Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Two computers different download speeds


  • Please log in to reply

#16
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

That's the miniToolBox log.  You should have a FRST.txt file in the same folder where you found addition.txt.  Apparently you ran it from a temp folder:

 

C:\Users\naythan\AppData\Local\Temp\scoped_dir9816_1651180069

 

so that's where frst.txt should be.

 

I've been in to that folder manually as using the file name above doesn't  produce any results via the search box, and the Minitoolbox files are not there, hence I am copying Toolbox scan results directly from Notepad when they pop up. I will do another scan and try and find out why. 


  • 0

Advertisements


#17
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

I've just run two scans as Admin with all boxes checked and the only post scan result it is giving me is the Minitoolbox log.


  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

If you don't pause your antivirus the antivirus will often eat your logs.  Also you are running FRST from a funny place.  Try downloading it again and SAVE it somewhere like your desktop or the downloads folder.  Remember to pause the antivirus when downloading or running.


  • 0

#19
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

OLd fart end user was the problem. Apologies. 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2021
Ran by naythan (administrator) on ADRI (HP HP Laptop 17-ak0xx) (28-03-2021 12:30:22)
Running from C:\Users\naythan\Downloads
Loaded Profiles: naythan
Platform: Windows 10 Home Version 20H2 19042.870 (X64) Language: Spanish (Spain, International Sort) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(GridinSoft, LLC -> Gridinsoft LLC) C:\Program Files\GridinSoft Anti-Malware\gsam.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\naythan\AppData\Local\Programs\Opera\75.0.3969.93\opera.exe <17>
(Opera Software AS -> Opera Software) C:\Users\naythan\AppData\Local\Programs\Opera\75.0.3969.93\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\naythan\AppData\Local\WhatsApp\app-2.2110.10\WhatsApp.exe <7>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3666536 2018-03-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235048 2017-10-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP Inc. -> HP)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4233224404-3565021421-2347005065-1001\...\Run: [Opera Browser Assistant] => C:\Users\naythan\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-02-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4233224404-3565021421-2347005065-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4233224404-3565021421-2347005065-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4233224404-3565021421-2347005065-1001\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe [42063440 2018-04-09] (FINAREA AG -> VoipConnect)
HKU\S-1-5-21-4233224404-3565021421-2347005065-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-18] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {001F943F-74C7-4783-824C-8AE620F48431} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {089E2757-026B-4757-827D-1972BE7C28B7} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [25119496 2021-03-23] (GridinSoft, LLC -> Gridinsoft LLC)
Task: {0CF6DC74-7775-4E82-A8B8-D89940366B12} - System32\Tasks\HPCeeScheduleFornaythan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {10BDA5AE-494E-4ABF-95C4-0820B316D3A4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 3b69aa6b-7070-45cd-9684-39c1c3cb628a => C:\Users\naythan\Documents\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Users\naythan\Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" /TASK:3b69aa6b-7070-45cd-9684-39c1c3cb628a
Task: {17D4BAE5-EB38-4108-87FF-02556A315934} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {29E4FE0F-3E3A-4468-80E1-B44B056B95E3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {2A66D450-F8BA-4C25-B057-3039823DAB5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DB95E6F-353A-489B-A57C-1062E1B138E1} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {352343CA-E3CE-4764-B018-242A0150A2AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {440A8EB7-1A57-4BA9-9E8C-CB4D21D656A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C28F673-FAE7-4B75-A270-552047CBF4E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E97F8E5-F783-49FD-9EF3-210CC5E167D2} - System32\Tasks\SUPERAntiSpyware Scheduled Task aa25120d-43d0-47ca-a714-add509380a3f => C:\Users\naythan\Documents\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Users\naythan\Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" /TASK:aa25120d-43d0-47ca-a714-add509380a3f
Task: {54B7F658-1266-4489-9A3E-A89B868F27C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {5D01C5A9-4FE9-4838-8DCD-85D03E0880D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72FDA6E8-21AD-498A-AD74-4D5B84879F17} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {75D3AB71-EA3C-4550-B3AF-A3E88E5479DF} - System32\Tasks\Opera scheduled assistant Autoupdate 1613301703 => C:\Users\naythan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-03-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\naythan\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9D8E2E78-4210-4A59-A56A-47A719847496} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-02-20] (Google Inc -> Google LLC)
Task: {9E013F71-1B6A-421D-8F4A-7B3CF7243DD1} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A8F99564-4BA8-4F76-8BED-99A5021D4689} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {C904D5DE-DBF1-4335-ADED-27EF52B500F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {CDBACD52-9B00-4D51-97DC-42FFF57CD367} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {DDF4A371-D0DF-418B-BAA4-B2C8F1869EA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-02-20] (Google Inc -> Google LLC)
Task: {E1559924-D538-4438-B610-4302F23849EE} - System32\Tasks\Opera scheduled Autoupdate 1613301692 => C:\Users\naythan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-03-23] (Opera Software AS -> Opera Software)
Task: {E9601611-2762-4C6B-B8F5-2DF7C703BE62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {EF3AB84E-7AED-4014-B4E5-211A571FCCC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {F54653A6-EC6F-4078-BA28-62881D564B0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFornaythan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3b69aa6b-7070-45cd-9684-39c1c3cb628a.job => C:\Users\naythan\Documents\SUPERAntiSpyware\SASTask.exe C:\Users\naythan\Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task aa25120d-43d0-47ca-a714-add509380a3f.job => C:\Users\naythan\Documents\SUPERAntiSpyware\SASTask.exe C:\Users\naythan\Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5204e5-dbff-46b7-a471-11dbaf4cc168}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{90bd0ecd-7157-4388-94bb-00acc4836769}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Profile: C:\Users\naythan\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-27]
 
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
 
Opera: 
=======
OPR Profile: C:\Users\naythan\AppData\Roaming\Opera Software\Opera Stable [2021-03-28]
OPR Notifications: Opera Stable -> hxxps://web.whatsapp.com; hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Browsec VPN - Free VPN for Opera) - C:\Users\naythan\AppData\Roaming\Opera Software\Opera Stable\Extensions\dknfpcdpbkjijldegonllfnnfhabjpde [2021-03-09]
OPR Extension: (Rich Hints Agent) - C:\Users\naythan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]
OPR Extension: (Chrome Media Router) - C:\Users\naythan\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-02-16]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [51224 2017-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2021-02-20] (GridinSoft, LLC -> GridinSoft LLC)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [603072 2020-09-18] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107968 2020-09-18] (McAfee, Inc. -> McAfee LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2021-02-20] (GridinSoft, LLC -> GridinSoft LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
U3 aspnet_state; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-28 12:30 - 2021-03-28 12:32 - 000018903 _____ C:\Users\naythan\Downloads\FRST.txt
2021-03-28 12:30 - 2021-03-28 12:30 - 000001015 _____ C:\Users\naythan\Desktop\FRST64.exe - Shortcut.lnk
2021-03-28 10:00 - 2021-03-28 10:00 - 000031208 _____ C:\Users\naythan\Desktop\MTB.txt
2021-03-27 10:24 - 2021-03-28 12:31 - 000000000 ____D C:\FRST
2021-03-27 10:23 - 2021-03-27 10:23 - 002300928 _____ (Farbar) C:\Users\naythan\Downloads\FRST64.exe
2021-03-26 15:36 - 2021-03-25 12:15 - 005147120 _____ C:\Users\naythan\Documents\Install_Win10_10047_03192021.exe
2021-03-26 13:34 - 2021-03-26 13:34 - 004953651 _____ C:\Users\naythan\Downloads\Install_Win10_10047_03192021.zip
2021-03-26 09:37 - 2021-03-26 09:37 - 000001128 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2021-03-26 09:23 - 2021-03-26 09:23 - 101839280 _____ (AO Kaspersky Lab) C:\Users\naythan\Desktop\kvrt (1).exe
2021-03-26 09:18 - 2021-03-26 09:18 - 008534696 _____ (Malwarebytes) C:\Users\naythan\Downloads\adwcleaner_8.2.exe
2021-03-26 07:49 - 2021-03-26 07:49 - 000892416 _____ (Farbar) C:\Users\naythan\Desktop\MiniToolBox.exe
2021-03-25 13:34 - 2021-03-25 13:34 - 000000000 ___HD C:\ProgramData\temp
2021-03-24 19:19 - 2021-03-24 19:19 - 000000000 ____D C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.2.1
2021-03-23 13:24 - 2021-03-23 13:24 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-23 09:58 - 2021-03-27 11:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-20 04:56 - 2021-03-22 10:00 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleFornaythan.job
2021-03-20 04:56 - 2021-03-20 04:56 - 000003250 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFornaythan
2021-03-19 12:30 - 2021-03-19 12:30 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-19 09:36 - 2021-03-19 09:36 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-19 09:27 - 2021-03-19 09:27 - 000000020 ___SH C:\Users\naythan\ntuser.ini
2021-03-19 09:24 - 2021-03-28 12:34 - 000003356 _____ C:\WINDOWS\system32\Tasks\GridinSoft Anti-Malware
2021-03-19 09:24 - 2021-03-27 11:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-19 09:24 - 2021-03-26 18:55 - 000004156 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1613301692
2021-03-19 09:24 - 2021-03-25 13:37 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-19 09:24 - 2021-03-19 09:25 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-19 09:24 - 2021-03-19 09:25 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-19 09:24 - 2021-03-19 09:25 - 000003150 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task aa25120d-43d0-47ca-a714-add509380a3f
2021-03-19 09:24 - 2021-03-19 09:24 - 000003784 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1613301703
2021-03-19 09:24 - 2021-03-19 09:24 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-19 09:24 - 2021-03-19 09:24 - 000003408 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 3b69aa6b-7070-45cd-9684-39c1c3cb628a
2021-03-19 09:24 - 2021-03-19 09:24 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-19 09:24 - 2021-03-19 09:24 - 000003324 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-19 09:24 - 2021-03-19 09:24 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4233224404-3565021421-2347005065-1001
2021-03-19 09:24 - 2021-03-19 09:24 - 000002772 _____ C:\WINDOWS\system32\Tasks\DivXUpdate
2021-03-19 09:24 - 2021-03-19 09:24 - 000002500 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2021-03-19 09:24 - 2021-03-19 09:24 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-19 09:24 - 2021-03-19 09:24 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-03-19 09:24 - 2021-03-19 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2021-03-19 09:24 - 2021-03-19 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-03-19 09:24 - 2021-03-19 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-03-19 09:22 - 2021-03-19 09:24 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-19 09:22 - 2021-03-19 09:24 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-19 09:11 - 2021-03-19 12:05 - 001841200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-19 08:57 - 2021-03-19 09:27 - 000000000 ____D C:\Users\naythan
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Reciente
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Plantillas
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Mis documentos
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Menú Inicio
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Impresoras
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Entorno de red
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Documents\Mis vídeos
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Documents\Mis imágenes
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Documents\Mi música
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Datos de programa
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\Configuración local
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\AppData\Local\Historial
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\AppData\Local\Datos de programa
2021-03-19 08:57 - 2021-03-19 08:57 - 000000000 _SHDL C:\Users\naythan\AppData\Local\Archivos temporales de Internet
2021-03-19 08:57 - 2019-12-07 11:10 - 000001105 _____ C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-19 08:56 - 2021-03-19 08:56 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Control.lnk
2021-03-19 08:56 - 2021-03-19 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2021-03-19 08:56 - 2021-03-19 08:56 - 000000000 ____D C:\Program Files (x86)\AMD
2021-03-19 08:49 - 2021-03-28 12:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-19 08:49 - 2021-03-27 11:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-19 08:49 - 2021-03-25 13:27 - 000535864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-19 08:48 - 2021-03-19 09:26 - 000000000 ____D C:\Windows.old
2021-03-19 08:41 - 2021-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-19 08:35 - 2021-03-19 08:40 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-19 08:35 - 2021-03-19 08:35 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-19 08:30 - 2021-03-19 08:30 - 000000000 ____D C:\ProgramData\ssh
2021-03-19 08:19 - 2021-03-19 08:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-19 08:19 - 2021-03-19 08:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-19 08:19 - 2021-03-19 08:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-19 08:19 - 2021-03-19 08:19 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-19 08:19 - 2021-03-19 08:19 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-19 08:19 - 2021-03-19 08:19 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-19 08:18 - 2021-03-19 08:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-19 08:18 - 2021-03-19 08:18 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-19 08:18 - 2021-03-19 08:18 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-19 08:18 - 2021-03-19 08:18 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-19 08:18 - 2021-03-19 08:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-19 08:18 - 2021-03-19 08:18 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-19 08:18 - 2021-03-19 08:18 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-19 08:18 - 2021-03-19 08:18 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-19 08:18 - 2021-03-19 08:18 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-19 08:18 - 2021-03-19 08:18 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-19 08:18 - 2021-03-19 08:18 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-19 08:17 - 2021-03-19 08:17 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-19 08:17 - 2021-03-19 08:17 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-19 08:17 - 2021-03-19 08:17 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-19 08:17 - 2021-03-19 08:17 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-19 08:17 - 2021-03-19 08:17 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-19 08:17 - 2021-03-19 08:17 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-19 08:17 - 2021-03-19 08:17 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-19 08:17 - 2021-03-19 08:17 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-19 08:17 - 2021-03-19 08:17 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-19 08:17 - 2021-03-19 08:17 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-19 08:17 - 2021-03-19 08:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-19 08:16 - 2021-03-19 08:16 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-19 08:16 - 2021-03-19 08:16 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-19 08:16 - 2021-03-19 08:16 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-19 08:16 - 2021-03-19 08:16 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-19 08:16 - 2021-03-19 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-19 08:16 - 2021-03-19 08:16 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-19 08:15 - 2021-03-19 08:15 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-19 08:15 - 2021-03-19 08:15 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-19 08:15 - 2021-03-19 08:15 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-19 08:15 - 2021-03-19 08:15 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-19 08:15 - 2021-03-19 08:15 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-19 08:15 - 2021-03-19 08:15 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-19 08:15 - 2021-03-19 08:15 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-19 08:15 - 2021-03-19 08:15 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-19 08:15 - 2021-03-19 08:15 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-19 08:15 - 2021-03-19 08:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-19 08:15 - 2021-03-19 08:15 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-19 08:15 - 2021-03-19 08:15 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-19 08:14 - 2021-03-19 08:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-19 08:14 - 2021-03-19 08:14 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-19 08:14 - 2021-03-19 08:14 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-19 08:13 - 2021-03-19 08:13 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-19 08:13 - 2021-03-19 08:13 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-19 08:13 - 2021-03-19 08:13 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-19 08:13 - 2021-03-19 08:13 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-19 08:13 - 2021-03-19 08:13 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-19 08:13 - 2021-03-19 08:13 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-19 07:57 - 2021-03-19 07:57 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-03-19 07:57 - 2021-03-19 07:57 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-03-19 07:43 - 2021-03-19 08:48 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-19 07:43 - 2021-03-19 07:43 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-19 07:43 - 2021-03-19 07:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-19 07:43 - 2021-03-19 07:43 - 000000000 ____D C:\Program Files\MSBuild
2021-03-19 07:43 - 2021-03-19 07:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-18 20:25 - 2021-03-19 12:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-17 14:22 - 2021-03-17 14:22 - 000000000 ____D C:\Users\Public\CyberLink
2021-03-16 13:45 - 2021-03-16 16:18 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task aa25120d-43d0-47ca-a714-add509380a3f.job
2021-03-16 13:45 - 2021-03-16 16:18 - 000000564 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3b69aa6b-7070-45cd-9684-39c1c3cb628a.job
2021-03-16 13:36 - 2021-03-16 13:37 - 101405104 _____ (AO Kaspersky Lab) C:\Users\naythan\Downloads\kvrt (1).exe
2021-03-16 13:33 - 2021-03-16 13:33 - 019271680 _____ C:\Users\naythan\Downloads\d55624ce-43da-45b5-882d-41320419b682.tmp
2021-03-16 13:32 - 2021-03-16 13:33 - 101405104 _____ (AO Kaspersky Lab) C:\Users\naythan\Downloads\b809f212-612b-4be4-9f52-38a5fc5e027b.tmp
2021-03-16 13:26 - 2021-03-16 13:26 - 008463216 _____ (Malwarebytes) C:\Users\naythan\Downloads\adwcleaner_8.1.exe
2021-03-14 22:32 - 2021-03-14 22:32 - 000124935 _____ C:\Users\naythan\Desktop\WhatsApp Image 2021-03-14 at 17.29.54.jpeg
2021-03-14 21:05 - 2021-03-14 21:05 - 000002752 _____ C:\Users\naythan\Desktop\Microsoft Word 2010.lnk
2021-03-14 20:41 - 2021-03-14 20:42 - 520342267 _____ C:\Users\naythan\Downloads\windows10.0-kb5000802-arm64_5a9e0d3563cf0c86f61c75a58d53eeda7f0fbfc1.msu
2021-03-13 22:33 - 2021-03-13 22:33 - 004698786 _____ C:\Users\naythan\Desktop\So british 01161.mp4
2021-03-13 17:54 - 2021-03-13 17:54 - 000367698 _____ C:\Users\naythan\Desktop\US1032401.pdf
2021-03-11 19:04 - 2021-03-11 19:04 - 000000000 ____D C:\Users\naythan\AppData\LocalLow\Adobe
2021-03-11 19:03 - 2021-03-11 19:07 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 19:02 - 2021-03-11 19:04 - 000000000 ____D C:\ProgramData\Adobe
2021-03-11 19:02 - 2021-03-11 19:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-03-11 19:01 - 2021-03-11 19:04 - 000000000 ____D C:\Users\naythan\AppData\Local\Adobe
2021-03-11 10:00 - 2021-03-11 10:00 - 000000941 _____ C:\Users\naythan\Desktop\VLC media player.lnk
2021-03-10 11:44 - 2018-05-31 09:55 - 003181936 _____ (Alexander Roshal) C:\Users\naythan\Documents\winrar-x64-56b4.exe
2021-03-10 11:42 - 2021-03-10 11:42 - 000001123 _____ C:\Users\naythan\Desktop\WinRAR.lnk
2021-03-10 11:30 - 2021-03-10 11:30 - 048222208 _____ C:\Users\naythan\Downloads\8a68b79a-e355-46d5-943a-1676f7203ccd.tmp
2021-03-10 11:29 - 2021-03-10 11:29 - 069656576 _____ C:\Users\naythan\Downloads\cc633534-7362-4b4a-a18c-7ba0f694940d.tmp
2021-03-08 13:22 - 2021-03-24 19:19 - 000000000 ____D C:\Program Files\EqualizerAPO
2021-03-08 13:14 - 2021-03-08 13:14 - 000000909 _____ C:\Users\naythan\Desktop\EqualizerAPO64-1.2.1 - Shortcut.lnk
2021-03-08 13:14 - 2021-03-08 13:14 - 000000000 ____D C:\Users\naythan\Downloads\EqualizerAPO64-1.2.1
2021-03-08 13:08 - 2021-03-08 13:08 - 008329951 _____ C:\Users\naythan\Downloads\EqualizerAPO64-1.2.1.zip
2021-03-08 10:55 - 2021-03-08 10:55 - 000001203 _____ C:\Users\naythan\Desktop\FastStone Image Viewer.lnk
2021-03-08 10:44 - 2021-03-10 12:39 - 000005120 _____ C:\Users\naythan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-03-08 10:43 - 2021-03-08 10:43 - 000000000 ____D C:\Users\naythan\Documents\CyberLink
2021-03-08 10:43 - 2021-03-08 10:43 - 000000000 ____D C:\Users\naythan\AppData\Roaming\CyberLink
2021-03-08 10:43 - 2021-03-08 10:43 - 000000000 ____D C:\Users\naythan\AppData\Local\CyberLink
2021-03-08 10:41 - 2021-03-08 10:41 - 000000000 ____D C:\Users\naythan\AppData\Local\DivXConverter
2021-03-08 10:41 - 2021-03-08 10:41 - 000000000 ____D C:\Users\naythan\.MCTranscodingSDK
2021-03-08 10:40 - 2021-03-08 10:40 - 000001486 _____ C:\Users\naythan\Desktop\DivX Movies.lnk
2021-03-08 10:38 - 2021-03-08 10:38 - 000001171 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2021-03-08 10:38 - 2021-03-08 10:38 - 000001146 _____ C:\Users\Public\Desktop\DivX Player.lnk
2021-03-08 10:36 - 2021-03-19 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2021-03-08 10:32 - 2021-03-08 10:32 - 004076208 _____ (DivX, LLC) C:\Users\naythan\Downloads\DivXInstaller.exe
2021-03-08 09:51 - 2021-03-08 09:51 - 000000000 ____D C:\Users\naythan\Desktop\Microsoft Office 2010 Professional Plus
2021-03-06 22:03 - 2021-03-06 22:03 - 004636840 ____N (HP Inc.) C:\Users\naythan\Downloads\sp91950 (1).exe
2021-03-06 22:02 - 2021-03-06 22:02 - 004636840 _____ (HP Inc.) C:\Users\naythan\Downloads\sp91950.exe
2021-03-06 22:00 - 2021-03-06 22:00 - 014996448 _____ (HP Inc.) C:\Users\naythan\Downloads\sp96885.exe
2021-03-06 21:59 - 2021-03-06 21:59 - 002066992 _____ (HP Inc.) C:\Users\naythan\Downloads\sp100556.exe
2021-03-06 21:58 - 2021-03-06 21:58 - 020558800 _____ (HP Inc.) C:\Users\naythan\Downloads\sp99225 (2).exe
2021-03-06 21:57 - 2021-03-06 21:57 - 020558800 _____ (HP Inc.) C:\Users\naythan\Downloads\sp99225 (1).exe
2021-03-06 21:56 - 2019-06-04 23:28 - 000090624 _____ (HP Inc.) C:\WINDOWS\system32\Drivers\IntelWLANdriver.dll
2021-03-06 21:55 - 2021-03-06 21:55 - 020558800 _____ (HP Inc.) C:\Users\naythan\Downloads\sp99225.exe
2021-03-06 21:53 - 2021-03-06 21:53 - 017074032 _____ (HP Inc.) C:\Users\naythan\Downloads\sp82670.exe
2021-03-06 21:48 - 2021-03-06 21:49 - 014398920 _____ (HP Inc.) C:\Users\naythan\Downloads\sp105618 (1).exe
2021-03-06 21:26 - 2021-03-06 21:26 - 000145610 _____ C:\Users\naythan\Documents\cc_20210306_202623.reg
2021-03-05 13:47 - 2021-03-06 20:31 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-03-04 20:17 - 2021-03-16 02:50 - 000000000 ____D C:\Users\naythan\AppData\Local\D3DSCache
2021-03-04 20:17 - 2021-03-06 20:20 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-03-04 20:05 - 2021-03-04 21:14 - 000000000 ____D C:\ProgramData\WinZip
2021-03-04 20:05 - 2021-03-04 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2021-03-04 17:17 - 2021-03-04 17:17 - 000003593 _____ C:\Users\naythan\AppData\LocalLow\lpm.dat
2021-03-04 17:17 - 2021-03-04 17:17 - 000000000 ____D C:\Users\naythan\AppData\Local\DivX
2021-03-04 17:15 - 2021-03-08 10:38 - 000000000 ____D C:\Users\naythan\AppData\Roaming\DivX
2021-03-04 17:14 - 2021-03-22 13:29 - 000000000 ____D C:\ProgramData\DivX
2021-03-04 17:14 - 2021-03-08 10:40 - 000000000 ____D C:\Program Files (x86)\DivX
2021-03-04 14:27 - 2021-03-04 14:27 - 000000000 ____D C:\Users\naythan\AppData\Roaming\WinRAR
2021-03-04 14:26 - 2021-03-19 09:02 - 000000000 ____D C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-04 14:26 - 2021-03-19 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-04 14:26 - 2021-03-16 13:28 - 000000000 ____D C:\Program Files\WinRAR
2021-03-04 13:31 - 2021-03-06 20:43 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-03-04 13:31 - 2021-03-06 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-03-03 16:21 - 2021-03-03 16:22 - 014398920 ____N (HP Inc.) C:\Users\naythan\Downloads\sp105618.exe
2021-03-03 14:33 - 2021-03-03 14:34 - 000000000 ____D C:\Users\naythan\AppData\Local\HP JumpStart Apps
2021-03-03 14:33 - 2021-03-03 14:33 - 000000000 ____D C:\Users\naythan\AppData\Local\Crashpad
2021-03-03 14:09 - 2021-03-19 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect
2021-03-03 14:09 - 2021-03-03 14:09 - 007197928 _____ (Finarea S.A. Switzerland ) C:\Users\naythan\Downloads\setupVoipConnect (1).exe
2021-03-03 14:09 - 2021-03-03 14:09 - 000001311 _____ C:\Users\naythan\Desktop\VoipConnect.lnk
2021-03-03 11:14 - 2021-03-19 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-03-03 11:13 - 2021-03-03 11:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2021-03-03 11:08 - 2021-03-19 08:48 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-03 11:07 - 2021-03-03 11:07 - 000000000 __RHD C:\MSOCache
2021-03-03 11:04 - 2021-03-06 20:32 - 000000000 ____D C:\Users\naythan\Downloads\Microsoft Office 2010 Professional Plus
2021-03-03 10:06 - 2021-02-06 10:38 - 000122026 _____ C:\Users\naythan\Desktop\UK TV SKY AND SPORTS.xspf
2021-03-03 10:06 - 2021-01-13 09:58 - 000109650 _____ C:\Users\naythan\Desktop\ady.m3u
2021-03-03 10:06 - 2021-01-09 17:41 - 000139899 _____ C:\Users\naythan\Desktop\Download Great Paddyoke Irish karaoke CD set Michael Rizzo karaoke colle.. Torrent.url.xspf
2021-03-03 10:02 - 2021-03-03 10:02 - 000000597 _____ C:\Users\naythan\Desktop\ady - Shortcut.lnk
2021-03-03 10:01 - 2021-01-13 09:58 - 000109650 _____ C:\Users\naythan\Downloads\ady.m3u
2021-03-03 10:00 - 2021-03-19 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-03 09:46 - 2021-03-03 09:46 - 000000000 ____D C:\Users\naythan\Downloads\libvlc
2021-03-03 09:24 - 2021-03-03 09:24 - 000082528 _____ C:\Users\naythan\Downloads\libvlc.zip
2021-03-03 09:20 - 2021-03-27 13:43 - 000000000 ____D C:\Users\naythan\AppData\Local\WhatsApp
2021-03-03 09:19 - 2021-03-03 09:19 - 129135816 ____N (WhatsApp) C:\Users\naythan\Downloads\WhatsAppSetup.exe
2021-03-03 07:37 - 2021-03-03 07:37 - 007197928 ____N (Finarea S.A. Switzerland ) C:\Users\naythan\Downloads\setupVoipConnect.exe
2021-03-03 01:22 - 2021-03-03 01:24 - 000000000 ___HD C:\Users\naythan\Downloads\.opera
2021-03-03 01:22 - 2021-03-03 01:24 - 000000000 ___HD C:\Users\naythan\.opera
2021-03-02 20:46 - 2021-03-02 20:46 - 000000000 ____D C:\Users\naythan\AppData\Roaming\SUPERAntiSpyware.com
2021-03-02 20:46 - 2021-03-02 20:46 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-03-02 09:00 - 2021-01-31 14:27 - 000187967 _____ C:\Users\naythan\Documents\14 point summary.pdf
2021-03-02 07:43 - 2021-03-03 07:44 - 000000000 ____D C:\Users\naythan\AppData\Roaming\VoipConnect
2021-03-02 07:43 - 2021-03-02 07:43 - 000000000 ____D C:\Program Files (x86)\VoipConnect.com
2021-03-01 11:58 - 2021-03-25 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-03-01 11:56 - 2021-03-01 11:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2021-03-01 11:56 - 2021-03-01 11:56 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-03-01 11:54 - 2021-03-01 11:54 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-01 11:54 - 2021-03-01 11:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2021-03-01 11:54 - 2021-03-01 11:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-01 11:53 - 2021-03-25 22:08 - 000000000 ____D C:\Users\naythan\AppData\Local\Microsoft Help
2021-02-28 11:32 - 2021-03-26 09:31 - 000000000 ____D C:\KVRT2020_Data
2021-02-28 11:08 - 2021-02-28 11:09 - 000000000 ____D C:\KVRT_Data
2021-02-28 11:07 - 2021-02-28 11:08 - 000106676 _____ C:\TDSSKiller.3.1.0.28_28.02.2021_10.07.48_log.txt
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-28 12:39 - 2021-02-16 10:21 - 000000000 ____D C:\Users\naythan\AppData\Roaming\WhatsApp
2021-03-28 12:36 - 2021-02-16 21:58 - 000000000 ____D C:\Users\naythan\AppData\Roaming\vlc
2021-03-28 12:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-28 10:32 - 2017-05-10 08:51 - 000000000 ____D C:\Program Files\HP
2021-03-28 10:26 - 2021-02-15 17:25 - 000000000 ____D C:\Program Files\CCleaner
2021-03-27 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-27 11:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-27 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-27 11:08 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-27 11:02 - 2021-02-08 13:15 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-03-27 11:02 - 2021-02-08 13:14 - 000000000 ____D C:\ProgramData\Realtek
2021-03-27 02:17 - 2021-02-17 07:24 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-27 00:23 - 2021-02-17 20:14 - 000000000 ____D C:\Users\naythan\AppData\Local\ElevatedDiagnostics
2021-03-26 19:18 - 2021-02-08 14:06 - 000000000 ____D C:\Users\naythan\AppData\Roaming\hpqLog
2021-03-26 19:17 - 2021-02-08 13:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-26 19:16 - 2021-02-14 11:31 - 000000000 ____D C:\Users\naythan\AppData\Local\HP
2021-03-26 18:55 - 2021-02-14 13:21 - 000001422 _____ C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-03-26 18:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-26 14:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-26 13:38 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-26 13:37 - 2017-06-25 15:36 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-03-26 09:37 - 2021-02-14 14:17 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2021-03-26 09:19 - 2021-02-13 12:50 - 000000000 ____D C:\Users\naythan\AppData\Roaming\Hewlett-Packard
2021-03-26 09:19 - 2021-02-08 14:05 - 000000000 ____D C:\Users\naythan\AppData\Local\Hewlett-Packard
2021-03-26 09:19 - 2017-05-10 08:55 - 000000000 ____D C:\Program Files (x86)\HP Inc
2021-03-26 09:19 - 2017-05-10 08:52 - 000000000 ____D C:\ProgramData\HP
2021-03-26 09:19 - 2017-05-10 08:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-03-26 09:19 - 2017-05-10 08:51 - 000000000 ____D C:\Program Files (x86)\HP
2021-03-26 09:19 - 2017-05-10 08:51 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-03-26 09:19 - 2017-04-18 04:30 - 000000000 ___HD C:\hp
2021-03-25 16:45 - 2021-02-24 21:09 - 000000000 ____D C:\Users\naythan\Desktop\Antique terms and images
2021-03-24 20:42 - 2017-05-10 08:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-24 20:37 - 2021-02-08 13:52 - 000000000 ____D C:\Users\naythan\AppData\Local\Packages
2021-03-24 19:54 - 2021-02-13 12:56 - 000000000 ___RD C:\Users\naythan\OneDrive
2021-03-23 11:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-23 09:56 - 2021-02-23 17:22 - 000000000 ____D C:\ProgramData\WinaeroTweaker
2021-03-20 04:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-19 14:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-19 13:38 - 2021-02-08 12:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-03-19 12:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-19 12:38 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-19 12:05 - 2019-12-07 16:55 - 000794102 _____ C:\WINDOWS\system32\perfh00A.dat
2021-03-19 12:05 - 2019-12-07 16:55 - 000160262 _____ C:\WINDOWS\system32\perfc00A.dat
2021-03-19 11:54 - 2021-02-14 21:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-19 09:50 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-19 09:33 - 2021-02-08 13:53 - 000000000 ____D C:\ProgramData\Packages
2021-03-19 09:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-19 09:32 - 2021-02-08 13:52 - 000000000 ___RD C:\Users\naythan\3D Objects
2021-03-19 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-19 09:32 - 2017-03-18 05:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-19 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-19 09:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-03-19 09:25 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-19 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-19 09:10 - 2021-02-08 13:43 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-03-19 09:09 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-19 09:08 - 2021-02-20 07:30 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-19 09:08 - 2021-02-20 07:30 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-19 08:59 - 2021-02-16 10:21 - 000000000 ____D C:\Users\naythan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-03-19 08:56 - 2021-02-08 13:15 - 000000000 ____D C:\Program Files\AMD
2021-03-19 08:55 - 2021-02-08 13:16 - 001975595 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2021-03-19 08:55 - 2021-02-08 13:15 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-03-19 08:55 - 2021-02-08 12:47 - 000000000 ____D C:\Program Files\Elantech
2021-03-19 08:54 - 2021-02-08 13:15 - 000000000 ____D C:\AMD
2021-03-19 08:48 - 2021-02-21 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
2021-03-19 08:48 - 2021-02-15 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker
2021-03-19 08:48 - 2021-02-15 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-19 08:48 - 2021-02-14 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-03-19 08:48 - 2021-02-14 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-03-19 08:48 - 2021-02-14 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2021-03-19 08:48 - 2021-02-14 12:54 - 000000000 ____D C:\Program Files\UNP
2021-03-19 08:48 - 2021-02-08 12:36 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-19 08:48 - 2021-02-08 12:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-19 08:48 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-19 08:48 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-19 08:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-19 08:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-19 08:48 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-19 08:48 - 2017-06-25 15:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-03-19 08:48 - 2017-05-10 08:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-03-19 08:48 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-19 08:43 - 2021-02-08 13:16 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2021-03-19 08:43 - 2017-05-10 18:34 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-03-19 08:43 - 2017-05-10 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-03-19 08:43 - 2017-05-10 18:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-03-19 08:42 - 2017-05-10 18:34 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-03-19 08:42 - 2017-05-10 18:33 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-03-19 08:41 - 2021-02-08 13:15 - 000000000 ____D C:\Program Files\Realtek
2021-03-19 08:41 - 2021-02-08 13:15 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-03-19 08:41 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-19 08:41 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-19 08:41 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\OCR
2021-03-19 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-03-19 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-19 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-19 08:41 - 2017-05-10 18:27 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-19 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-19 08:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-19 08:27 - 2019-12-07 16:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-19 08:27 - 2019-12-07 16:57 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-03-19 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-19 07:53 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-19 07:53 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-19 07:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-19 07:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-17 14:23 - 2017-06-25 15:52 - 000000000 ____D C:\ProgramData\CyberLink
2021-03-17 10:33 - 2017-06-25 15:41 - 001148904 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-03-15 21:02 - 2021-02-08 13:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-12 18:55 - 2021-02-16 10:20 - 000000000 ____D C:\Users\naythan\AppData\Local\SquirrelTemp
2021-03-11 19:04 - 2021-02-08 13:52 - 000000000 ____D C:\Users\naythan\AppData\Roaming\Adobe
2021-03-11 01:06 - 2021-02-14 21:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 01:02 - 2021-02-14 21:24 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-06 22:02 - 2017-05-10 18:18 - 000000000 ____D C:\SWSetup
2021-03-06 20:36 - 2021-02-08 12:36 - 000000000 ____D C:\WINDOWS\TextInput
2021-03-06 20:32 - 2017-06-25 15:55 - 000000000 ____D C:\Program Files\mcafee
2021-03-06 10:29 - 2021-02-22 11:57 - 000000000 ____D C:\Users\naythan\Desktop\Angela pension
2021-03-04 20:50 - 2021-02-08 13:53 - 000000000 ____D C:\Users\naythan\AppData\Local\AMD
2021-03-03 14:33 - 2021-02-08 13:55 - 000000000 ____D C:\Users\naythan\AppData\Roaming\HP
2021-03-03 11:08 - 2017-03-18 23:03 - 000000199 _____ C:\WINDOWS\win.ini
2021-03-03 09:59 - 2021-02-15 18:09 - 000000000 ____D C:\Program Files\VideoLAN
2021-03-03 09:20 - 2021-02-16 10:21 - 000002220 _____ C:\Users\naythan\Desktop\WhatsApp.lnk
2021-03-03 01:04 - 2021-02-15 23:38 - 000000000 ____D C:\Program Files\Winaero Tweaker
2021-03-03 01:04 - 2021-02-15 23:36 - 000000000 ____D C:\Users\naythan\Downloads\winaerotweaker
 
==================== Files in the root of some directories ========
 
2021-02-08 13:52 - 2021-03-28 09:47 - 000294671 _____ () C:\Users\naythan\AppData\Local\BTServer.log
2021-03-08 10:44 - 2021-03-10 12:39 - 000005120 _____ () C:\Users\naythan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ==

Edited by Zanshin, 28 March 2021 - 04:45 AM.

  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Go to:

https://www.microsof...vot:overviewtab

 

Click on Get

 

Once it loads click on GO.

 

What speeds does it show?

 

I'm not an Opera user.  Tried it but every update wanted to make itself my default browser.  You have

OPR Extension: (Browsec VPN - Free VPN for Opera) - C:\Users\naythan\AppData\Roaming\Opera Software\Opera Stable\Extensions\dknfpcdpbkjijldegonllfnnfhabjpde [2021-03-09]
installed on your browser.  Can't tell if it's active but a VPN will really slow things down.

  • 0

#21
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
 I have no problems with Opera at all, Opera is my default browser with own VPN turned OFF. Browsec is also turned OFF  in Extensions. My older computer beside this one for testing purposed shows 95/6 download 98/100 plus upload constantly(Ookla) no matter how many pages I have open or if I am streaming at the same time. As said before, full speed acheived in Safe Mode. 
 
for some reason I can't post an image of the speedtest results here using an Imgur link? 
 
Here is a link to the speed test results page.https://www.speedtes...ult/11169989003

  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

If you download the speedtest program the result is independent of your browser and more reliable.

 

This is what I get from Firefox:

 

https://www.speedtes...ult/11170433197

 

This is what I get from the program:

 

https://www.speedtes...df-ce97ad6204a0

 

Let's see what is using the internet.

 

Right click on the clock and select Task Manager, (More Details), Performance, Open Resource Monitor, Network.

 

Now click on Network Activity (in the middle of the page).  Click on Receive (B/Sec) to sort by the biggest users.  Take a screen shot and post it:

 

net.jpg

 

If you see svchost.exe in the top 3 then:

 

Copy the next 2 lines:
 

TASKLIST /SVC  > \junk.txt
notepad \junk.txt


Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


 


  • 0

#23
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

Downloaded the app. All speed tests from different locations showing full speed. 95 down...95/98 up. 

 

I must be getting dense in my old age. Which clock? The Ookla speed test dial? I right click on that and it starts the test. I see no other clock. 

 

Only Task Manager I have is the Windows one. Apologies if I appear dense at this point.


Edited by Zanshin, 28 March 2021 - 09:21 AM.

  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

The windows clock that is usually in the bottom right of the desktop.  If you don't have the clock showing then search for

task manager

hit Enter


  • 0

#25
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

Under Performance I have no Open Resource  Monitor or Network Activity options. I hope this graph tells something? 

 

https://imgur.com/Lc8iCsM


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Look at the bottom of the chart and you will find Open resource Monitor

 

tm.jpg


  • 0

#27
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

Not looking  properly was I.

 

Having trouble posting .png images here. 

 

svch/exe was third from the top in the Network chart so I followed up with the CMD instruction and here is the junk.txt file copy. 

 

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                        92 N/A                                         
smss.exe                       408 N/A                                         
csrss.exe                      636 N/A                                         
wininit.exe                    740 N/A                                         
services.exe                   836 N/A                                         
lsass.exe                      876 EFS, KeyIso, SamSs, VaultSvc                
svchost.exe                    996 BrokerInfrastructure, DcomLaunch, PlugPlay, 
                                   Power, SystemEventsBroker                   
fontdrvhost.exe               1008 N/A                                         
WUDFHost.exe                   436 N/A                                         
svchost.exe                    872 RpcEptMapper, RpcSs                         
svchost.exe                   1072 LSM                                         
svchost.exe                   1228 CoreMessagingRegistrar                      
svchost.exe                   1296 BTAGService                                 
svchost.exe                   1328 BthAvctpSvc                                 
svchost.exe                   1348 bthserv                                     
svchost.exe                   1416 NcbService                                  
svchost.exe                   1460 Schedule                                    
svchost.exe                   1608 DispBrokerDesktopSvc                        
svchost.exe                   1656 ProfSvc                                     
svchost.exe                   1688 TimeBrokerSvc                               
svchost.exe                   1696 DisplayEnhancementService                   
svchost.exe                   1760 hidserv                                     
svchost.exe                   1800 EventLog                                    
svchost.exe                   1812 UserManager                                 
svchost.exe                   1968 DeviceAssociationService                    
svchost.exe                   1976 nsi                                         
svchost.exe                   2020 StateRepository                             
svchost.exe                   1040 camsvc                                      
svchost.exe                   1364 Dhcp                                        
dasHost.exe                   1624 N/A                                         
svchost.exe                   2212 NlaSvc                                      
atiesrxx.exe                  2224 AMD External Events Utility                 
tbaseprovisioning.exe         2236 tbaseprovisioning                           
svchost.exe                   2312 SSDPSRV                                     
svchost.exe                   2376 netprofm                                    
svchost.exe                   2484 EventSystem                                 
svchost.exe                   2500 SysMain                                     
svchost.exe                   2520 Themes                                      
Memory Compression            2616 N/A                                         
svchost.exe                   2656 SENS                                        
svchost.exe                   2700 WinHttpAutoProxySvc                         
svchost.exe                   2720 Dnscache                                    
svchost.exe                   2732 AudioEndpointBuilder                        
svchost.exe                   2796 FontCache                                   
svchost.exe                   2860 fdPHost                                     
svchost.exe                   3008 FDResPub                                    
svchost.exe                   2576 Winmgmt                                     
svchost.exe                   3152 Audiosrv                                    
RtkAudioService64.exe         3224 RtkAudioService                             
svchost.exe                   3476 DusmSvc                                     
svchost.exe                   3484 Wcmsvc                                      
svchost.exe                   3596 WlanSvc                                     
svchost.exe                   3656 ShellHWDetection                            
spoolsv.exe                   3728 Spooler                                     
svchost.exe                   3776 BFE, mpssvc                                 
svchost.exe                   3824 LanmanWorkstation                           
armsvc.exe                    4084 AdobeARMservice                             
BTDevMgr.exe                  3116 BTDevManager                                
svchost.exe                   3332 CryptSvc                                    
svchost.exe                   3336 DiagTrack                                   
svchost.exe                   3324 DPS                                         
ETDService.exe                3304 ETDService                                  
HPWMISVC.exe                  3384 HPWMISVC                                    
svchost.exe                   3032 iphlpsvc                                    
RtkBtManServ.exe              3856 RtkBtManServ                                
svchost.exe                   3360 SstpSvc                                     
svchost.exe                   4108 LanmanServer                                
MsMpEng.exe                   4128 WinDefend                                   
svchost.exe                   4164 TrkWks                                      
svchost.exe                   4176 WpnService                                  
svchost.exe                   4184 stisvc                                      
svchost.exe                   4312 TapiSrv                                     
svchost.exe                   4416 WdiServiceHost                              
svchost.exe                   4560 RasMan                                      
svchost.exe                   4792 RmSvc                                       
svchost.exe                   5264 TokenBroker                                 
svchost.exe                   5620 Appinfo                                     
svchost.exe                   5700 TabletInputService                          
svchost.exe                   5948 CDPSvc                                      
svchost.exe                   6016 PcaSvc                                      
NisSrv.exe                    5720 WdNisSvc                                    
SearchIndexer.exe             7288 WSearch                                     
svchost.exe                   7404 InstallService                              
SecurityHealthService.exe     6212 SecurityHealthService                       
svchost.exe                   6048 wscsvc                                      
svchost.exe                   8704 DoSvc                                       
svchost.exe                   8844 lfsvc                                       
svchost.exe                   6544 StorSvc                                     
SgrmBroker.exe                8328 SgrmBroker                                  
svchost.exe                   8220 UsoSvc                                      
svchost.exe                   7968 LicenseManager                              
svchost.exe                   9840 DsSvc                                       
svchost.exe                   9596 Netman                                      
MoUsoCoreWorker.exe           4268 N/A                                         
csrss.exe                     8948 N/A                                         
winlogon.exe                  5568 N/A                                         
fontdrvhost.exe               4456 N/A                                         
dwm.exe                        420 N/A                                         
atieclxx.exe                  5760 N/A                                         
svchost.exe                   3616 lmhosts                                     
svchost.exe                   2108 NcdAutoSetup                                
ETDCtrl.exe                  10060 N/A                                         
ctfmon.exe                    9140 N/A                                         
svchost.exe                   6424 CDPUserSvc_4b219fc                          
svchost.exe                   6844 BluetoothUserService_4b219fc                
sihost.exe                    5904 N/A                                         
svchost.exe                   6448 WpnUserService_4b219fc                      
taskhostw.exe                 9704 N/A                                         
explorer.exe                  3996 N/A                                         
svchost.exe                   8064 cbdhsvc_4b219fc                             
gsam.exe                      2884 N/A                                         
ETDTouch.exe                  5356 N/A                                         
ETDCtrlHelper.exe             2908 N/A                                         
BTServer.exe                  7356 N/A                                         
StartMenuExperienceHost.e     2408 N/A                                         
RuntimeBroker.exe             5380 N/A                                         
SearchApp.exe                 9376 N/A                                         
RuntimeBroker.exe             7352 N/A                                         
YourPhone.exe                 6136 N/A                                         
RuntimeBroker.exe             6004 N/A                                         
SettingSyncHost.exe           6528 N/A                                         
SecurityHealthSystray.exe     8960 N/A                                         
RAVBg64.exe                   7732 N/A                                         
RtkNGUI64.exe                 9700 N/A                                         
AdobeCollabSync.exe           6068 N/A                                         
AdobeCollabSync.exe           7892 N/A                                         
RadeonSettings.exe            8548 N/A                                         
svchost.exe                   5320 OneSyncSvc_4b219fc,                         
                                   PimIndexMaintenanceSvc_4b219fc,             
                                   UnistoreSvc_4b219fc, UserDataSvc_4b219fc    
RuntimeBroker.exe             9648 N/A                                         
AcrobatNotificationClient     4576 N/A                                         
TextInputHost.exe             7212 N/A                                         
dllhost.exe                   9792 N/A                                         
ApplicationFrameHost.exe     11020 N/A                                         
ShellExperienceHost.exe       8932 N/A                                         
RuntimeBroker.exe             9956 N/A                                         
SystemSettings.exe            7396 N/A                                         
UserOOBEBroker.exe            1432 N/A                                         
vlc.exe                       6640 N/A                                         
audiodg.exe                  10208 N/A                                         
WhatsApp.exe                  6804 N/A                                         
WhatsApp.exe                   368 N/A                                         
WhatsApp.exe                  4240 N/A                                         
WhatsApp.exe                  7740 N/A                                         
WhatsApp.exe                 11172 N/A                                         
WhatsApp.exe                  7576 N/A                                         
WhatsApp.exe                 10372 N/A                                         
opera.exe                     1732 N/A                                         
opera_crashreporter.exe       7484 N/A                                         
opera.exe                     8752 N/A                                         
opera.exe                     9784 N/A                                         
opera.exe                     4136 N/A                                         
opera.exe                     8308 N/A                                         
opera.exe                     1116 N/A                                         
opera.exe                     9180 N/A                                         
opera.exe                     1520 N/A                                         
opera.exe                    10712 N/A                                         
opera.exe                     4428 N/A                                         
opera.exe                    10956 N/A                                         
opera.exe                    10984 N/A                                         
svchost.exe                   9036 CaptureService_4b219fc                      
opera.exe                     1320 N/A                                         
opera.exe                    10600 N/A                                         
opera.exe                     8148 N/A                                         
perfmon.exe                   2688 N/A                                         
RuntimeBroker.exe             8448 N/A                                         
ScreenSketch.exe              9676 N/A                                         
opera.exe                     9900 N/A                                         
smartscreen.exe               3456 N/A                                         
cmd.exe                       8532 N/A                                         
conhost.exe                   2404 N/A                                         
tasklist.exe                  2628 N/A                                         
WmiPrvSE.exe                  9064 N/A                                         
 

 

 

 


  • 0

#28
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

This is a link to the image uploaded to Imgur of the Network charts. 

 

 

 

https://imgur.com/a/wgH65ne


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Forum is funny.  Only allows certain things to be attached.  .jpg is OK.  .png not OK.  .zip, .txt, .reg are also OK.

 

Currently VLC is the culprit by a large margin.  Are you watching a streaming video?  That can give a false speednet reading on a slow link.


  • 0

#30
Zanshin

Zanshin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts

I close everything before a speed test.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP