05-2022
    Ran by Rickie (administrator) on 28-12-2022 at 23:32:20
    Running from "C:\Users\Rickie\Downloads"
    Microsoft Windows 10 Home  (X64)
    Model: B150N Phoenix-WIFI Manufacturer: Gigabyte Technology Co., Ltd.
    Boot Mode: Normal
    ***************************************************************************
    
    ========================= Flush DNS: ===================================
    
    Windows IP Configuration
    
    Successfully flushed the DNS Resolver Cache.
    
    
    ========================= IE Proxy Settings: ============================== 
    
    Proxy is not enabled.
    No Proxy Server is set.
    
    ========================= FF Proxy Settings: ============================== 
    
    ========================= Hosts content: =================================
    ========================= IP Configuration: ================================
    
    Intel(R) Dual Band Wireless-AC 8260 = WiFi (Connected)
    ExpressVPN TAP Adapter = Ethernet 3 (Hardware not present)
    Intel(R) Ethernet Connection (2) I219-V = Ethernet (Media disconnected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
    ExpressVPN TUN Driver = Local Area Connection 3 (Media disconnected)
    
    
    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4
    
    reset
    set global icmpredirects=enabled
    add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=192.168.0.24 publish=Yes
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 3" forwarding=enabled advertise=enabled metric=5 nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set subinterface interface=?‹?????? subinterface=ethernet_32775 mtu=1500
    set subinterface interface=?‹?????? subinterface=iftype53_32770 mtu=1350
    add address name="Ethernet" address=192.168.0.66 mask=255.255.255.0
    
    
    popd
    # End of IPv4 configuration
    
    
    
    Windows IP Configuration
    
       Host Name . . . . . . . . . . . . : DESKTOP-F4EHQPK
       Primary Dns Suffix  . . . . . . . : 
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
    
    Ethernet adapter Ethernet:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
       Physical Address. . . . . . . . . : 1C-1B-0D-66-A3-12
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    
    Unknown adapter Local Area Connection 3:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : ExpressVPN TUN Driver
       Physical Address. . . . . . . . . : 
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    
    Wireless LAN adapter Local Area Connection* 2:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : E4-A7-A0-2A-F5-B3
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    
    Wireless LAN adapter Local Area Connection* 3:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
       Physical Address. . . . . . . . . : E6-A7-A0-2A-F5-B2
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    
    Wireless LAN adapter WiFi:
    
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8260
       Physical Address. . . . . . . . . : E4-A7-A0-2A-F5-B2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Wednesday, 28 December 2022 11:29:05 PM
       Lease Expires . . . . . . . . . . : Thursday, 29 December 2022 11:29:05 PM
       Default Gateway . . . . . . . . . : 192.168.0.1
       DHCP Server . . . . . . . . . . . : 192.168.0.1
       DNS Servers . . . . . . . . . . . : 192.168.0.1
       NetBIOS over Tcpip. . . . . . . . : Enabled
    
    Ethernet adapter Bluetooth Network Connection:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : E4-A7-A0-2A-F5-B6
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    Server:  UnKnown
    Address:  192.168.0.1
    
    Name:    google.com
    Addresses:  2404:6800:4015:802::200e
    	  142.250.70.206
    
    
    Pinging google.com [142.250.70.206] with 32 bytes of data:
    Reply from 142.250.70.206: bytes=32 time=21ms TTL=54
    Reply from 142.250.70.206: bytes=32 time=35ms TTL=54
    
    Ping statistics for 142.250.70.206:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 21ms, Maximum = 35ms, Average = 28ms
    Server:  UnKnown
    Address:  192.168.0.1
    
    Name:    yahoo.com
    Addresses:  2001:4998:124:1507::f000
    	  2001:4998:44:3507::8000
    	  2001:4998:24:120d::1:0
    	  2001:4998:24:120d::1:1
    	  2001:4998:124:1507::f001
    	  2001:4998:44:3507::8001
    	  74.6.231.21
    	  74.6.143.25
    	  74.6.143.26
    	  98.137.11.163
    	  74.6.231.20
    	  98.137.11.164
    
    
    Pinging yahoo.com [98.137.11.164] with 32 bytes of data:
    Reply from 98.137.11.164: bytes=32 time=263ms TTL=41
    Reply from 98.137.11.164: bytes=32 time=223ms TTL=41
    
    Ping statistics for 98.137.11.164:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 223ms, Maximum = 263ms, Average = 243ms
    
    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    
    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
     15...1c 1b 0d 66 a3 12 ......Intel(R) Ethernet Connection (2) I219-V
     10...........................ExpressVPN TUN Driver
      7...e4 a7 a0 2a f5 b3 ......Microsoft Wi-Fi Direct Virtual Adapter
      9...e6 a7 a0 2a f5 b2 ......Microsoft Wi-Fi Direct Virtual Adapter #2
     18...e4 a7 a0 2a f5 b2 ......Intel(R) Dual Band Wireless-AC 8260
     11...e4 a7 a0 2a f5 b6 ......Bluetooth Device (Personal Area Network)
      1...........................Software Loopback Interface 1
    ===========================================================================
    
    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.105     35
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
          192.168.0.0    255.255.255.0         On-link     192.168.0.105    291
        192.168.0.105  255.255.255.255         On-link     192.168.0.105    291
        192.168.0.255  255.255.255.255         On-link     192.168.0.105    291
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
            224.0.0.0        240.0.0.0         On-link     192.168.0.105    291
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      255.255.255.255  255.255.255.255         On-link     192.168.0.105    291
    ===========================================================================
    Persistent Routes:
      Network Address          Netmask  Gateway Address  Metric
              0.0.0.0          0.0.0.0     192.168.0.24  Default 
    ===========================================================================
    
    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      1    331 ::1/128                  On-link
      1    331 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================
    
    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\NLAapi.dll [71168] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\winrnr.dll [34304] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [324416] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [70144] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [89088] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [89088] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\NLAapi.dll [97280] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\winrnr.dll [49152] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 12 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 13 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    x64-Catalog9 14 C:\Windows\System32\mswsock.dll [418416] (Microsoft Corporation)
    
    ========================= Event log errors: ===============================
    
    Application errors:
    ==================
    Error: (12/27/2022 11:19:02 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: MediaGo.exe, version: 2.2.0.223, time stamp: 0x500056cd
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x44223151
    Faulting process ID: 0x2c68
    Faulting application start time: 0x01d91980ed73dc8f
    Faulting application path: C:\Program Files (x86)\Sony\Media Go\MediaGo.exe
    Faulting module path: unknown
    Report ID: 8c8e9d72-4e63-4a20-8c5e-27856f6aaa97
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (12/27/2022 11:19:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: MediaGo.exe, version: 2.2.0.223, time stamp: 0x500056cd
    Faulting module name: CddbLinkSMS.dll, version: 2.6.206.202, time stamp: 0x4bc51b14
    Exception code: 0xc0000409
    Fault offset: 0x0006ddb3
    Faulting process ID: 0x2c68
    Faulting application start time: 0x01d91980ed73dc8f
    Faulting application path: C:\Program Files (x86)\Sony\Media Go\MediaGo.exe
    Faulting module path: C:\Program Files (x86)\Sony\Media Go\CddbLinkSMS.dll
    Report ID: 04213d50-1045-4518-8148-f2a9f3f65d0c
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (12/26/2022 11:56:45 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: EASteamProxy.exe, version: 0.0.0.0, time stamp: 0x636c1a0d
    Faulting module name: IGO32.dll, version: 10.5.116.52126, time stamp: 0x636c1a38
    Exception code: 0xc0000005
    Fault offset: 0x0008d113
    Faulting process ID: 0xc14
    Faulting application start time: 0x01d918c4ecbb0819
    Faulting application path: C:\Program Files (x86)\Origin\EASteamProxy.exe
    Faulting module path: C:\Program Files (x86)\Origin\IGO32.dll
    Report ID: 49029c22-9b75-4514-a2c4-98bb92d7dead
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (12/26/2022 11:56:45 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: EASteamProxy.exe, version: 0.0.0.0, time stamp: 0x636c1a0d
    Faulting module name: IGO32.dll, version: 10.5.116.52126, time stamp: 0x636c1a38
    Exception code: 0xc0000005
    Fault offset: 0x0008d113
    Faulting process ID: 0xc14
    Faulting application start time: 0x01d918c4ecbb0819
    Faulting application path: C:\Program Files (x86)\Origin\EASteamProxy.exe
    Faulting module path: C:\Program Files (x86)\Origin\IGO32.dll
    Report ID: 141323c2-bea6-4ce6-baeb-19f15cd8783d
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (11/19/2022 01:57:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: gameinputsvc.exe, version: 0.2210.22621.1846, time stamp: 0x79ac3219
    Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6
    Exception code: 0xc0000374
    Fault offset: 0x00000000000ff6a9
    Faulting process ID: 0x11e0
    Faulting application start time: 0x01d8fbc10db3aba8
    Faulting application path: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report ID: e7ee6fae-ce9b-49e1-b367-340980521199
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (11/16/2022 05:44:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a
    Faulting module name: msvcrt.dll, version: 7.0.19041.546, time stamp: 0x7f567a50
    Exception code: 0xc0000005
    Fault offset: 0x00086823
    Faulting process ID: 0x2798
    Faulting application start time: 0x01d8f983abba7ef4
    Faulting application path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe
    Faulting module path: C:\WINDOWS\System32\msvcrt.dll
    Report ID: f37bc3c7-0d2d-4592-90a8-50f9f23ea6ba
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (11/16/2022 05:44:14 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a
    Faulting module name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a
    Exception code: 0xc00001a5
    Fault offset: 0x00570498
    Faulting process ID: 0x2798
    Faulting application start time: 0x01d8f983abba7ef4
    Faulting application path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe
    Faulting module path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe
    Report ID: 85e04926-53d0-48c1-83d9-a0babf8447e8
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (11/15/2022 11:14:31 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: gameinputsvc.exe, version: 0.2210.22621.1846, time stamp: 0x79ac3219
    Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6
    Exception code: 0xc0000374
    Fault offset: 0x00000000000ff6a9
    Faulting process ID: 0xdc4
    Faulting application start time: 0x01d8f8ebd0db3e5e
    Faulting application path: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report ID: 918662bb-2718-4a6c-8a94-96194dec5925
    Faulting package full name: 
    Faulting package-relative application ID:
    
    Error: (11/14/2022 04:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
    .
    
    
    Operation:
       Executing Asynchronous Operation
    
    Context:
       Current State: DoSnapshotSet
    
    Error: (10/29/2022 10:23:37 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
    .
    
    
    System errors:
    =============
    Error: (12/26/2022 10:23:39 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    
    Error: (12/26/2022 10:21:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Error: (12/26/2022 09:48:13 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    
    Error: (12/26/2022 09:46:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Steam Client Service service failed to start due to the following error: 
    %%1053 = The service did not respond to the start or control request in a timely fashion.
    
    Error: (12/26/2022 09:46:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    
    Error: (11/19/2022 02:58:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-F4EHQPK)
    Description: Event-ID 10010
    
    Error: (11/19/2022 01:57:34 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: Event-ID 10005
    
    Error: (11/19/2022 01:57:34 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: Event-ID 10005
    
    Error: (11/17/2022 11:41:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Error: (10/24/2022 07:42:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    
    Windows Defender:
    ================
    Date: 2022-12-28 16:58:55
    Description: 
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    Date: 2022-11-18 16:04:31
    Description: 
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    Date: 2022-11-13 16:19:58
    Description: 
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    Date: 2022-11-12 15:19:33
    Description: 
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    Date: 2022-10-18 12:13:44
    Description: 
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    CodeIntegrity Errors:
    ====================
    Date: 2022-12-26 11:50:57
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume6\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
    
    Date: 2022-12-26 11:50:57
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume6\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
    
    
    =========================== Installed Programs ============================
    
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
    AntiMicro (HKLM-x32\...\{584F5685-C0E5-4D84-B6F2-045B801A0BA1}) (Version: 2.20.2 - AntiMicro)
    AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - AnyDesk Software GmbH)
    Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
    Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
    Audio DiffMaker (HKLM-x32\...\Audio DiffMaker) (Version:  - )
    AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
    Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Brave Software Inc)
    Bulk Rename Utility 3.4.3.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
    Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
    Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.6 - GOG.com)
    dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 17.7 - Illustrate)
    DisplayLink Graphics (HKLM\...\{DFA364B0-E809-4231-AD48-0CA10A653E98}) (Version: 10.1.2665.0 - DisplayLink Corp.)
    Documentation Manager (HKLM\...\{669FA6D8-9A73-40F5-907C-9C8CCE1BB091}) (Version: 22.160.0.4 - Intel Corporation) Hidden
    DOOM Eternal (HKLM\...\Steam App 782330) (Version:  - id Software)
    Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
    ExpressVPN (HKLM-x32\...\{ba0e1c98-39d7-4027-ae0e-1709a98d6c3b}) (Version: 10.22.0.12 - ExpressVPN)
    ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8772D783D}) (Version: 10.22.0.12 - ExpressVPN) Hidden
    Flex Controller Settings App (HKLM-x32\...\{E466A0EC-2056-40A1-A83A-AC73AFFEFDCC}) (Version: 1.01.001 - HORI CO., LTD.)
    Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.15.4.0 - miHoYo Co.,Ltd)
    GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
    GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
    Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
    Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
    HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
    Intel® Software Installer (HKLM-x32\...\{097f6fe6-d6f8-4204-b004-1e255f6cf68b}) (Version: 22.160.0.4 - Intel Corporation) Hidden
    IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan)
    Iriun Webcam version 2.6.4 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.6.4 - Iriun)
    iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.)
    JoyToKey version 6.4.3 (HKLM-x32\...\{EBF21C82-423E-49FD-BCBD-88C08397CB44}_is1) (Version: 6.4.3 - JTK software)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
    Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Live2D Cubism 4.1.05 (HKLM-x32\...\Live2D Cubism) (Version: 4.1.05 - Live2D Inc.)
    Media Go (HKLM-x32\...\{2BF9702B-52EE-4841-83C4-B5E640B6C97A}) (Version: 2.2.223 - Sony)
    Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.1 (x64 en-US)) (Version: 108.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
    Mp3tag v3.08 (HKLM-x32\...\Mp3tag) (Version: 3.08 - Florian Heidenreich)
    Music Center for PC (HKLM-x32\...\{FA9B8D7D-CB57-4A85-BF7F-5AD02258FB8E}) (Version: 2.5.0.11260 - Sony Corporation)
    MusicBee 3.3.7310 (HKLM-x32\...\MusicBee) (Version: 3.3.7310 - Steven Mayall)
    MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
    Node.js (HKLM\...\{B85AD9AC-025E-43CE-BDDB-7974D550853E}) (Version: 19.0.0 - Node.js Foundation)
    Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.6 - Notepad++ Team)
    NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
    NVIDIA Graphics Driver 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.3 - OBS Project)
    Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.)
    paint.net (HKLM\...\{6FED3D93-C0FA-4BD7-A36F-7FC53698244F}) (Version: 4.2.15 - dotPDN LLC)
    PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
    Pathologic 2 (HKLM-x32\...\1076642617_is1) (Version: 1.5.30038-rel-dev-st + mn - GOG.com)
    Pathologic 2: Marble Nest (HKLM-x32\...\1119032059_is1) (Version: 1.5.30038-rel-dev-st + mn - GOG.com)
    PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
    PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.9.4.14625 - Sony Computer Entertainment Inc.)
    Python 3.8.10 Core Interpreter (64-bit) (HKLM\...\{D971F398-7F11-4956-AB73-1FB70E59A11F}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Development Libraries (64-bit) (HKLM\...\{75320A88-439F-497A-B856-FF397ED71203}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Documentation (64-bit) (HKLM\...\{47769D6A-1947-4B6F-9B2F-E881F204CA5A}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Executables (64-bit) (HKLM\...\{A0FBEF5B-B925-4F86-9B50-A7315736C481}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 pip Bootstrap (64-bit) (HKLM\...\{E542AFFC-389C-4330-A0F5-D0B162297729}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Standard Library (64-bit) (HKLM\...\{080E0048-853C-49FB-96ED-30DEF7AB6E34}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Tcl/Tk Support (64-bit) (HKLM\...\{92B27283-38B6-4C6B-B23B-3DE902F4FEA7}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Test Suite (64-bit) (HKLM\...\{B91DB0E4-637F-469E-8309-0D69FD18A1E5}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python 3.8.10 Utility Scripts (64-bit) (HKLM\...\{CD36D248-F36C-4535-97A9-9CB7B4E0C186}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{81CDF5BF-4777-4CF8-B6CC-0902061F7314}) (Version: 3.8.7427.0 - Python Software Foundation)
    qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
    Rapid Environment Editor version 9.2.0.937 (HKLM\...\{34AD4E52-723F-4377-9CDD-BCBD892264FA}_is1) (Version: 9.2.0.937 - Oleg Danilov)
    Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
    ScreenToGif (HKLM\...\{533F090A-5031-4ED0-AE46-CA2C8863BF2A}) (Version: 2.35.4 - Nicke Manarin)
    SEGA Mega Drive & Genesis Classics (HKLM\...\Steam App 34270) (Version:  - D3T Limited)
    Shotcut (HKLM\...\Shotcut) (Version: 21.12.24 - Meltytech, LLC)
    Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
    STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TagScanner (64bit) (HKLM\...\TagScanner_is1) (Version: 6.1.13 - Sergey Serkov)
    Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
    The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
    Titanfall® 2 (HKLM\...\Steam App 1237970) (Version:  - Respawn Entertainment)
    Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 109.0 - Ubisoft)
    Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
    UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
    Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
    WiinUPro version 0.9.4 (HKLM\...\{40F0DCB4-E81A-45CE-A596-F2D083E1D535}_is1) (Version: 0.9.4 - Justin Keys)
    WiinUSoft version 3.4 (HKLM\...\{1BFC4F9F-BB85-4CE3-AC22-0CBFF78D5EE4}_is1) (Version: 3.4 - Justin Keys)
    Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
    WinX YouTube Downloader (HKLM-x32\...\WinX YouTube Downloader) (Version: 5.9 - Digiarty, Inc.)
    Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
    
    Packages:
    =========
    Among Us -> C:\Program Files\WindowsApps\Innersloth.AmongUs_2022.12.145.0_x64__fw5x688tam7rm [2022-12-26] (InnerSloth)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) [MS Ad]
    NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
    Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-06-03] (Realtek Semiconductor Corp)
    Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-09-23] (Microsoft Corporation)
    
    ========================= Devices: ================================
    
    Name: ExpressVPN TAP Adapter
    Description: ExpressVPN TAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: ExpressVPN
    Service: tapexpressvpn
    Device ID: ROOT\NET\0002
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
    
    
    ========================= Memory info: ===================================
    
    Percentage of memory in use: 25%
    Total physical RAM: 16339.93 MB
    Available physical RAM: 12236.21 MB
    Total Virtual: 19795.93 MB
    Available Virtual: 13915.75 MB
    
    ========================= Partitions: =====================================
    
    1 Drive c: (Windows 10) (Fixed) (Total:930.44 GB) (Free:204.99 GB) NTFS
    2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
    3 Drive e: (Storage) (Fixed) (Total:2794.39 GB) (Free:2162.38 GB) NTFS
    4 Drive g: (Windows 7) (Fixed) (Total:111.69 GB) (Free:25.21 GB) NTFS
    
    ========================= Users: ========================================
    
    User accounts for \\DESKTOP-F4EHQPK
    
    Administrator            DefaultAccount           defaultuser0             
    Guest                    Rickie                   WDAGUtilityAccount       
    
    ========================= Minidump Files ==================================
    
    C:\WINDOWS\Minidump\010321-31562-01.dmp
    
    **** End of log ****
    
    

    And then Windows 7:

    MiniToolBox by Farbar  Version: 13-05-2022
    Ran by Rickie (administrator) on 28-12-2022 at 23:40:21
    Running from "E:\"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
    Model: B150N Phoenix-WIFI Manufacturer: Gigabyte Technology Co., Ltd.
    Boot Mode: Normal
    ***************************************************************************
    
    ========================= Flush DNS: ===================================
    
    Windows IP Configuration
    
    Successfully flushed the DNS Resolver Cache.
    
    
    ========================= IE Proxy Settings: ============================== 
    
    Proxy is not enabled.
    No Proxy Server is set.
    
    ========================= FF Proxy Settings: ============================== 
    
    ========================= Hosts content: =================================
    ========================= IP Configuration: ================================
    
    Intel(R) Dual Band Wireless-AC 8260 = Wireless Network Connection (Connected)
    Windscribe VPN = Local Area Connection (Media disconnected)
    Windscribe Windtun420 = Local Area Connection 2 (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
    
    
    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4
    
    reset
    set global icmpredirects=enabled
    add address name="Local Area Connection 2" address=10.116.146.4 mask=255.255.254.0
    
    
    popd
    # End of IPv4 configuration
    
    
    
    Windows IP Configuration
    
       Host Name . . . . . . . . . . . . : Rickie-PC
       Primary Dns Suffix  . . . . . . . : 
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
    
    Wireless LAN adapter Wireless Network Connection 2:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
       Physical Address. . . . . . . . . : E6-A7-A0-2A-F5-B2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    
    Unknown adapter Local Area Connection 2:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Windscribe Windtun420
       Physical Address. . . . . . . . . : 
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    
    Unknown adapter Local Area Connection:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Windscribe VPN
       Physical Address. . . . . . . . . : 00-FF-0C-C1-5E-65
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    
    Wireless LAN adapter Wireless Network Connection:
    
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8260
       Physical Address. . . . . . . . . : E4-A7-A0-2A-F5-B2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::5d1f:249:3f79:be03%13(Preferred) 
       IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Wednesday, December 28, 2022 11:34:52 PM
       Lease Expires . . . . . . . . . . : Thursday, December 29, 2022 11:34:51 PM
       Default Gateway . . . . . . . . . : 192.168.0.1
       DHCP Server . . . . . . . . . . . : 192.168.0.1
       DHCPv6 IAID . . . . . . . . . . . : 300197792
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-C3-CA-93-E4-A7-A0-2A-F5-B2
       DNS Servers . . . . . . . . . . . : 192.168.0.1
       NetBIOS over Tcpip. . . . . . . . : Enabled
    
    Tunnel adapter isatap.{38BCC006-6632-4C7E-976D-5BF6EE79E105}:
    
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Server:  UnKnown
    Address:  192.168.0.1
    
    Name:    google.com
    Addresses:  2404:6800:4015:802::200e
    	  142.250.70.206
    
    
    Pinging google.com [142.250.70.206] with 32 bytes of data:
    Reply from 142.250.70.206: bytes=32 time=22ms TTL=54
    Reply from 142.250.70.206: bytes=32 time=46ms TTL=54
    
    Ping statistics for 142.250.70.206:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 22ms, Maximum = 46ms, Average = 34ms
    Server:  UnKnown
    Address:  192.168.0.1
    
    Name:    yahoo.com
    Addresses:  2001:4998:44:3507::8001
    	  2001:4998:124:1507::f001
    	  2001:4998:24:120d::1:1
    	  2001:4998:24:120d::1:0
    	  2001:4998:44:3507::8000
    	  2001:4998:124:1507::f000
    	  74.6.231.21
    	  98.137.11.164
    	  74.6.231.20
    	  98.137.11.163
    	  74.6.143.26
    	  74.6.143.25
    
    
    Pinging yahoo.com [74.6.143.25] with 32 bytes of data:
    Reply from 74.6.143.25: bytes=32 time=248ms TTL=40
    Reply from 74.6.143.25: bytes=32 time=247ms TTL=40
    
    Ping statistics for 74.6.143.25:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 247ms, Maximum = 248ms, Average = 247ms
    
    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    
    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
     19...e6 a7 a0 2a f5 b2 ......Microsoft Virtual WiFi Miniport Adapter
     17...........................Windscribe Windtun420
     15...00 ff 0c c1 5e 65 ......Windscribe VPN
     13...e4 a7 a0 2a f5 b2 ......Intel(R) Dual Band Wireless-AC 8260
      1...........................Software Loopback Interface 1
     14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    ===========================================================================
    
    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.105     10
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          192.168.0.0    255.255.255.0         On-link     192.168.0.105    266
        192.168.0.105  255.255.255.255         On-link     192.168.0.105    266
        192.168.0.255  255.255.255.255         On-link     192.168.0.105    266
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link     192.168.0.105    266
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link     192.168.0.105    266
    ===========================================================================
    Persistent Routes:
      None
    
    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      1    306 ::1/128                  On-link
     13    266 fe80::/64                On-link
     13    266 fe80::5d1f:249:3f79:be03/128
                                        On-link
      1    306 ff00::/8                 On-link
     13    266 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================
    
    Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    
    ========================= Event log errors: ===============================
    
    Application errors:
    ==================
    Error: (12/28/2022 11:39:51 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
    
    Error: (12/28/2022 11:39:51 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
    
    Error: (12/28/2022 11:35:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event-ID 10
    
    Error: (12/28/2022 11:34:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
    
    Error: (12/28/2022 11:34:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
    
    Error: (12/28/2022 11:34:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
    
    Error: (10/21/2021 03:00:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
    
    Error: (10/21/2021 03:00:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
    
    Error: (10/21/2021 02:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event-ID 10
    
    Error: (10/21/2021 02:58:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
    
    
    System errors:
    =============
    Error: (12/28/2022 11:39:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:39:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:39:34 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:39:34 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:38:28 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    
    Error: (12/28/2022 11:36:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:36:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.
    
    Error: (12/28/2022 11:35:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The clover_service service failed to start due to the following error: 
    %%1053 = The service did not respond to the start or control request in a timely fashion.
    
    Error: (12/28/2022 11:35:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the clover_service service to connect.
    
    Error: (10/21/2021 02:59:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The WMI Performance Adapter service terminated with the following error: 
    %%-2147467259 = Unspecified error
    
    
    Windows Defender:
    ================Event[0]:
    
    Date: 2020-02-17 08:01:30.380
    Description: 
    Windows Defender has encountered an error trying to update the engine.
    New Engine Version:1.1.16700.3
    Previous Engine Version:1.1.6402.0
    Update Source:User
    Error Code:0x8050800c
    Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
    
    =========================== Installed Programs ============================
    
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
    Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
    Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
    AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos)
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2108.2113 - Avira Operations GmbH & Co. KG) Hidden
    Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.62.27078 - Avira Operations GmbH & Co. KG) Hidden
    Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
    Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
    Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Commander Keen (HKLM-x32\...\2070676386_is1) (Version: 1.4 - GOG.com)
    DisplayLink Core Software (HKLM\...\{3C37FA2E-E836-4652-8ABA-DC5EB7B89401}) (Version: 10.1.2665.0 - DisplayLink Corp.)
    DisplayLink Graphics (HKLM\...\{14D5E5FC-DEF6-4835-B10A-28A59D7DB953}) (Version: 10.1.2691.0 - DisplayLink Corp.) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 163.4.5456 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
    Dual Monitor Tools (HKLM-x32\...\{5CE3BD1A-324F-4F87-96BB-30F08DB6E839}) (Version: 2.7.0.0 - GNE)
    Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
    FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    foobar2000 v1.6.6 (HKLM-x32\...\foobar2000) (Version: 1.6.6 - Peter Pawlowski)
    Google Chrome (HKLM\...\{0F488B35-59E5-3DA0-80FA-55F3BE746A68}) (Version: 93.0.4577.82 - Google LLC)
    Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
    Honeyview (HKLM\...\Honeyview) (Version: 5.32 - Bandisoft.com)
    Image Resizer for Windows (64 bit) (HKLM\...\{6026BD89-5CCA-4A47-8012-08FDA0EF935A}) (Version: 3.1.2.0 - Brice Lambson) Hidden
    Image Resizer for Windows (HKLM-x32\...\{0903AF19-2041-4EBB-81CB-7A1506EC9868}) (Version: 3.1.2.0 - Brice Lambson) Hidden
    Image Resizer for Windows (HKLM-x32\...\{e798dcc8-a5a5-424e-9f9a-8148e824ab13}) (Version: 3.1.2.0 - Brice Lambson)
    Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
    Intel® PROSet/Wireless Software (HKLM-x32\...\{43534734-7770-4dce-8eda-5d51cefd98e5}) (Version: 21.40.5 - Intel Corporation)
    iTunes (HKLM\...\{0F55124A-C00E-4227-A543-19389E732653}) (Version: 12.10.10.2 - Apple Inc.)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
    Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation)
    MenuMaid 1.2 (HKLM-x32\...\MenuMaid) (Version: 1.2 - Sound Doctrine Ministries)
    Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
    Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla)
    MusicBee 3.3.7310 (HKLM-x32\...\MusicBee) (Version: 3.3.7310 - Steven Mayall)
    MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 7 - Notepad++ Team)
    NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
    OpenShot Video Editor version 2.5.0 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.0 - OpenShot Studios, LLC)
    paint.net (HKLM\...\{BAFF7E40-25F2-4681-95F1-9D0E8EF0ABA4}) (Version: 4.2.8 - dotPDN LLC)
    qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
    Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.2 Build 10 - Windscribe Limited)
    
    ========================= Devices: ================================
    
    Name: Generic Bluetooth Adapter
    Description: Generic Bluetooth Adapter
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: GenericAdapter
    Service: BTHUSB
    Device ID: USB\VID_8087&PID_0A2B\5&26670DD9&0&10
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
    
    Name: Ethernet Controller
    Description: Ethernet Controller
    Class Guid: 
    Manufacturer: 
    Service: 
    Device ID: PCI\VEN_8086&DEV_15B8&SUBSYS_E0001458&REV_31\3&11583659&0&FE
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
    
    Name: PCI Simple Communications Controller
    Description: PCI Simple Communications Controller
    Class Guid: 
    Manufacturer: 
    Service: 
    Device ID: PCI\VEN_8086&DEV_A13A&SUBSYS_1C3A1458&REV_31\3&11583659&0&B0
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
    
    
    ========================= Memory info: ===================================
    
    Percentage of memory in use: 23%
    Total physical RAM: 16339.94 MB
    Available physical RAM: 12434.52 MB
    Total Virtual: 32678.02 MB
    Available Virtual: 26579.87 MB
    
    ========================= Partitions: =====================================
    
    1 Drive c: (Windows 7) (Fixed) (Total:111.69 GB) (Free:29.01 GB) NTFS
    2 Drive d: (Windows 10) (Fixed) (Total:930.44 GB) (Free:220.56 GB) NTFS
    3 Drive e: (Storage) (Fixed) (Total:2794.39 GB) (Free:2162.36 GB) NTFS
    
    ========================= Users: ========================================
    
    User accounts for \\RICKIE-PC
    
    Administrator            Guest                    Rickie                   
    
    ========================= Minidump Files ==================================
    
    No minidump file found
    
    
    **** End of log ****
    
    

    I used Diff Checker to see there are plenty of differences but nothing I can fathom. (at least at this time of night.) So lemme know if you spot an issue! Cheers.


    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Start by uninstalling ExpressVPN.  Then search for 

    cmd

    and when it finds Command Prompt, right click on it and Run as Admin.

     

    Type (hit Enter after each line):

     

    (Instead of retyping you can copy (highlight and Ctrl + c) and paste (Ctrl+v) each line into the CMD window)

    netsh  winsock  reset  catalog
    netsh  int  ipv4  reset \reset.log
    netsh  int  ipv6  reset  reset2.log
     
    Reboot.
     
    Now let's check the system files:
     

    Search for 

    cmd

    and when it finds Command Prompt, right click on it and Run as Admin.

     

    Type (hit Enter after each line):

    DISM  /Online  /Cleanup-Image  /RestoreHealth
    This will take 20 minutes or so.  Be patient.
     
    When it finishes:
     
    Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
    sfc  /scannow
    This will also take a few minutes.  
     
    When it finishes it will say one of the following:
     
    Windows did not find any integrity violations (a good thing)
    Windows Resource Protection found corrupt files and repaired them (a good thing)
    Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
     
    If you get the last result then type:
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt 
     
     
    Hit Enter.  Then type::
    notepad %UserProfile%\desktop\junk.txt 
     
    Hit Enter. 
     
     Copy the text from notepad and paste it into a reply.
     
     
    After you finish SFC, regardless of the result:
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
     
    * Application
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button and wait.
    Notepad will open with the output log.
     
     
    Please copy and paste the Output log into your next reply 
     
    Get Process Explorer
     
     
    Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
    View and check Show Processes From All Users 
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
     
     
     
    Get the free version of Speccy:
     
     
    (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
    Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
    File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
    (It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
     
    First click on More Reply Options
    Then scroll down to where you see
    Choose File and click on it.  Point it at the file and hit Open.
    Now click on Attach this file.
     
     
     

    • 0

    #5
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

     

    Start by uninstalling ExpressVPN.  Then search for 

    cmd

    and when it finds Command Prompt, right click on it and Run as Admin.

     

    Type (hit Enter after each line):

     

    (Instead of retyping you can copy (highlight and Ctrl + c) and paste (Ctrl+v) each line into the CMD window)

    netsh  winsock  reset  catalog
    netsh  int  ipv4  reset \reset.log
    netsh  int  ipv6  reset  reset2.log
     
    Reboot.
     
    Now let's check the system files:
     

    Search for 

    cmd

    and when it finds Command Prompt, right click on it and Run as Admin.

     

    Type (hit Enter after each line):

    DISM  /Online  /Cleanup-Image  /RestoreHealth
    This will take 20 minutes or so.  Be patient.
     
    When it finishes:
     
    Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
    sfc  /scannow
    This will also take a few minutes.  
     
    When it finishes it will say one of the following:
     
    Windows did not find any integrity violations (a good thing)
    Windows Resource Protection found corrupt files and repaired them (a good thing)
    Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
     
    If you get the last result then type:
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt 
     
     
    Hit Enter.  Then type::
    notepad %UserProfile%\desktop\junk.txt 
     
    Hit Enter. 
     
     Copy the text from notepad and paste it into a reply.
     
     
    After you finish SFC, regardless of the result:
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
     
    * Application
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button and wait.
    Notepad will open with the output log.
     
     
    Please copy and paste the Output log into your next reply 
     
    Get Process Explorer
     
     
    Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
    View and check Show Processes From All Users 
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
     
     
     
    Get the free version of Speccy:
     
     
    (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
    Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
    File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
    (It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
     
    First click on More Reply Options
    Then scroll down to where you see
    Choose File and click on it.  Point it at the file and hit Open.
    Now click on Attach this file.
     
     
     

     

    Thank you for your further guidance. Results of scan were:

    Beginning verification phase of system scan.
    Verification 100% complete.
    
    Windows Resource Protection found corrupt files and successfully repaired them.
    

    VEW results were:

    Vino's Event Viewer v01c run on Windows 7 in English
    Report run at 29/12/2022 9:58:14 AM
    
    Note: All dates below are in the format dd/mm/yyyy
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 28/12/2022 10:27:31 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    Log: 'Application' Date/Time: 28/12/2022 10:27:31 PM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
    
    Log: 'Application' Date/Time: 28/12/2022 10:27:31 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    Log: 'Application' Date/Time: 28/12/2022 10:27:31 PM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
    
    Log: 'Application' Date/Time: 28/12/2022 10:27:31 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    Log: 'Application' Date/Time: 27/12/2022 12:19:02 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: MediaGo.exe, version: 2.2.0.223, time stamp: 0x500056cd Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x44223151 Faulting process ID: 0x2c68 Faulting application start time: 0x01d91980ed73dc8f Faulting application path: C:\Program Files (x86)\Sony\Media Go\MediaGo.exe Faulting module path: unknown Report ID: 8c8e9d72-4e63-4a20-8c5e-27856f6aaa97 Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 27/12/2022 12:19:00 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: MediaGo.exe, version: 2.2.0.223, time stamp: 0x500056cd Faulting module name: CddbLinkSMS.dll, version: 2.6.206.202, time stamp: 0x4bc51b14 Exception code: 0xc0000409 Fault offset: 0x0006ddb3 Faulting process ID: 0x2c68 Faulting application start time: 0x01d91980ed73dc8f Faulting application path: C:\Program Files (x86)\Sony\Media Go\MediaGo.exe Faulting module path: C:\Program Files (x86)\Sony\Media Go\CddbLinkSMS.dll Report ID: 04213d50-1045-4518-8148-f2a9f3f65d0c Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 26/12/2022 12:56:45 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: EASteamProxy.exe, version: 0.0.0.0, time stamp: 0x636c1a0d Faulting module name: IGO32.dll, version: 10.5.116.52126, time stamp: 0x636c1a38 Exception code: 0xc0000005 Fault offset: 0x0008d113 Faulting process ID: 0xc14 Faulting application start time: 0x01d918c4ecbb0819 Faulting application path: C:\Program Files (x86)\Origin\EASteamProxy.exe Faulting module path: C:\Program Files (x86)\Origin\IGO32.dll Report ID: 49029c22-9b75-4514-a2c4-98bb92d7dead Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 26/12/2022 12:56:45 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: EASteamProxy.exe, version: 0.0.0.0, time stamp: 0x636c1a0d Faulting module name: IGO32.dll, version: 10.5.116.52126, time stamp: 0x636c1a38 Exception code: 0xc0000005 Fault offset: 0x0008d113 Faulting process ID: 0xc14 Faulting application start time: 0x01d918c4ecbb0819 Faulting application path: C:\Program Files (x86)\Origin\EASteamProxy.exe Faulting module path: C:\Program Files (x86)\Origin\IGO32.dll Report ID: 141323c2-bea6-4ce6-baeb-19f15cd8783d Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 19/11/2022 2:57:35 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: gameinputsvc.exe, version: 0.2210.22621.1846, time stamp: 0x79ac3219 Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6 Exception code: 0xc0000374 Fault offset: 0x00000000000ff6a9 Faulting process ID: 0x11e0 Faulting application start time: 0x01d8fbc10db3aba8 Faulting application path: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report ID: e7ee6fae-ce9b-49e1-b367-340980521199 Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 16/11/2022 6:44:19 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a Faulting module name: msvcrt.dll, version: 7.0.19041.546, time stamp: 0x7f567a50 Exception code: 0xc0000005 Fault offset: 0x00086823 Faulting process ID: 0x2798 Faulting application start time: 0x01d8f983abba7ef4 Faulting application path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe Faulting module path: C:\WINDOWS\System32\msvcrt.dll Report ID: f37bc3c7-0d2d-4592-90a8-50f9f23ea6ba Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 16/11/2022 6:44:14 AM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a Faulting module name: GHWT_Definitive.exe, version: 1.0.1.25215, time stamp: 0x562b029a Exception code: 0xc00001a5 Fault offset: 0x00570498 Faulting process ID: 0x2798 Faulting application start time: 0x01d8f983abba7ef4 Faulting application path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe Faulting module path: C:\Program Files (x86)\Aspyr\Guitar Hero World Tour\GHWT_Definitive.exe Report ID: 85e04926-53d0-48c1-83d9-a0babf8447e8 Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 15/11/2022 12:14:31 PM
    Type: Error Category: 100
    Event: 1000 Source: Application Error
    Faulting application name: gameinputsvc.exe, version: 0.2210.22621.1846, time stamp: 0x79ac3219 Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6 Exception code: 0xc0000374 Fault offset: 0x00000000000ff6a9 Faulting process ID: 0xdc4 Faulting application start time: 0x01d8f8ebd0db3e5e Faulting application path: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report ID: 918662bb-2718-4a6c-8a94-96194dec5925 Faulting package full name:  Faulting package-relative application ID: 
    
    Log: 'Application' Date/Time: 14/11/2022 5:57:05 AM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid. . 
    
    Operation:
       Executing Asynchronous Operation
    
    Context:
       Current State: DoSnapshotSet
    
    Log: 'Application' Date/Time: 28/10/2022 11:23:37 PM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
    
    Log: 'Application' Date/Time: 28/10/2022 11:23:37 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    Log: 'Application' Date/Time: 28/10/2022 11:23:37 PM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
    
    Log: 'Application' Date/Time: 28/10/2022 11:23:37 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    Log: 'Application' Date/Time: 27/10/2022 1:43:48 PM
    Type: Error Category: 0
    Event: 8193 Source: VSS
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
    
    Log: 'Application' Date/Time: 27/10/2022 1:43:48 PM
    Type: Error Category: 0
    Event: 13 Source: VSS
    Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 28/12/2022 10:26:42 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe' (pid 5040) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files\Greenshot\Greenshot.exe' (pid 9588) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files\Greenshot\Greenshot.exe' (pid 9588) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe' (pid 3692) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 26/12/2022 11:21:56 PM
    Type: Warning Category: 0
    Event: 10010 Source: Microsoft-Windows-RestartManager
    Application 'C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe' (pid 9888) cannot be restarted - Application SID does not match Conductor SID..
    
    Log: 'Application' Date/Time: 25/12/2022 11:23:39 PM
    Type: Warning Category: 0
    Event: 8303 Source: Microsoft-Windows-System-Restore
    Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x800701B1.
    
    Log: 'Application' Date/Time: 25/12/2022 11:23:01 PM
    Type: Warning Category: 0
    Event: 8303 Source: Microsoft-Windows-System-Restore
    Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy4 with error 0x800701B1.
    
    Log: 'Application' Date/Time: 25/12/2022 11:22:24 PM
    Type: Warning Category: 0
    Event: 8303 Source: Microsoft-Windows-System-Restore
    Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3 with error 0x800701B1.
    
    Log: 'Application' Date/Time: 25/12/2022 11:21:13 PM
    Type: Warning Category: 7
    Event: 510 Source: ESENT
    wuaueng.dll (9764,D,0) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 24576 (0x0000000000006000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (25 seconds) to be serviced by the OS. In addition, 2 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 68 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
    
    Log: 'Application' Date/Time: 25/12/2022 11:20:05 PM
    Type: Warning Category: 7
    Event: 510 Source: ESENT
    wuaueng.dll (9764,D,0) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 12288 (0x0000000000003000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (45 seconds) to be serviced by the OS. In addition, 1 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 77 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 18/07/2021 8:40:39 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 28/12/2022 10:27:30 PM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}
    
    Log: 'System' Date/Time: 25/12/2022 11:23:39 PM
    Type: Error Category: 0
    Event: 36 Source: Volsnap
    The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    
    Log: 'System' Date/Time: 25/12/2022 11:21:45 PM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80073D02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Log: 'System' Date/Time: 25/12/2022 10:48:13 PM
    Type: Error Category: 0
    Event: 36 Source: Volsnap
    The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    
    Log: 'System' Date/Time: 25/12/2022 10:46:27 PM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    
    Log: 'System' Date/Time: 25/12/2022 10:46:27 PM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    
    Log: 'System' Date/Time: 19/11/2022 3:58:45 AM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
    
    Log: 'System' Date/Time: 19/11/2022 2:57:34 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    Log: 'System' Date/Time: 19/11/2022 2:57:34 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    Log: 'System' Date/Time: 17/11/2022 12:41:40 AM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80073D02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Log: 'System' Date/Time: 24/10/2022 8:42:24 AM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80073D02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Log: 'System' Date/Time: 20/10/2022 12:21:35 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    Log: 'System' Date/Time: 20/10/2022 12:21:34 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    Log: 'System' Date/Time: 18/10/2022 10:35:41 PM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
    
    Log: 'System' Date/Time: 16/10/2022 10:01:31 AM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80073D02: 9NMPJ99VJBWV-Microsoft.YourPhone.
    
    Log: 'System' Date/Time: 14/10/2022 10:09:38 AM
    Type: Error Category: 100
    Event: 30 Source: Microsoft-Windows-Eventlog
    The event logging service encountered an error (5) while enabling publisher {a70ff94f-570b-4979-ba5c-e59c9feab61b} to channel Microsoft-Windows-WinINet/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
    
    Log: 'System' Date/Time: 13/10/2022 12:28:05 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    
    Log: 'System' Date/Time: 13/10/2022 12:28:05 AM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    
    Log: 'System' Date/Time: 28/09/2022 9:23:04 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    Log: 'System' Date/Time: 28/09/2022 9:23:04 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE}
    
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 28/12/2022 10:55:36 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscDataProtection  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:55:36 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.SecurityAppBroker  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:55:36 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscBrokerManager  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:53:53 PM
    Type: Warning Category: 0
    Event: 2 Source: HidBth
    Bluetooth HID device  either went out of range or became unresponsive.
    
    Log: 'System' Date/Time: 28/12/2022 10:53:28 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:53:28 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:53:21 PM
    Type: Warning Category: 0
    Event: 27 Source: e1dexpress
    Intel(R) Ethernet Connection (2) I219-V  Network link is disconnected. 
    
    Log: 'System' Date/Time: 28/12/2022 10:53:00 PM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter06.dll 
    
    Log: 'System' Date/Time: 28/12/2022 10:48:48 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name cs.dds.microsoft.com timed out after none of the configured DNS servers responded.
    
    Log: 'System' Date/Time: 28/12/2022 10:40:00 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DESKTOP-F4EHQPK\Rickie SID (S-1-5-21-1237310496-462809732-3686466005-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:40:00 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DESKTOP-F4EHQPK\Rickie SID (S-1-5-21-1237310496-462809732-3686466005-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:38:17 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name fe2cr.update.microsoft.com timed out after none of the configured DNS servers responded.
    
    Log: 'System' Date/Time: 28/12/2022 10:30:07 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscDataProtection  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:30:07 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscBrokerManager  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:30:07 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.SecurityAppBroker  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:28:25 PM
    Type: Warning Category: 0
    Event: 2 Source: HidBth
    Bluetooth HID device  either went out of range or became unresponsive.
    
    Log: 'System' Date/Time: 28/12/2022 10:28:01 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:28:01 PM
    Type: Warning Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    
    Log: 'System' Date/Time: 28/12/2022 10:27:54 PM
    Type: Warning Category: 0
    Event: 27 Source: e1dexpress
    Intel(R) Ethernet Connection (2) I219-V  Network link is disconnected. 
    
    Log: 'System' Date/Time: 28/12/2022 10:27:32 PM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter06.dll 
    
    
    

    Process Explorer results:

    Process	CPU	Private Bytes	Working Set	PID	Description	Company Name	Verified Signer
    AnyDesk.exe		20,648 K	29,368 K	4440	AnyDesk	AnyDesk Software GmbH	(Verified) philandro Software GmbH
    armsvc.exe		1,788 K	6,476 K	4452	Adobe Acrobat Update Service	Adobe Inc.	(Verified) Adobe Inc.
    audiodg.exe		9,008 K	15,288 K	11756	Windows Audio Device Graph Isolation 	Microsoft Corporation	(Verified) Microsoft Windows
    brave.exe		2,060 K	7,352 K	5780	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		33,348 K	70,300 K	10296	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		21,068 K	59,044 K	6636	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		21,468 K	46,580 K	10368	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		18,500 K	52,496 K	10928	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		14,792 K	30,696 K	11532	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		9,060 K	20,540 K	1508	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		23,604 K	53,172 K	10248	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    brave.exe		19,608 K	51,704 K	10272	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    cmd.exe		3,372 K	4,488 K	11976	Windows Command Processor	Microsoft Corporation	(Verified) Microsoft Windows
    conhost.exe		6,288 K	10,248 K	4304	Console Window Host	Microsoft Corporation	(Verified) Microsoft Windows
    conhost.exe		6,376 K	1,676 K	8892	Console Window Host	Microsoft Corporation	(Verified) Microsoft Windows
    conhost.exe		7,572 K	19,696 K	11984	Console Window Host	Microsoft Corporation	(Verified) Microsoft Windows
    dasHost.exe		1,224 K	5,612 K	2404	Device Association Framework Provider Host	Microsoft Corporation	(Verified) Microsoft Windows
    DisplayLinkTrayApp.exe		1,916 K	8,912 K	2988	DisplayLinkUI Sys-Tray Application	DisplayLink Corp.	(Verified) DISPLAYLINK (UK) LIMITED
    dllhost.exe		3,844 K	12,456 K	11000	COM Surrogate	Microsoft Corporation	(Verified) Microsoft Windows
    fontdrvhost.exe		1,876 K	4,136 K	628	Usermode Font Driver Host	Microsoft Corporation	(Verified) Microsoft Windows
    gameinputsvc.exe		1,184 K	5,600 K	4460	GameInput Host Service	Microsoft Corporation	(Verified) Microsoft Corporation
    gamingservices.exe		7,972 K	30,380 K	6132	GamingServices	Microsoft Corporation	(Verified) Microsoft Corporation
    gamingservicesnet.exe		1,192 K	5,552 K	6140	GamingServices	Microsoft Corporation	(Verified) Microsoft Corporation
    Greenshot.exe		32,248 K	43,528 K	5812	Greenshot	Greenshot	(Verified) Open Source Developer, Robin Krom
    ijplmsvc.exe		1,276 K	6,636 K	4636	Inkjet Printer/Scanner/Fax Extended Survey Program Service		(Verified) Canon Inc.
    LockApp.exe	Suspended	33,816 K	54,076 K	7944	LockApp.exe	Microsoft Corporation	(Verified) Microsoft Windows
    Memory Compression		40 K	0 K	2292			
    NisSrv.exe		5,520 K	12,712 K	9828			
    nvcontainer.exe		38,248 K	52,760 K	6608	NVIDIA Container	NVIDIA Corporation	(Verified) Nvidia Corporation
    NVDisplay.Container.exe		5,328 K	19,020 K	1964	NVIDIA Container	NVIDIA Corporation	(Verified) Nvidia Corporation
    procexp.exe		4,492 K	12,512 K	5108	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com	(Verified) Microsoft Corporation
    Registry		9,624 K	95,120 K	108			
    RtkAudUService64.exe		2,668 K	10,404 K	4660	Realtek HD Audio Universal Service	Realtek Semiconductor	(Verified) Realtek Semiconductor Corp.
    RtkAudUService64.exe		2,128 K	9,196 K	9532	Realtek HD Audio Universal Service	Realtek Semiconductor	(Verified) Realtek Semiconductor Corp.
    rundll32.exe		1,684 K	7,648 K	5736	Windows host process (Rundll32)	Microsoft Corporation	(Verified) Microsoft Windows
    RuntimeBroker.exe		3,248 K	18,228 K	7440	Runtime Broker	Microsoft Corporation	(Verified) Microsoft Windows
    RuntimeBroker.exe		2,840 K	14,504 K	4408	Runtime Broker	Microsoft Corporation	(Verified) Microsoft Windows
    RuntimeBroker.exe		5,476 K	24,288 K	8884	Runtime Broker	Microsoft Corporation	(Verified) Microsoft Windows
    RuntimeBroker.exe		4,076 K	18,232 K	11152	Runtime Broker	Microsoft Corporation	(Verified) Microsoft Windows
    RuntimeBroker.exe		12,128 K	39,120 K	8528	Runtime Broker	Microsoft Corporation	(Verified) Microsoft Windows
    ScpService.exe		19,700 K	24,512 K	4468	ScpService	Scarlet.Crush Productions	(No signature was present in the subject) Scarlet.Crush Productions
    SearchApp.exe	Suspended	133,996 K	185,908 K	8308	Search application	Microsoft Corporation	(Verified) Microsoft Windows
    SearchIndexer.exe		32,284 K	32,596 K	9892	Microsoft Windows Search Indexer	Microsoft Corporation	(Verified) Microsoft Windows
    SecurityHealthService.exe		4,384 K	15,256 K	7524			
    SecurityHealthSystray.exe		1,880 K	9,552 K	9940	Windows Security notification icon	Microsoft Corporation	(Verified) Microsoft Windows
    services.exe		6,180 K	14,188 K	944			
    SgrmBroker.exe		4,268 K	7,144 K	5128			
    sihost.exe		5,660 K	26,840 K	1096	Shell Infrastructure Host	Microsoft Corporation	(Verified) Microsoft Windows
    smartscreen.exe		10,048 K	27,448 K	8420	Windows Defender SmartScreen	Microsoft Corporation	(Verified) Microsoft Windows
    smss.exe		1,144 K	1,256 K	396			
    spoolsv.exe		6,416 K	18,016 K	4008	Spooler SubSystem App	Microsoft Corporation	(Verified) Microsoft Windows
    StartMenuExperienceHost.exe		21,672 K	65,292 K	6336			(Verified) Microsoft Windows
    svchost.exe		1,944 K	7,892 K	1188	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,912 K	11,272 K	1296	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,764 K	6,692 K	1512	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,368 K	6,056 K	1692	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,976 K	7,864 K	2200	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,820 K	9,032 K	2344	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,120 K	8,148 K	2352	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,340 K	7,900 K	2848	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,556 K	7,436 K	2956	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,344 K	5,932 K	4696	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,672 K	7,048 K	4756	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,352 K	5,740 K	4880	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,312 K	10,336 K	7016	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,136 K	4,596 K	2192	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,432 K	5,752 K	7864	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,404 K	6,500 K	11656	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,684 K	7,416 K	7932	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,452 K	5,980 K	7092	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,332 K	11,096 K	748	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,192 K	17,144 K	4540	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		11,012 K	20,208 K	5964			
    svchost.exe		2,796 K	13,268 K	3952	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,792 K	10,112 K	1824	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,488 K	11,312 K	4552	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,732 K	11,252 K	7420	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,060 K	12,056 K	1328	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,488 K	16,232 K	7336	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,076 K	8,996 K	4624	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		6,944 K	16,148 K	1536	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,428 K	14,364 K	1632	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,148 K	8,224 K	1292	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,268 K	10,028 K	1400	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,824 K	7,000 K	3252	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		1,908 K	8,192 K	6284	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,384 K	15,868 K	3804	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,832 K	10,632 K	936			
    svchost.exe		3,104 K	13,164 K	1468	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,904 K	10,648 K	4420	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,124 K	7,956 K	1104	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,036 K	8,636 K	2264	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		7,876 K	33,700 K	3180	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,272 K	9,128 K	7048	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		11,708 K	21,260 K	2644	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		48,520 K	26,368 K	8040	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,176 K	7,820 K	4600	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,388 K	19,768 K	8656	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,560 K	11,596 K	1308	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,816 K	21,672 K	4728	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,784 K	10,612 K	1316	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,148 K	7,588 K	3696	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,496 K	8,988 K	6896	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,356 K	10,632 K	3244	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		8,248 K	13,460 K	4412	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		3,856 K	8,176 K	1768	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		6,156 K	19,632 K	3864	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,832 K	12,728 K	1972	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,776 K	8,300 K	4532	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,316 K	7,648 K	1856	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,816 K	8,248 K	3260	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		10,420 K	19,428 K	3144	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		20,244 K	23,412 K	1460	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,660 K	8,672 K	1048	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		10,096 K	27,392 K	616	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,548 K	9,472 K	4896	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,172 K	8,604 K	3624	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		4,340 K	13,576 K	1580	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		8,480 K	30,812 K	3084	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		5,492 K	19,016 K	6720	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe		2,720 K	14,068 K	1696	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    taskhostw.exe		4,568 K	6,976 K	9128	Host Process for Windows Tasks	Microsoft Corporation	(Verified) Microsoft Windows
    taskhostw.exe		4,900 K	13,824 K	3408	Host Process for Windows Tasks	Microsoft Corporation	(Verified) Microsoft Windows
    wininit.exe		1,692 K	7,308 K	728			
    winlogon.exe		2,696 K	12,292 K	836	Windows Log-on Application	Microsoft Corporation	(Verified) Microsoft Windows
    wlanext.exe		1,596 K	7,976 K	4288	Windows Wireless LAN 802.11 Extensibility Framework	Microsoft Corporation	(Verified) Microsoft Windows
    WmiPrvSE.exe		2,688 K	9,384 K	2780	WMI Provider Host	Microsoft Corporation	(Verified) Microsoft Windows
    WmiPrvSE.exe		8,156 K	15,352 K	4016	WMI Provider Host	Microsoft Corporation	(Verified) Microsoft Windows
    svchost.exe	< 0.01	3,836 K	13,896 K	5272	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    NVIDIA Web Helper.exe	< 0.01	36,700 K	6,060 K	2388	NVIDIA Web Helper Service	Node.js	(Verified) Nvidia Corporation
    csrss.exe	< 0.01	2,396 K	5,888 K	640			
    svchost.exe	< 0.01	1,536 K	6,344 K	2888	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    lsass.exe	< 0.01	7,488 K	20,624 K	956	Local Security Authority Process	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe	< 0.01	4,000 K	23,536 K	6208	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    svchost.exe	< 0.01	1,856 K	8,248 K	3756	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    fontdrvhost.exe	< 0.01	4,140 K	18,564 K	8	Usermode Font Driver Host	Microsoft Corporation	(Verified) Microsoft Windows
    svchost.exe	< 0.01	4,432 K	10,856 K	2156	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    NVDisplay.Container.exe	< 0.01	36,104 K	52,248 K	2636	NVIDIA Container	NVIDIA Corporation	(Verified) Nvidia Corporation
    brave.exe	< 0.01	15,652 K	41,800 K	9320	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    AppleMobileDeviceService.exe	< 0.01	3,404 K	13,072 K	4432	MobileDeviceService	Apple Inc.	(Verified) Apple Inc.
    PhoneExperienceHost.exe	< 0.01	87,716 K	146,128 K	10104	Microsoft Phone Link	Microsoft Corporation	(Verified) Microsoft Corporation
    brave.exe	< 0.01	23,356 K	57,820 K	11008	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    OriginWebHelperService.exe	< 0.01	5,444 K	14,248 K	4832	OriginWebHelperService	Electronic Arts	(Verified) Electronic Arts, Inc.
    nvcontainer.exe	< 0.01	12,448 K	39,648 K	4688	NVIDIA Container	NVIDIA Corporation	(Verified) Nvidia Corporation
    svchost.exe	< 0.01	7,060 K	15,460 K	2500	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    brave.exe	< 0.01	96,896 K	157,864 K	8212	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    svchost.exe	< 0.01	7,004 K	14,760 K	988	Host Process for Windows Services	Microsoft Corporation	(Verified) Microsoft Windows Publisher
    TextInputHost.exe	< 0.01	32,340 K	52,220 K	10684		Microsoft Corporation	(Verified) Microsoft Windows
    brave.exe	< 0.01	184,232 K	113,780 K	8184	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    System	< 0.01	200 K	1,736 K	4			
    brave.exe	< 0.01	220,320 K	278,728 K	4928	Brave Browser	Brave Software, Inc.	(Verified) Brave Software, Inc.
    gameinputsvc.exe	< 0.01	3,556 K	17,984 K	4888	GameInput Host Service	Microsoft Corporation	(Verified) Microsoft Corporation
    ctfmon.exe	0.38	4,144 K	20,724 K	3856	CTF Loader	Microsoft Corporation	(Verified) Microsoft Windows
    explorer.exe	0.76	105,860 K	151,036 K	6396	Windows Explorer	Microsoft Corporation	(Verified) Microsoft Windows
    Interrupts	0.76	0 K	0 K	n/a	Hardware Interrupts and DPCs		
    MsMpEng.exe	0.76	234,532 K	209,912 K	4840			
    csrss.exe	1.14	3,396 K	5,616 K	736			
    dwm.exe	1.90	69,072 K	55,532 K	1116	Desktop Window Manager	Microsoft Corporation	(Verified) Microsoft Windows
    procexp64.exe	4.94	58,616 K	78,756 K	8080	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com	(Verified) Microsoft Corporation
    System Idle Process	89.65	60 K	8 K	0			
    
    
    

    And now I know how to attach files...duh. Will do that next time perhaps instead of these really long posts. Sorry. Anyway, speccy results attached. (I already had speccy.)

    Attached Files


    Edited by Rickie, 28 December 2022 - 05:07 PM.

    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Make sure the browser does not run in the background.  Click on the three dashes in the upper right and select Settings.  Scroll down to System and turn off Continue Running Background Apps when Brave is closed.

     

    One other thing to look at is extensions you may have added to your browser.  I don't have any visibility into what you have installed.  Click on the three dashes in the upper right and select Extensions.  What do you have there?  You can disable them to test if they have any effect.  Restart the browser after disabling.

     

    I see you have Anydesk running.  This is remote control software.  Did you install it?  Do you really need it?

     

    Search for

    device manager

    hit Enter

     

    Scroll down to Network Adapters.  Click on the arrow in front to open it up.

     

    Find your Intel Dual Band Wireless-AC 8260 adapter and then right click and select Properties.  Click on the Power Management tab.  Uncheck the box where it says:

     

    Allow the computer to turn off this device to save power

     

    OK.

     

    Repeat for your Ethernet adapter.  (Intel® Ethernet Connection (2) I219-V).

     

    Close Device Manager

     

    Search for

    cmd

    and when it finds it right click and Run as Admin.

     

    Type:

    ping -t google.com

    This will continually ping google.com and report back if it gets a reply or not.  If your connection drops you will get one or more no replies.  You can minimize the window and work on something else.  To stop it you can hit Ctrl + c and it will report if you had any lost or not:

     

    Ping statistics for 142.250.217.206:
        Packets: Sent = 226, Received = 226, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 24ms, Maximum = 447ms, Average = 63ms
    Control-C
    ^C

     

     

    Do you still have the problem?


    • 0

    #7
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Not a browser thing. Only just installed Brave and yeah, I never let my browsers run in the background. I did uninstall AnyDesk though. Don't need it any more.

     

    Did the power management things. Maybe that'll do the trick, thank you. Ran the ping test for a few hours with no issues...so maybe I'm good now. Shall report back if otherwise.


    • 0

    #8
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Getting this issue randomly today. Very annoying. All sites. Still connected though.

    Attached Thumbnails

    • 2022-12-31 10_43_02-Window.png

    • 0

    #9
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Didn't help. Still happens randomly.


    • 0

    #10
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Didn't work. Still getting these issues constantly. This DNS issue is worse than the disconnect issue I had to begin with..


    • 0

    #11
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Yeah.

     

    Discord and a chat site I use continue to run, albeit slowly and incomplete but anything else, regardless of browser, will refuse to load. Very frustrating.


    • 0

    #12
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Same as original issue though, in that it'll fix itself after awhile then have the issue again. No other devices are affected, still just this one desktop.


    • 0

    #13
    Rickie

    Rickie

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 113 posts

    Yeah, no luck.


    • 0






    Similar Topics


    Also tagged with one or more of these keywords: windows 10, wireless, ethernet, usb, disconnect

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP