
#16
Posted 14 October 2022 - 06:09 PM

#17
Posted 14 October 2022 - 07:07 PM

Now I have a weird report?
#18
Posted 14 October 2022 - 07:34 PM

#19
Posted 14 October 2022 - 07:43 PM

#20
Posted 14 October 2022 - 09:38 PM

#21
Posted 14 October 2022 - 09:39 PM

#22
Posted 14 October 2022 - 09:40 PM

#23
Posted 15 October 2022 - 09:30 AM

Not seeing any sign of an infection. You have a very old PC which was designed for Win 7 and apparently uses SATA II instead of SATA III so the SSD you have is only running at half its normal speed.
I'm thinking when you ran Process Explorer that you did not start it by right click and Run As Admin since it is being blocked from many windows processes . But it is not showing that Edge uses too much CPU. Assuming you have all Extensions disabled it may be that one of your extensions is the cause of your problem. When you have Sync enabled Edge will check with other PCs that use the same Microsoft login and automatically add the same extensions that they are using. Is Edge working better without the extensions?
The difference in Latency Monitor reports is probably due to Windows downloading an upgrade (or uploading some of its spyware info to Microsoft). It's possible that a new BIOS and/or a new network driver might speed things up a bit. Your BIOS is F15. There may be a newer BIOS available on the HP website but it needs your serial number so it won't talk to me. I found F23 with a Google search but it is for Intel and you have AMD so I'm not sure. Even if you find it it may not install on Win 10 since HP thinks you have Win 7. (Won't hurt anything to try. Worst that will happen is that it says you have the wrong version and exits.)
As for your network driver you have: Realtek PCIe FE Family Controller
Don't know what version you have but Realtek has had a real problem getting their drivers to work correctly with Win 10 so you really do want the newest one.
You can get a new driver from:
https://www.realtek....xpress-software
The new version is:
Win10 Auto Installation Program (NDIS)
10.60 2022/08/24
You have to go thru the Captcha process. Sometimes they give you two number to add and they want the sum. Other times they just want you to repeat what they show you. Once you download it go to the download folder and right click on the file and Run as Admin.
You can uninstall Speccy now. We don't need it any more.
We can remove a lot of Microsoft's spyware which often slows down older PCs:
Reboot when done.
I'm not seeing any sign of an infection but let's run MBAR to check for rootkits.
Direct download is:
https://downloads.ma...s.com/file/mbar
Save the file, go to the download folder and right click and Run As Admin. Then follow the instructions.
Let's compare your PC to others of the same model:
Let's get a benchmark:
Click on Free Download. Save the file then right click and Run As Admin. Close all programs and pause your antivirus before starting.
When it finishes it will open a browser. Copy the URL and paste it into a Reply.
Don't know what version you have but Realtek has had a real problem getting their drivers to work correctly with Win 10 so you really do want the newest one.
#24
Posted 15 October 2022 - 10:27 PM

Hello,
Had to RESET PC as it froze up, I have downloaded the new REALTEK family controller, Deleted all the Task Scheduler tasks, Stopped & Disabled Sys Main, Ran MBAR with no detections, Changed my Admin acct to standard.
I have rerun all the previosly advised scans as a FYI
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2022
Ran by Rockets (administrator) on HAL900 (Hewlett-Packard HP G61 Notebook PC) (15-10-2022 21:26:05)
Running from C:\Users\Rockets\Desktop
Loaded Profiles: doher & Rockets
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2130 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <27>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <2>
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-03-31] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\Run: [MicrosoftEdgeAutoLaunch_BB504241F5FCEF66E4DB313E9A525FF8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\19.043.0304.0013" (No File)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-15] (Microsoft Windows -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1CE37D36-DA41-47D4-BD27-68D60E20CBC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F3C57C3-97DD-42D4-9A1C-9D79EB04C0D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FD85271-6AEF-4A40-8FA6-B5407B2892D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C19FAA37-86F1-47D0-BD8D-A2598B4315D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e77e5341-dabe-4bfc-be4d-04e0b11879c9}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Profile: C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKIS; C:\WINDOWS\System32\drivers\AppleKIS.sys [66976 2022-09-14] (Apple Inc. -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleRSM; C:\WINDOWS\System32\drivers\AppleRSM.sys [77720 2022-09-13] (Apple Inc. -> Apple Inc.)
S3 MirayRAMDrive; C:\WINDOWS\System32\drivers\mrdo.sys [65488 2022-02-10] (Miray Software AG -> Miray)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 21:26 - 2022-10-15 21:27 - 000008094 _____ C:\Users\Rockets\Desktop\FRST.txt
2022-10-15 21:25 - 2022-10-15 21:25 - 000000000 ____D C:\Users\Rockets\AppData\Local\Comms
2022-10-15 21:22 - 2022-10-15 21:22 - 002373120 _____ (Farbar) C:\Users\Rockets\Desktop\FRST64.exe
2022-10-15 21:11 - 2022-10-15 21:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-15 21:11 - 2022-10-15 21:11 - 000000000 ____D C:\Users\Rockets\AppData\Local\PlaceholderTileLogoFolder
2022-10-15 21:10 - 2022-10-15 21:11 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-15 21:10 - 2022-10-15 21:10 - 000000000 ___RD C:\Users\Rockets\OneDrive
2022-10-15 21:10 - 2022-10-15 21:10 - 000000000 ____D C:\Users\Rockets\AppData\Local\D3DSCache
2022-10-15 21:02 - 2022-10-15 21:20 - 000000000 ____D C:\Users\Rockets\AppData\Local\Packages
2022-10-15 21:02 - 2022-10-15 21:02 - 000000000 ___RD C:\Users\Rockets\3D Objects
2022-10-15 21:02 - 2022-10-15 21:02 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\Adobe
2022-10-15 21:02 - 2022-10-15 21:02 - 000000000 ____D C:\Users\Rockets\AppData\Local\VirtualStore
2022-10-15 21:02 - 2022-10-15 21:02 - 000000000 ____D C:\Users\Rockets\AppData\Local\Publishers
2022-10-15 21:02 - 2022-10-15 21:02 - 000000000 ____D C:\Users\Rockets\AppData\Local\ConnectedDevicesPlatform
2022-10-15 20:23 - 2022-10-15 20:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-15 20:23 - 2022-10-15 20:23 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-10-15 20:23 - 2022-08-18 10:47 - 001188672 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-10-15 20:22 - 2022-10-15 20:22 - 000000000 ____D C:\Users\doher\Downloads\Install_Win10_10060_08222022
2022-10-15 20:21 - 2022-10-15 20:21 - 004975146 _____ C:\Users\doher\Downloads\Install_Win10_10060_08222022.zip
2022-10-15 20:00 - 2022-10-15 20:00 - 000000000 ____D C:\Users\Rockets\AppData\Local\PeerDistRepub
2022-10-15 19:12 - 2022-10-15 21:11 - 000002375 _____ C:\Users\Rockets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-15 19:12 - 2022-10-15 21:10 - 000000000 ____D C:\Users\Rockets
2022-10-15 19:12 - 2022-10-15 19:12 - 000000020 ___SH C:\Users\Rockets\ntuser.ini
2022-10-15 16:49 - 2022-10-15 16:49 - 000000000 ____D C:\Users\doher\AppData\Local\Comms
2022-10-15 16:40 - 2022-10-15 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-15 16:38 - 2022-10-15 18:54 - 000000000 ____D C:\Users\doher\AppData\Local\PlaceholderTileLogoFolder
2022-10-15 16:37 - 2022-10-15 19:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-15 16:34 - 2022-10-15 16:34 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-15 16:34 - 2022-10-15 16:34 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-15 16:33 - 2022-10-15 16:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-15 16:32 - 2022-10-15 20:02 - 000000000 ____D C:\Users\doher\AppData\Local\D3DSCache
2022-10-15 16:31 - 2022-10-15 19:05 - 000000000 ____D C:\Users\doher\AppData\Local\Packages
2022-10-15 16:31 - 2022-10-15 17:25 - 000000000 ____D C:\ProgramData\Packages
2022-10-15 16:31 - 2022-10-15 16:31 - 000000000 ____D C:\Users\doher\AppData\Roaming\Adobe
2022-10-15 16:31 - 2022-10-15 16:31 - 000000000 ____D C:\Users\doher\AppData\Local\VirtualStore
2022-10-15 16:31 - 2022-10-15 16:31 - 000000000 ____D C:\Users\doher\AppData\Local\Publishers
2022-10-15 16:30 - 2022-10-15 18:53 - 000000000 ____D C:\Users\doher\AppData\Local\ConnectedDevicesPlatform
2022-10-15 16:30 - 2022-10-15 16:30 - 000000020 ___SH C:\Users\doher\ntuser.ini
2022-10-15 08:08 - 2022-10-15 04:27 - 000000000 ____D C:\WINDOWS\Panther
2022-10-15 08:06 - 2022-10-15 04:27 - 000000000 ____D C:\Windows.old
2022-10-15 08:04 - 2022-10-15 08:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-15 08:01 - 2022-10-15 08:01 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-15 08:01 - 2022-10-15 08:01 - 000000000 ____D C:\ProgramData\ssh
2022-10-15 07:53 - 2022-10-15 07:53 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-10-15 07:53 - 2022-10-15 07:53 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-10-15 07:53 - 2022-10-15 07:53 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2022-10-15 07:53 - 2022-10-15 07:53 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-15 07:52 - 2022-10-15 07:52 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-15 07:52 - 2022-10-15 07:52 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-10-15 07:52 - 2022-10-15 07:52 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-10-15 07:52 - 2022-10-15 07:52 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-10-15 07:52 - 2022-10-15 07:52 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-10-15 07:52 - 2022-10-15 07:52 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-10-15 07:52 - 2022-10-15 07:52 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-10-15 07:52 - 2022-10-15 07:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-10-15 07:51 - 2022-10-15 07:51 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-10-15 07:51 - 2022-10-15 07:51 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-10-15 07:51 - 2022-10-15 07:51 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-15 07:51 - 2022-10-15 07:51 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-15 07:51 - 2022-10-15 07:51 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2022-10-15 07:50 - 2022-10-15 07:50 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2022-10-15 07:50 - 2022-10-15 07:50 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-15 07:50 - 2022-10-15 07:50 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2022-10-15 07:50 - 2022-10-15 07:50 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-10-15 07:49 - 2022-10-15 07:49 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-10-15 07:49 - 2022-10-15 07:49 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-10-15 07:49 - 2022-10-15 07:49 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-10-15 07:49 - 2022-10-15 07:49 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2022-10-15 07:48 - 2022-10-15 07:48 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2022-10-15 07:48 - 2022-10-15 07:48 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2022-10-15 07:48 - 2022-10-15 07:48 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-10-15 07:33 - 2022-10-15 07:33 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-15 07:33 - 2022-10-15 07:33 - 000000000 ____D C:\Program Files\MSBuild
2022-10-15 07:33 - 2022-10-15 07:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-15 07:33 - 2022-10-15 07:33 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-15 07:29 - 2022-10-15 07:29 - 000000000 ____D C:\Program Files\Synaptics
2022-10-15 07:27 - 2022-10-15 07:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-15 04:25 - 2022-10-15 21:05 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-15 04:20 - 2022-10-15 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-15 04:20 - 2022-10-15 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-15 04:20 - 2022-10-15 04:20 - 000003612 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{A05DE810-272B-4EDD-A2E6-AD0A7D7AE9C4}
2022-10-15 04:20 - 2022-10-15 04:20 - 000003488 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{678C2896-E540-450C-9B4E-39C60D36D845}
2022-10-15 04:15 - 2022-10-15 16:34 - 000002369 _____ C:\Users\doher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-15 04:15 - 2022-10-15 16:31 - 000000000 ____D C:\Users\doher
2022-10-15 04:12 - 2022-10-15 04:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2022-10-15 04:12 - 2022-10-15 04:12 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2022-10-15 04:11 - 2022-10-15 04:11 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-10-15 04:10 - 2022-10-15 19:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-15 04:10 - 2022-10-15 04:10 - 000257824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-15 03:08 - 2022-10-15 04:18 - 000000000 ___HD C:\$SysReset
2022-10-15 00:09 - 2022-10-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiMon
2022-10-14 23:44 - 2022-10-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2022-10-14 22:52 - 2022-10-14 22:52 - 000001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2022-10-14 21:50 - 2022-10-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2022-10-14 20:50 - 2022-10-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2022-10-14 19:34 - 2022-10-14 19:34 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-10-14 19:15 - 2022-10-14 19:15 - 000012638 _____ C:\junk.txt
2022-10-13 02:08 - 2022-10-13 02:09 - 030831256 _____ (Proton Technologies AG) C:\Users\doher\Downloads\ProtonVPN_win_v2.1.1.exe
2022-10-13 00:41 - 2022-10-13 00:41 - 000000000 _____ C:\Users\doher\whoami
2022-10-12 02:43 - 2022-09-23 04:48 - 006126344 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2022-10-12 02:43 - 2022-09-23 04:48 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000066976 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKIS.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000036744 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKISInterface.dll
2022-10-12 02:43 - 2022-09-13 06:30 - 000077720 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSM.sys
2022-10-12 02:43 - 2022-09-13 06:30 - 000036768 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSMInterface.dll
2022-10-12 00:37 - 2022-10-12 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-10-12 00:36 - 2022-09-23 14:59 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2022-10-12 00:35 - 2022-10-12 00:37 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-10-11 13:18 - 2022-10-11 13:20 - 000000000 ___HD C:\$WinREAgent
2022-10-11 05:52 - 2022-10-11 05:52 - 000000000 ____D C:\Users\Public\Desktop\CC Support
2022-10-10 02:28 - 2022-10-10 02:28 - 000000000 ___HD C:\$Windows.~WS
2022-10-09 19:29 - 2022-10-09 19:29 - 001666080 _____ (O&O Software GmbH) C:\Users\doher\Downloads\OOSU10.exe
2022-10-08 23:54 - 2022-10-08 23:54 - 000000112 ___SH C:\bootTel.dat
2022-10-08 03:32 - 2022-10-15 04:21 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-05 17:31 - 2022-10-15 21:26 - 000000000 ____D C:\FRST
2022-10-03 04:54 - 2022-10-03 04:55 - 000000000 ____D C:\Users\doher\AppData\LocalLow\IObit
2022-09-22 20:23 - 2022-09-22 20:23 - 000000000 ____D C:\ATTO
2022-09-22 20:22 - 2022-09-22 20:22 - 003993048 _____ (ATTO Technology, Inc.) C:\Users\doher\Downloads\win_app_benchmark_4000f2.exe
2022-09-22 02:50 - 2022-09-22 02:50 - 000000000 ____D C:\Users\doher\.wdc
2022-09-22 02:32 - 2022-09-22 02:32 - 003637651 _____ C:\Users\doher\Downloads\c01868653.pdf
2022-09-21 00:02 - 2022-09-21 00:02 - 000001024 ____H C:\SYSTAG.BIN
2022-09-20 23:05 - 2022-09-22 23:31 - 000001024 ____H C:\AMTAG.BIN
2022-09-19 10:44 - 2022-09-19 21:53 - 000000000 ____D C:\Users\doher\Downloads\aida64business675_portable
2022-09-19 10:44 - 2022-09-19 10:44 - 049661152 _____ C:\Users\doher\Downloads\aida64business675_portable.zip
2022-09-19 03:15 - 2022-09-19 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2022-09-18 17:49 - 2022-10-03 08:37 - 000000000 ___HD C:\OneDriveTemp
2022-09-18 17:48 - 2022-10-15 16:34 - 000000000 ___RD C:\Users\doher\OneDrive
2022-09-18 17:44 - 2022-10-15 21:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-18 17:44 - 2022-10-15 16:31 - 000000000 ___RD C:\Users\doher\3D Objects
2022-09-18 07:41 - 2022-09-18 07:41 - 000000000 _SHDL C:\Documents and Settings
2022-09-18 07:40 - 2022-09-18 07:40 - 000000000 ____D C:\WINDOWS\CSC
2022-09-18 07:31 - 2022-10-15 04:21 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-18 07:26 - 2022-10-15 21:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-16 17:10 - 2016-03-31 02:24 - 000772104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000622784 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2022-09-16 17:10 - 2016-03-31 02:24 - 000430256 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000274968 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000267440 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31-1.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2022-09-16 17:10 - 2016-03-31 02:24 - 000052400 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 21:25 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-15 21:20 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-15 21:18 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-15 21:14 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-15 21:02 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-15 20:59 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-15 19:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-15 16:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-15 16:45 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-15 16:38 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-15 08:07 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-15 08:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-15 08:01 - 2019-12-07 05:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-15 08:01 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-15 08:01 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-15 08:01 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-15 08:01 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-15 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-15 08:01 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2022-10-15 07:59 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-10-15 07:59 - 2019-12-07 05:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-10-15 07:59 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-15 07:59 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-15 07:35 - 2019-12-07 05:52 - 000000000 ____D C:\WINDOWS\OCR
2022-10-15 07:32 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-15 07:32 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-15 04:28 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-15 04:27 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-10-15 04:27 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-15 04:27 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-15 04:20 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-15 04:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================.
#25
Posted 15 October 2022 - 10:30 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2022
Ran by Rockets (15-10-2022 21:39:45)
Running from C:\Users\Rockets\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2130 (X64) (2022-10-15 08:27:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1890784580-1000596592-3856219040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1890784580-1000596592-3856219040-503 - Limited - Disabled)
doher (S-1-5-21-1890784580-1000596592-3856219040-1001 - Limited - Enabled) => C:\Users\doher
Guest (S-1-5-21-1890784580-1000596592-3856219040-501 - Limited - Disabled)
Rockets (S-1-5-21-1890784580-1000596592-3856219040-1002 - Administrator - Enabled) => C:\Users\Rockets
WDAGUtilityAccount (S-1-5-21-1890784580-1000596592-3856219040-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1890784580-1000596592-3856219040-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.60.615.2022 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\doher\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{225F579C-6AAD-403A-84D4-CFC42938F43F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-10-2022 16:42:45 Windows Modules Installer
15-10-2022 19:18:06 Newresetsettingsmodified
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/15/2022 06:52:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (10/15/2022 06:52:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (10/15/2022 06:52:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (10/15/2022 06:52:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (10/15/2022 04:20:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.
Error: (10/15/2022 04:11:45 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1409.
System errors:
=============
Error: (10/15/2022 12:55:44 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (10/15/2022 04:47:22 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (10/15/2022 04:15:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (10/15/2022 04:15:45 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Error: (10/15/2022 04:13:45 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (10/15/2022 04:13:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (10/15/2022 04:13:45 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Error: (10/15/2022 04:11:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
==================== Memory info ===========================
BIOS: Hewlett-Packard F.15 05/17/2010
Motherboard: Hewlett-Packard 363F
Processor: AMD Athlon II Dual-Core M300
Percentage of memory in use: 60%
Total physical RAM: 7932.2 MB
Available physical RAM: 3163.38 MB
Total Virtual: 9852.2 MB
Available Virtual: 5094.81 MB
==================== Drives ================================
Drive c: (C ) (Fixed) (Total:444.36 GB) (Free:379.61 GB) (Model: WD Blue SA510 2.5 500GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (ESD-USB (D:)) (Removable) (Total:28.65 GB) (Free:17.08 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:21.1 GB) (Free:9.64 GB) (Model: WD Blue SA510 2.5 500GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: WD Blue SA510 2.5 500GB) FAT32
\\?\Volume{7dda13fc-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7DDA13FC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=444.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=108 MB) - (Type=0C)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 28.7 GB) (Disk ID: 9A17DA42)
Partition 1: (Not Active) - (Size=28.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
#26
Posted 15 October 2022 - 10:33 PM

- ._________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for 0:00:41 (h:mm:ss) on all processors.
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name: HAL900
OS version: Windows 10, 10.0, version 2009, build: 19044 (x64)
Hardware: HP G61 Notebook PC, Hewlett-Packard
BIOS: Default System BIOS
CPU: AuthenticAMD AMD Athlon II Dual-Core M300
Logical processors: 2
Processor groups: 1
Processor group size: 2
RAM: 7932 MB total
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed (WMI): 20 MHz
Reported CPU speed (registry): 1995 MHz
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
Highest measured interrupt to process latency (µs): 75.80
Average measured interrupt to process latency (µs): 11.740399
Highest measured interrupt to DPC latency (µs): 59.0
Average measured interrupt to DPC latency (µs): 4.174912
_________________________________________________________________________________________________________
REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
Highest ISR routine execution time (µs): 57.854637
Driver with highest ISR routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
Highest reported total ISR routine time (%): 0.060738
Driver with highest ISR total time: i8042prt.sys - i8042 Port Driver, Microsoft Corporation
Total time spent in ISRs (%) 0.084662
ISR count (execution time <250 µs): 4587
ISR count (execution time 250-500 µs): 0
ISR count (execution time 500-1000 µs): 0
ISR count (execution time 1000-2000 µs): 0
ISR count (execution time 2000-4000 µs): 0
ISR count (execution time >=4000 µs): 0
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
Highest DPC routine execution time (µs): 144.846617
Driver with highest DPC routine execution time: SynTP.sys - Synaptics Touchpad Win64 Driver, Synaptics Incorporated
Highest reported total DPC routine time (%): 0.064556
Driver with highest DPC total execution time: rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
Total time spent in DPCs (%) 0.253944
DPC count (execution time <250 µs): 26607
DPC count (execution time 250-500 µs): 0
DPC count (execution time 500-10000 µs): 0
DPC count (execution time 1000-2000 µs): 0
DPC count (execution time 2000-4000 µs): 0
DPC count (execution time >=4000 µs): 0
_________________________________________________________________________________________________________
REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
Process with highest pagefault count: latmon.exe
Total number of hard pagefaults 5
Hard pagefault count of hardest hit process: 1
Number of processes hit: 5
_________________________________________________________________________________________________________
PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s): 1.589828
CPU 0 ISR highest execution time (µs): 57.854637
CPU 0 ISR total execution time (s): 0.058187
CPU 0 ISR count: 3101
CPU 0 DPC highest execution time (µs): 144.846617
CPU 0 DPC total execution time (s): 0.180502
CPU 0 DPC count: 24717
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s): 0.402043
CPU 1 ISR highest execution time (µs): 13.804511
CPU 1 ISR total execution time (s): 0.011898
CPU 1 ISR count: 1486
CPU 1 DPC highest execution time (µs): 128.116291
CPU 1 DPC total execution time (s): 0.029718
CPU 1 DPC count: 1890
_________________________________________________________________________________________________________
#27
Posted 15 October 2022 - 10:39 PM

#28
Posted 15 October 2022 - 10:40 PM

#29
Posted 15 October 2022 - 10:51 PM

Sanity scan results
- Analysis
Analyzing your system ...
Processes are running without company, product and description information
One or more processes have been detected which have not registered any company, product and description information. This is not uncommon or necessarily the work of a virus or malware but does raise a flag of suspicion. It is suggested that you find out what this process belongs to and why it is running on your system.
- The process registry does not have any product, company or description information.
Information about the responsible process registry:
file path: registry
This file is no longer available. We suggest you try to find this file in another location on your hard disk.
Click here to do a Google search on registry
- The process startmenuexperiencehost.exe does not have any product, company or description information.
Information about the responsible process startmenuexperiencehost.exe:
file path: C:\windows\systemapps\microsoft.windows.startmenuexperiencehost_cw5n1h2txyewy\startmenuexperiencehost.exe
#30
Posted 15 October 2022 - 11:01 PM

TASKLIST /SVC > \junk.txt
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 92 N/A
smss.exe 364 N/A
csrss.exe 472 N/A
wininit.exe 584 N/A
csrss.exe 592 N/A
services.exe 652 N/A
lsass.exe 660 EFS, KeyIso, SamSs, VaultSvc
winlogon.exe 776 N/A
svchost.exe 836 BrokerInfrastructure, DcomLaunch, PlugPlay,
Power, SystemEventsBroker
fontdrvhost.exe 872 N/A
fontdrvhost.exe 880 N/A
svchost.exe 980 RpcEptMapper, RpcSs
svchost.exe 64 LSM
dwm.exe 400 N/A
svchost.exe 1060 lmhosts
svchost.exe 1068 CoreMessagingRegistrar
svchost.exe 1108 NcbService
svchost.exe 1120 TimeBrokerSvc
svchost.exe 1208 Schedule
svchost.exe 1248 DisplayEnhancementService
svchost.exe 1256 ProfSvc
svchost.exe 1288 EventLog
svchost.exe 1396 UserManager
svchost.exe 1412 DispBrokerDesktopSvc
svchost.exe 1452 nsi
svchost.exe 1648 Dhcp
svchost.exe 1720 camsvc
svchost.exe 1732 StateRepository
svchost.exe 1860 NlaSvc
WUDFHost.exe 1900 N/A
atiesrxx.exe 1952 AMD External Events Utility
atieclxx.exe 1996 N/A
svchost.exe 2032 Themes
svchost.exe 2044 EventSystem
svchost.exe 1056 CscService
svchost.exe 2060 netprofm
svchost.exe 2088 SENS
svchost.exe 2160 AudioEndpointBuilder
svchost.exe 2168 FontCache
svchost.exe 2292 SEMgrSvc
svchost.exe 2388 WinHttpAutoProxySvc
sihost.exe 2428 N/A
svchost.exe 2480 CDPUserSvc_234ba
svchost.exe 2528 Dnscache
taskhostw.exe 2572 N/A
svchost.exe 2632 WpnUserService_234ba
svchost.exe 2652 TokenBroker
svchost.exe 2668 Audiosrv
taskhostw.exe 2808 N/A
svchost.exe 2912 DusmSvc
svchost.exe 2936 Wcmsvc
svchost.exe 3016 TabletInputService
ctfmon.exe 2316 N/A
svchost.exe 3192 WlanSvc
svchost.exe 3208 CDPSvc
svchost.exe 3260 ShellHWDetection
explorer.exe 3392 N/A
spoolsv.exe 3432 Spooler
svchost.exe 3476 BFE, mpssvc
svchost.exe 3556 LanmanWorkstation
svchost.exe 3752 RmSvc
svchost.exe 2896 DeviceAssociationService
svchost.exe 3104 CryptSvc
svchost.exe 4104 cbdhsvc_234ba
svchost.exe 4116 DiagTrack
svchost.exe 4124 DPS
svchost.exe 4152 Winmgmt
svchost.exe 4236 SstpSvc
svchost.exe 4244 LanmanServer
SynTPEnhService.exe 4252 SynTPEnhService
svchost.exe 4272 TrkWks
svchost.exe 4316 WpnService
MsMpEng.exe 4328 WinDefend
svchost.exe 4436 iphlpsvc
svchost.exe 4460 WdiSystemHost
SynTPEnh.exe 4468 N/A
svchost.exe 4612 RasMan
svchost.exe 4812 WdiServiceHost
svchost.exe 4936 PcaSvc
svchost.exe 4996 Appinfo
SynTPHelper.exe 5096 N/A
SearchIndexer.exe 5144 WSearch
StartMenuExperienceHost.e 5748 N/A
RuntimeBroker.exe 6088 N/A
svchost.exe 2416 UsoSvc
SearchApp.exe 5392 N/A
RuntimeBroker.exe 5536 N/A
LockApp.exe 6664 N/A
RuntimeBroker.exe 6724 N/A
svchost.exe 6848 BthAvctpSvc
svchost.exe 7148 lfsvc
RuntimeBroker.exe 6580 N/A
SecurityHealthSystray.exe 6076 N/A
SecurityHealthService.exe 7068 SecurityHealthService
OneDrive.exe 6152 N/A
svchost.exe 3024 OneSyncSvc_234ba
svchost.exe 4528 DoSvc
svchost.exe 8004 StorSvc
SgrmBroker.exe 7704 SgrmBroker
svchost.exe 6220 wscsvc
svchost.exe 7424 UdkUserSvc_234ba
ShellExperienceHost.exe 1080 N/A
RuntimeBroker.exe 7340 N/A
SystemSettingsBroker.exe 3544 N/A
ApplicationFrameHost.exe 3064 N/A
svchost.exe 7828 WbioSrvc
svchost.exe 8016 IKEEXT
svchost.exe 7660 PolicyAgent
NisSrv.exe 5024 WdNisSvc
TextInputHost.exe 5504 N/A
RuntimeBroker.exe 7332 N/A
dllhost.exe 3584 N/A
SearchApp.exe 2616 N/A
smartscreen.exe 8552 N/A
svchost.exe 3632 LicenseManager
WmiPrvSE.exe 9064 N/A
cmd.exe 7188 N/A
conhost.exe 9132 N/A
audiodg.exe 7492 N/A
notepad.exe 3724 N/A
Taskmgr.exe 8604 N/A
SearchProtocolHost.exe 2220 N/A
msedge.exe 6228 N/A
msedge.exe 8780 N/A
msedge.exe 1568 N/A
msedge.exe 7176 N/A
msedge.exe 3492 N/A
svchost.exe 5280 AppXSvc
SearchFilterHost.exe 5720 N/A
msedge.exe 1592 N/A
msedge.exe 9052 N/A
msedge.exe 7844 N/A
msedge.exe 3056 N/A
msedge.exe 9136 N/A
msedge.exe 7480 N/A
msedge.exe 7292 N/A
msedge.exe 8452 N/A
tasklist.exe 5768 N/A
WmiPrvSE.exe 3252 N/A
Edited by ForrestGump, 15 October 2022 - 11:05 PM.
Similar Topics
Also tagged with one or more of these keywords: Virus
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
As Featured On:






