Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus Infection

Started by ForrestGump , Oct 05 2022 11:38 PM
Virus

  • Please log in to reply

#76
RKinner
Posted 23 October 2022 - 04:13 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

58C under load is not that bad.  I've seen them hit 90C with a badly clogged heat sink.  If it stays below 65C under moderate load then there's nothing to worry about.  58C at idle probably indicates either the heatsink is getting clogged or the thermal pad has dried out.  That used to be a common problem on Compaq laptops (which yours might be related to as HP bought up Compaq).  I found a video of a guy replacing the fan on one.   I think I did one of them maybe 7 year ago.  (Worst laptop I've ever had to work on.  I swear they install the fan first and build the laptop around it and to make matters worse they used a lot of different size screws so the guy's trick of drawing a picture and putting each screw on the picture is the only way to make sure you get the screws back to where they belong.)  Looks like you need to remove the heatsink to get to the fan so you would need to replace the thermal pad.  You can't buy a new pad but you can replace it with thermal paste.  I've always used the kit from ArcticSilver 5 

https://www.amazon.c...n/dp/B002DILLMS

 

but in a pinch you can use just the paste and clean the surfaces with rubbing alcohol.  (Use a coffee filter instead of a paper towel or tissue)  There are actually two pads.  One on the CPU and one on the graphics chip.  There's only one fan so speedfan is in error on that.  

 

Sometime you can improve things without surgery.  Propping up the back of the laptop will help with heat flow.  Also a fan tray can force enough air through to make it run cooler.  

 

You should be able to hear the fan run (unless you are as deaf as I am at 76).  If it is not too loud then it's probably OK.  Amazon usually has them but you will have to wait for it to come from China.

 

The heat sink fins are usually the problem.  They get clogged with dust.  If you can get the fan out with out disturbing the heat sink you can just clean them in place with a small brush and a hand vac.  

 

It may be that your CPU is just too slow.  I've seen intel CPUs run slow because of Speedstep.  Turning it off in the BIOS can sometimes improve performance. Apparently AMD has the same technology but they call it Cool N Quiet.  Don't know if your BIOS lets you turn it off (HP BIOS is really limited)  but might be worth trying.  Of course the tradeoff is that it may run hotter.


  • 0

Advertisements

#77
ForrestGump
Posted 23 October 2022 - 06:39 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

I switched Users from Admin to Std acct & noticed the Taskmgr under the UsersTab indicates the Admin acct still is using RAM, even though the Admin acct user session Status shows Disconnected?

 

Could this be a Memory Leak issue?

 

Perhaps the User Memory data takes some time to indicate Real updated data in TaskMgr after switching Users?

 

TaskmgrUsersProcessess.jpg


Edited by ForrestGump, 23 October 2022 - 06:40 PM.

  • 0

#78
ForrestGump
Posted 23 October 2022 - 07:49 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan also indicated Win 21H1 instead of 21H2

 

I am 61 & don't follow details well, Reread your post from yesterday & noticed you said to Download & Run Speedfan in Win 7 or Vista, I will redo the Download as advised, I suppose I should be reading instructions @ 3AM, LOL

 

Oh Boy I only hope I make it to 76!

 

Do/Should, I have to download & run all programs & Drivers under Compatability mode W7/Vista?

 

Is this due to the Initial OS Win 7 install &/or because this laptop does not have the correct drivers for Win10?

 

I have the fan on in the BIOS & selected as ACTIVE under the Powerplan settings.

 

If I place a tissue next to the fan exhaust it does move it & I can feel the heat coming out,

 

I was also thinking about using a Laptop stand or cooling pad or fan underneath....

 

I also just downloaded after reading a GHacks.net article on Oct 18,2022 re:

 

Windows 10 out-of-band update KB5020435 fixes connectivity issues

 

Ok it downloaded & I need to restart, fingers crossed it helps!


  • 0

#79
RKinner
Posted 23 October 2022 - 07:50 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

When you switch users it doesn't log out the first user.  Just puts his stuff on the back burner so to speak.  It still takes memory.  Try logging out and then log on as the other user.


  • 0

#80
RKinner
Posted 23 October 2022 - 07:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

NO the instructions just meant that if you have Vista or Win 7  or higher (that what the plus was supposed to mean) you should right click and Run As Admin. No need for compatibility mode.


  • 0

#81
ForrestGump
Posted 23 October 2022 - 08:42 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

See how I can't read right, Mind you I do have ABI so It really impairs my comprehension & cognitive ability, ABI BTW is Acquired Brain Injury, In my case a near fatal Auto crash

 

You need a Ph'd or Bill Gates to setup Speedfan & Process Lasso, Have you ever seen/heard of Process Lasso?


  • 0

#82
ForrestGump
Posted 23 October 2022 - 08:43 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan Startup results

 

SpeedfanStartup.jpg


Edited by ForrestGump, 23 October 2022 - 08:45 PM.

  • 0

#83
ForrestGump
Posted 23 October 2022 - 08:47 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan results after 20 mins

 

SpeedfanStartup+20mins.jpg


  • 0

#84
ForrestGump
Posted 23 October 2022 - 08:49 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan after 5 hrs

 

Speedfanafter5hrsstartup.jpg


  • 0

#85
ForrestGump
Posted 23 October 2022 - 09:07 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

TaskMgr W EDGE & YT, 3 Tabs open,3 Extensions running, 17 Processes

 

TaskMgrEdge&YT.jpg


  • 0

Advertisements

#86
ForrestGump
Posted 23 October 2022 - 10:22 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

I believe the High CPU issue is related to the Graphics Driver or associated drivers, If you adjust the quality on YT from 240p to 720p the CPU usage goes from 30-40% to 70-80%

 

If you move the mouse pointer the CPU goes up 10% then drops if you stop moving it

 

There must have been a Win 10 update at some point in the past month that is causing this issue

 

Since I have reset the PC a few times I cannot rollback the problematic update

 

I am out of ideas on how to resolve this issue with what appears to be an incompatible driver....


  • 0

#87
ForrestGump
Posted 23 October 2022 - 10:58 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

If I watch any YT video on the YT site it uses 70 % CPU

 

If I watch the same video on Edge/Bing it uses 40% CPU

 

I don't know anything about how these 2 systems graphic rendering variables are causing the higher CPU consumption


  • 0

#88
ForrestGump
Posted 24 October 2022 - 06:07 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan Startup Temps

 

Will use the vacuum today for the fan exhaust/intake, I have a kit I bought 15 yrs ago & never used, has all those tiny attachments for cleaning intricate devices...

 

SF8.00PMSTARTUP.jpg

 

 


  • 0

#89
ForrestGump
Posted 24 October 2022 - 06:45 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Speedfan 42 mins later, Heats up so quickly?

 

SF842PM.jpg

 

 


  • 0

#90
ForrestGump
Posted 24 October 2022 - 09:16 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2022
Ran by Rockets (administrator) on HAL900 (Hewlett-Packard HP G61 Notebook PC) (24-10-2022 22:41:04)
Running from C:\Users\Rockets\Desktop
Loaded Profiles: Rockets
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2132 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Microsoft PC Manager\MSPCManager.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe <6>
(C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe ->) (Microsoft Corporation -> MSPCWndManager) C:\Program Files\Microsoft PC Manager\MSPCWndManager.exe
(C:\Program Files\Process Lasso\srvstub.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(explorer.exe ->) (Microsoft Corporation -> MSPCManager) C:\Program Files\Microsoft PC Manager\MSPCManager.exe
(explorer.exe ->) (SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\srvstub.exe
(services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files (x86)\OO Software\Syspectr\OOSysAgent.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(svchost.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\bitsumsessionagent.exe
(svchost.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [5484464 2022-09-13] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [WindowsMasterUI] => C:\Program Files\Microsoft PC Manager\MSPCManager.exe [546752 2022-10-24] (Microsoft Corporation -> MSPCManager)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2022-10-21]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{B15B2393-3049-4C81-AEC7-0A4A6DE59B96}\app_icon.exe () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02178FB0-F955-4AD3-A5FD-2A2BC36D4324} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B2DD316-E565-4EDA-A945-FDB0C4AEC3B6} - System32\Tasks\GoogleUpdateTaskMachineUA{0717EB36-F14D-4CAF-B4C7-35EEF5CE9D66} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {4234D3CA-4F77-4C86-8764-7247FD0B5151} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [565240 2022-09-06] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {4FA0D689-1ADE-4663-9CE5-F739AE27C07E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6EF3AA06-A01D-41CE-87BA-D40A8252602F} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1812976 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {7873D287-2371-4AC5-A655-3E3BF809A0DB} - System32\Tasks\GoogleUpdateTaskMachineCore{E1E5E758-0FC3-44B6-B274-BE6C593587F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {835BB124-B242-4CA3-9B2F-6F32ABA79E46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EF2F690-BA78-4DB8-823E-D058E632024D} - System32\Tasks\Session agent for Process Lasso => C:\Program Files\Process Lasso\bitsumsessionagent.exe [174576 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {D927F2D4-FBB3-4B9C-AB6E-8397A633D05F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7df6fe4a-5cee-4651-96b6-17a0c1353ec2}: [DhcpNameServer] 192.168.2.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-24]
Edge Notifications: Default -> hxxps://www.youtube.com
Edge Extension: (Enhancer for YouTube™) - C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlgfaleeejmphhnemjgiaekdbonkagkd [2022-10-18]
Edge Extension: (uBlock Origin) - C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-10-22]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-10-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default [2022-10-22]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Google Docs Offline) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-19]
CHR Extension: (Speedtest by Ookla) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2022-10-19]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\pocpnlppkickgojjlmhdmidojbmbodfm [2022-10-19]
CHR Extension: (Enhancer for YouTube™) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2022-10-22]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [4357040 2022-09-08] (O&O Software GmbH -> O&O Software GmbH)
R2 PCManager Service; C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe [72128 2022-10-24] (Microsoft Corporation -> MSPCManagerService)
R2 ProcessGovernor; C:\Program Files\Process Lasso\processgovernor.exe [1291248 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SyspectrAgent; C:\Program Files (x86)\OO Software\Syspectr\OOSysAgent.exe [41592 2022-04-05] (O&O Software GmbH -> O&O Software GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Ahflt; C:\WINDOWS\System32\drivers\ahflt.sys [46480 2022-10-24] (Microsoft Corporation -> Microsoft Corporation)
S3 AppleKIS; C:\WINDOWS\System32\drivers\AppleKIS.sys [66976 2022-09-14] (Apple Inc. -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleRSM; C:\WINDOWS\System32\drivers\AppleRSM.sys [77720 2022-09-13] (Apple Inc. -> Apple Inc.)
S3 MirayRAMDrive; C:\WINDOWS\System32\drivers\mrdo.sys [65488 2022-02-10] (Miray Software AG -> Miray)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 RtNdPt640; C:\WINDOWS\system32\DRIVERS\RtNdPt640.sys [58464 2020-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-18] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Three months (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-24 21:03 - 2022-10-24 21:03 - 000000000 ____D C:\Users\Rockets\AppData\Local\ToastNotificationManagerCompat
2022-10-24 21:03 - 2022-10-24 21:03 - 000000000 ____D C:\Users\Rockets\AppData\Local\PC Manager
2022-10-24 21:02 - 2022-10-24 21:22 - 000000000 ____D C:\Users\Rockets\AppData\Local\Windows Master
2022-10-24 21:02 - 2022-10-24 21:03 - 000000000 ____D C:\ProgramData\Windows Master
2022-10-24 21:02 - 2022-10-24 21:03 - 000000000 ____D C:\Program Files\Microsoft PC Manager
2022-10-24 21:02 - 2022-10-24 21:02 - 000001850 _____ C:\Users\Public\Desktop\PC Manager.lnk
2022-10-24 21:02 - 2022-10-24 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MS PC Manager
2022-10-23 21:24 - 2022-10-23 21:24 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-23 21:03 - 2022-10-23 21:03 - 015505341 _____ C:\Users\doher\Downloads\ssu-19041.1161-x64_e7e052f5cbe97d708ee5f56a8b575262d02cfaa4.msu
2022-10-23 20:42 - 2022-10-23 20:44 - 717122227 _____ C:\Users\doher\Downloads\windows10.0-kb5020435-x64_c80ba81c2e9c810fed28af5ca133d92a6b52f1dd.msu
2022-10-23 00:31 - 2022-10-23 00:33 - 000000000 ____D C:\ProgramData\WRData
2022-10-22 23:51 - 2022-10-22 23:51 - 000000000 ____D C:\WINDOWS\system32\driversnew
2022-10-22 23:48 - 2022-10-22 23:48 - 021741558 _____ C:\Users\Rockets\Downloads\Synaptics_v19_2_17_59-Win10-x64 (1).cab
2022-10-22 23:43 - 2022-10-22 23:43 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\WinRAR
2022-10-22 23:39 - 2022-10-22 23:39 - 000001050 _____ C:\Users\Public\Desktop\WinRAR.lnk
2022-10-22 23:39 - 2022-10-22 23:39 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-22 23:39 - 2022-10-22 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-22 23:39 - 2022-10-22 23:39 - 000000000 ____D C:\Program Files\WinRAR
2022-10-22 23:35 - 2022-10-22 23:35 - 000005544 _____ C:\Users\Rockets\Desktop\SANITYCHECK.txt
2022-10-22 23:33 - 2022-10-22 23:33 - 021741558 _____ C:\Users\Rockets\Downloads\Synaptics_v19_2_17_59-Win10-x64.cab
2022-10-22 23:20 - 2022-10-22 23:33 - 000007438 _____ C:\Users\Rockets\AppData\Local\Temp38.html
2022-10-22 23:10 - 2022-10-22 23:24 - 000001293 _____ C:\Users\Rockets\AppData\Local\Temp1.html
2022-10-22 23:09 - 2022-10-22 23:24 - 000001049 _____ C:\Users\Rockets\Desktop\SanityCheck.lnk
2022-10-22 23:09 - 2022-10-22 23:14 - 000000000 ____D C:\Program Files\SanityCheck
2022-10-22 23:09 - 2012-10-29 23:41 - 000031328 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspSanity64.sys
2022-10-22 22:48 - 2022-10-22 22:48 - 000006669 _____ C:\Users\Rockets\Desktop\HWINFO64.TXT
2022-10-22 22:41 - 2022-10-22 22:41 - 000006669 _____ C:\Users\Rockets\Desktop\HWINFO64.CSV
2022-10-22 22:24 - 2022-10-22 22:34 - 000000000 ____D C:\Program Files\HWiNFO64
2022-10-22 22:24 - 2022-10-22 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2022-10-22 22:23 - 2022-10-22 22:23 - 010377928 _____ (Martin Malik - REALiX ) C:\Users\Rockets\Downloads\hwi_730.exe
2022-10-22 20:42 - 2022-10-24 22:39 - 000001082 _____ C:\Users\Rockets\Desktop\SpeedFan.lnk
2022-10-22 20:42 - 2022-10-22 20:42 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2022-10-22 20:41 - 2022-10-22 20:41 - 003086696 _____ C:\Users\Rockets\Downloads\instspeedfan452_1 (1).exe
2022-10-22 20:05 - 2022-10-24 22:39 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-10-22 20:05 - 2022-10-22 20:42 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2022-10-22 20:04 - 2022-10-22 20:04 - 003086696 _____ C:\Users\Rockets\Downloads\instspeedfan452_1.exe
2022-10-22 18:24 - 2022-10-22 18:24 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\UserBenchmark
2022-10-22 18:23 - 2022-10-22 18:23 - 000043493 _____ C:\Users\Rockets\Documents\ProcessexplorerwithEdgeYT1.txt
2022-10-22 16:53 - 2022-10-22 17:21 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\hppcdddw
2022-10-22 16:48 - 2022-10-22 16:48 - 000000000 ____D C:\ProgramData\HP
2022-10-22 16:39 - 2022-10-22 17:23 - 000000000 ____D C:\SWsetup
2022-10-22 13:28 - 2022-10-22 13:28 - 000005882 _____ C:\Users\Rockets\Desktop\Multimediaregistrybacksettings.REG
2022-10-22 12:58 - 2022-10-22 12:58 - 000000000 ____D C:\WINDOWS\Panther
2022-10-22 11:50 - 2022-10-22 11:50 - 000009626 _____ C:\Users\Rockets\Desktop\tcpviewWEDGE&YT.txt
2022-10-22 11:44 - 2022-10-22 11:44 - 001409448 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rockets\Downloads\Tcpview (1).exe
2022-10-22 11:28 - 2022-10-22 11:28 - 000075878 _____ C:\Users\Rockets\Desktop\DxDiag.txt
2022-10-22 10:21 - 2022-10-22 10:21 - 007671928 _____ (O&O Software GmbH) C:\Users\Rockets\Downloads\oo-syspectr-setupe3a10530-ad77-4d82-a257-638d04a3b961.exe
2022-10-22 10:14 - 2022-10-22 10:22 - 000002463 _____ C:\Users\Public\Desktop\O&O Syspectr.lnk
2022-10-22 10:14 - 2022-10-22 10:14 - 000000000 ____D C:\Program Files (x86)\OO Software
2022-10-22 10:09 - 2022-10-22 10:09 - 007671928 _____ (O&O Software GmbH) C:\Users\Rockets\Downloads\oo-syspectr-setup.exe
2022-10-22 08:44 - 2022-10-22 08:44 - 000001883 _____ C:\Users\Rockets\Desktop\FirstBackup.spg
2022-10-22 08:39 - 2022-10-22 08:39 - 000684032 _____ (Speed Guide Inc.) C:\Users\Rockets\Desktop\TCPOptimizer.exe
2022-10-22 06:54 - 2022-10-22 06:54 - 000000867 _____ C:\Users\Rockets\Desktop\WhySoSlow.lnk
2022-10-22 06:54 - 2022-10-22 06:54 - 000000000 ____D C:\Users\Rockets\AppData\Local\Resplendence
2022-10-22 06:54 - 2022-10-22 06:54 - 000000000 ____D C:\Program Files\WhySoSlow
2022-10-22 06:54 - 2016-12-17 20:59 - 000028928 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspWhy64.sys
2022-10-22 03:16 - 2022-10-23 03:32 - 000000000 ____D C:\Users\Rockets\Desktop\CUSERSSTDACT
2022-10-22 01:44 - 2022-10-22 01:44 - 000007741 _____ C:\Users\Rockets\Desktop\LatencyMonWEdge&YT.txt
2022-10-22 01:20 - 2022-10-22 01:20 - 000006516 _____ C:\Users\Rockets\Desktop\tcpview.txt
2022-10-22 01:19 - 2022-10-22 01:19 - 000006514 _____ C:\Users\Rockets\Documents\tcpview.csv
2022-10-22 01:14 - 2022-10-22 01:20 - 000000000 ____D C:\Users\Rockets\AppData\Local\Sysinternals
2022-10-22 01:13 - 2022-10-22 01:13 - 001409448 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rockets\Downloads\Tcpview.exe
2022-10-22 01:01 - 2022-10-22 01:01 - 000000000 ____D C:\Users\Rockets\AppData\Local\O&O_Software_GmbH
2022-10-22 01:01 - 2022-10-22 01:01 - 000000000 ____D C:\Users\Rockets\AppData\Local\O&O
2022-10-21 23:57 - 2022-10-22 00:24 - 000000000 ____D C:\WINDOWS\system32\oodag
2022-10-21 23:57 - 2022-10-21 23:57 - 000002513 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2022-10-21 23:57 - 2022-10-21 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2022-10-21 23:57 - 2022-10-21 23:57 - 000000000 ____D C:\Program Files\OO Software
2022-10-21 23:56 - 2022-10-22 10:14 - 000000000 ____D C:\ProgramData\OO Software
2022-10-21 23:51 - 2022-10-21 23:53 - 030727640 _____ (O&O Software GmbH) C:\Users\Rockets\Downloads\OODefrag26Professional64Enu.exe
2022-10-21 23:16 - 2022-10-21 23:16 - 002150256 _____ (O&O Software GmbH) C:\Users\Rockets\Downloads\OOLanytix.exe
2022-10-21 23:00 - 2022-10-21 23:00 - 001806768 _____ (O&O Software GmbH) C:\Users\Rockets\Desktop\OOSU10.exe
2022-10-21 21:59 - 2022-10-21 21:59 - 000009062 _____ C:\Users\Rockets\Desktop\chkdsklog.txt
2022-10-21 20:14 - 2022-10-21 20:14 - 000000000 ____D C:\Users\Rockets\AppData\Local\OneDrive
2022-10-21 20:05 - 2022-10-21 20:05 - 000000000 ____D C:\Users\Rockets\AppData\Local\Comms
2022-10-21 20:02 - 2022-10-21 20:02 - 000000000 ____D C:\Users\Rockets\AppData\Local\PeerDistRepub
2022-10-21 19:28 - 2022-10-22 12:08 - 000000000 ____D C:\Users\Rockets\AppData\Local\OO Software
2022-10-21 05:47 - 2022-10-21 05:47 - 000000000 ____D C:\Users\doher\AppData\Local\Comms
2022-10-21 05:23 - 2022-10-21 05:23 - 000072886 _____ C:\Users\doher\Downloads\LatencyMonProcesseswithEdge&YT
2022-10-21 05:04 - 2022-10-22 01:03 - 000001042 _____ C:\Users\Rockets\Desktop\LatencyMon.lnk
2022-10-21 05:04 - 2022-10-21 05:04 - 000000000 ____D C:\Users\Rockets\AppData\Local\DBG
2022-10-21 05:04 - 2022-10-21 05:04 - 000000000 ____D C:\Program Files\LatencyMon
2022-10-21 05:04 - 2021-03-09 15:07 - 000027744 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2022-10-21 04:51 - 2022-10-22 18:16 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2022-10-20 22:20 - 2022-10-24 21:03 - 000000000 ____D C:\Users\Rockets\AppData\Local\CrashDumps
2022-10-20 22:18 - 2022-10-20 22:18 - 002373632 _____ (Farbar) C:\Users\Rockets\Downloads\FRSTEnglish.exe
2022-10-20 22:05 - 2022-10-20 22:05 - 000000000 ____D C:\Users\Rockets\AppData\Local\mbam
2022-10-20 21:41 - 2022-10-20 21:41 - 002632256 _____ (Malwarebytes) C:\Users\doher\Downloads\MBSetup.exe
2022-10-20 21:29 - 2022-10-20 21:29 - 000000000 ____D C:\Users\doher\AppData\Local\mbam
2022-10-20 13:53 - 2022-10-20 13:57 - 000000000 ___HD C:\$WinREAgent
2022-10-19 17:53 - 2022-10-23 02:10 - 000000000 ____D C:\Users\doher\AppData\Local\Google
2022-10-19 17:53 - 2022-10-19 17:53 - 000000000 ____D C:\Users\doher\AppData\Roaming\ProcessLasso
2022-10-19 05:11 - 2022-10-19 05:12 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-19 05:11 - 2022-10-19 05:12 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-19 05:10 - 2022-10-21 19:55 - 000004194 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1E5E758-0FC3-44B6-B274-BE6C593587F4}
2022-10-19 05:10 - 2022-10-19 05:10 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{0717EB36-F14D-4CAF-B4C7-35EEF5CE9D66}
2022-10-19 05:10 - 2022-10-19 05:10 - 000000000 ____D C:\Program Files\Google
2022-10-19 05:09 - 2022-10-24 22:38 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-19 05:09 - 2022-10-19 05:16 - 000000000 ____D C:\Users\Rockets\AppData\Local\Google
2022-10-19 05:09 - 2022-10-19 05:09 - 001427176 _____ (Google LLC) C:\Users\Rockets\Downloads\ChromeSetup.exe
2022-10-19 04:19 - 2022-10-19 04:19 - 006823693 _____ C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1 (1).zip
2022-10-19 04:10 - 2022-10-19 04:13 - 000000000 ____D C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1
2022-10-19 04:06 - 2020-12-29 14:36 - 000058464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtNdPt640.sys
2022-10-19 04:05 - 2022-10-19 04:05 - 006823693 _____ C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1.zip
2022-10-19 03:55 - 2022-10-19 03:55 - 001117856 _____ (Bitsum LLC) C:\Users\Rockets\Desktop\parkcontrolsetup64.exe
2022-10-19 03:55 - 2022-10-19 03:55 - 000003108 _____ C:\WINDOWS\system32\Tasks\ParkControl
2022-10-19 03:55 - 2022-10-19 03:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2022-10-19 03:55 - 2022-10-19 03:55 - 000000000 ____D C:\Program Files\ParkControl
2022-10-19 03:52 - 2022-10-20 23:33 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-10-19 03:52 - 2022-10-20 23:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-19 03:51 - 2022-10-19 03:51 - 004975146 _____ C:\Users\Rockets\Downloads\Install_Win10_10060_08222022.zip
2022-10-19 03:18 - 2022-10-21 22:21 - 000218119 _____ C:\Users\Rockets\Desktop\Fixlog.txt
2022-10-19 03:07 - 2022-10-19 03:07 - 000068713 _____ C:\Users\Rockets\Downloads\regbench.zip
2022-10-19 02:57 - 2022-10-19 02:57 - 000003274 _____ C:\WINDOWS\system32\Tasks\Session agent for Process Lasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2022-10-19 02:57 - 2022-10-19 02:57 - 000001978 _____ C:\Users\Public\Desktop\Process Lasso.lnk
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Users\Rockets\AppData\Local\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\ProgramData\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Program Files\Process Lasso
2022-10-19 02:55 - 2022-10-19 02:55 - 002592664 _____ (Bitsum LLC) C:\Users\Rockets\Downloads\processlassosetup64.exe
2022-10-19 02:34 - 2022-10-19 02:34 - 006131940 _____ (Manuel Gil) C:\Users\Rockets\Downloads\wureset11009_setup_winx64.exe
2022-10-18 22:12 - 2022-10-18 22:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-10-18 22:09 - 2022-10-18 22:09 - 001395272 _____ (Akeo Consulting) C:\Users\Rockets\Downloads\rufus-3.20 (1).exe
2022-10-18 22:07 - 2022-10-18 22:07 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64 (1).exe
2022-10-18 21:39 - 2022-10-23 04:32 - 000000000 ____D C:\Users\Rockets\AppData\Local\D3DSCache
2022-10-18 20:37 - 2022-10-23 18:15 - 000000000 ____D C:\Users\doher\AppData\Local\D3DSCache
2022-10-18 20:01 - 2022-10-18 23:21 - 000000000 ____D C:\Users\doher\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 17:45 - 2022-10-23 16:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-18 17:41 - 2022-10-18 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-18 17:34 - 2022-10-20 17:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-18 17:33 - 2022-10-20 17:55 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-18 17:30 - 2022-10-23 19:23 - 000000000 ____D C:\Users\doher\AppData\Local\Packages
2022-10-18 17:30 - 2022-10-18 23:21 - 000000000 ____D C:\Users\doher\AppData\Local\ConnectedDevicesPlatform
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Roaming\Adobe
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Local\VirtualStore
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Local\Publishers
2022-10-18 17:29 - 2022-10-21 21:09 - 000000000 ____D C:\Users\Rockets\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 17:29 - 2022-10-18 17:29 - 000000020 ___SH C:\Users\doher\ntuser.ini
2022-10-18 15:08 - 2022-10-18 15:08 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-18 15:04 - 2022-10-18 15:04 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-18 15:04 - 2022-10-18 15:04 - 000000000 ____D C:\ProgramData\ssh
2022-10-18 14:56 - 2022-10-18 14:56 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-10-18 14:56 - 2022-10-18 14:56 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-10-18 14:56 - 2022-10-18 14:56 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\uwfservicingscr.scr
2022-10-18 14:56 - 2022-10-18 14:56 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-18 14:55 - 2022-10-18 14:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-18 14:55 - 2022-10-18 14:55 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-10-18 14:54 - 2022-10-18 14:54 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-10-18 14:54 - 2022-10-18 14:54 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-10-18 14:54 - 2022-10-18 14:54 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-10-18 14:52 - 2022-10-18 14:52 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-10-18 14:52 - 2022-10-18 14:52 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-10-18 14:52 - 2022-10-18 14:52 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2022-10-18 14:51 - 2022-10-18 14:51 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2022-10-18 14:51 - 2022-10-18 14:51 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files\MSBuild
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-18 14:28 - 2022-10-18 14:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-18 14:09 - 2022-10-18 11:19 - 000000000 ___HD C:\$SysReset
2022-10-18 11:29 - 2022-10-22 02:40 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-18 11:28 - 2022-10-22 02:40 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-18 11:28 - 2022-10-18 11:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-18 11:26 - 2022-10-24 22:41 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-18 11:26 - 2022-10-22 16:39 - 000000000 ____D C:\ProgramData\Packages
2022-10-18 11:26 - 2022-10-18 11:26 - 000000000 ____D C:\Users\Rockets\AppData\Local\Publishers
2022-10-18 11:25 - 2022-10-23 16:38 - 000000000 ____D C:\Users\Rockets\AppData\Local\Packages
2022-10-18 11:25 - 2022-10-18 11:25 - 000000020 ___SH C:\Users\Rockets\ntuser.ini
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\Adobe
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Local\VirtualStore
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Local\ConnectedDevicesPlatform
2022-10-18 11:20 - 2022-10-24 22:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-18 11:20 - 2022-10-21 19:55 - 000004254 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{3C1EAF42-B76F-4333-8265-DEA80EC93EE7}
2022-10-18 11:20 - 2022-10-21 19:54 - 000004486 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4A32544D-66CF-4EA4-A7FC-E5F88E92A221}
2022-10-18 11:20 - 2022-10-18 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-18 11:19 - 2022-10-18 11:19 - 000007252 _____ C:\Users\Rockets\Desktop\Removed Apps.html
2022-10-18 11:16 - 2022-10-22 23:10 - 000000000 ____D C:\Users\doher
2022-10-18 11:16 - 2022-10-22 19:57 - 000000000 ____D C:\Users\Rockets
2022-10-18 11:16 - 2022-10-22 02:40 - 000002391 _____ C:\Users\Rockets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-18 11:16 - 2022-10-20 17:55 - 000002385 _____ C:\Users\doher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-18 11:13 - 2022-10-18 11:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2022-10-18 11:13 - 2022-10-18 11:13 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2022-10-18 11:12 - 2022-10-24 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-18 11:12 - 2022-10-18 11:12 - 000257824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-18 09:44 - 2021-06-14 15:13 - 2512468480 _____ C:\Users\Rockets\Downloads\chromiumos_image.img
2022-10-18 09:41 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-18 09:02 - 2022-10-18 09:02 - 001395272 _____ (Akeo Consulting) C:\Users\Rockets\Downloads\rufus-3.20.exe
2022-10-18 08:59 - 2022-10-18 08:59 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64.exe
2022-10-18 08:54 - 2022-10-18 08:55 - 858821775 _____ C:\Users\Rockets\Downloads\Camd64OS_R91-13904.B-Special.7z
2022-10-18 06:21 - 2022-10-18 06:21 - 000000840 _____ C:\Users\doher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2022-10-18 06:20 - 2022-10-18 06:20 - 002788752 _____ (Opera Software) C:\Users\doher\Downloads\OperaSetup.exe
2022-10-18 06:20 - 2022-10-18 06:20 - 000000000 ___HD C:\Users\doher\Downloads\.opera
2022-10-18 04:43 - 2022-10-18 04:43 - 000000000 ____D C:\Users\Rockets\Downloads\Realtek PCIe FE Family Controller
2022-10-18 04:41 - 2022-10-18 04:41 - 000000000 ____D C:\Users\Rockets\Downloads\ATI Mobility Radeon HD 4200 Series
2022-10-18 04:41 - 2022-10-18 04:41 - 000000000 ____D C:\Users\Rockets\Downloads\AMD Athlon™ II Dual-Core M300
2022-10-18 04:11 - 2022-10-18 04:11 - 000007535 _____ C:\Users\Rockets\Desktop\LatencymonitorMain.txt
2022-10-18 03:33 - 2022-10-18 03:33 - 003479544 _____ (Alexander Roshal) C:\Users\Rockets\Downloads\winrar-x64-611.exe
2022-10-18 03:24 - 2022-10-18 03:38 - 000000000 ____D C:\Users\Rockets\Downloads\ATI Radeon HD 4200 Full Latest Version For AMD
2022-10-18 03:18 - 2022-10-18 03:19 - 049696573 _____ C:\Users\Rockets\Downloads\ATI Radeon HD 4200 Full Latest Version For AMD.zip
2022-10-18 03:03 - 2022-10-18 03:04 - 153684128 _____ (Advanced Micro Devices, Inc.) C:\Users\Rockets\Downloads\13-1-legacy_vista_win7_win8_64_dd_ccc.exe
2022-10-18 02:47 - 2022-10-18 02:47 - 000000773 _____ C:\Users\Rockets\Desktop\3D Objects - Shortcut.lnk
2022-10-18 02:33 - 2022-10-18 02:34 - 515402246 _____ C:\Users\Rockets\Downloads\fbb634ff-ab48-4866-bb29-df9a82ee26af_2df1efde6717e8897f03db30ffdaf49a9538f08b.cab
2022-10-18 01:47 - 2022-10-18 01:47 - 000027677 _____ C:\Users\doher\Downloads\Processexplorer (1).txt
2022-10-18 01:44 - 2022-10-18 01:44 - 000027677 _____ C:\Users\doher\Downloads\Processexplorer.txt
2022-10-18 01:14 - 2022-10-18 01:14 - 000000000 ____D C:\Users\Rockets\Desktop\Processexputube
2022-10-18 00:44 - 2022-10-18 00:52 - 000027288 _____ C:\Users\Rockets\Documents\Processexplorer.txt
2022-10-18 00:41 - 2022-10-18 00:43 - 000028288 _____ C:\Users\Rockets\Downloads\Processexplorer.txt
2022-10-18 00:32 - 2022-10-18 01:10 - 000027677 _____ C:\Users\Rockets\Desktop\Processexplorer.txt
2022-10-17 23:25 - 2022-10-22 18:24 - 000001044 _____ C:\Users\Rockets\Desktop\UserBenchmark.lnk
2022-10-17 23:24 - 2022-10-17 23:24 - 000521728 _____ (UserBenchmark) C:\Users\doher\Downloads\UserBenchmarkInstaller (1).exe
2022-10-17 22:11 - 2022-10-17 22:11 - 003594016 _____ (RCS LT) C:\Users\Rockets\Downloads\CCSetup.exe
2022-10-17 20:24 - 2022-10-17 20:29 - 000000000 ____D C:\AMD
2022-10-17 20:17 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2022-10-16 21:22 - 2022-10-16 21:22 - 000023795 _____ C:\Users\Rockets\Desktop\ProcessExplorerData&EdgeBrowserOpen.txt
2022-10-16 21:18 - 2022-10-16 21:18 - 000021184 _____ C:\Users\Rockets\Desktop\ProcessExplorerData.txt
2022-10-16 21:17 - 2022-10-16 21:17 - 000021212 _____ C:\Users\Rockets\Desktop\MsMpEng.exe.txt
2022-10-16 20:55 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-10-16 20:55 - 2022-10-16 20:55 - 000001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2022-10-16 20:54 - 2022-10-16 20:54 - 017342976 _____ (VS Revo Group ) C:\Users\Rockets\Downloads\RevoUninProSetup.exe
2022-10-16 20:15 - 2022-10-16 20:15 - 000037782 _____ C:\Users\Rockets\Desktop\FRST10162022815PM.txt
2022-10-16 20:11 - 2022-10-16 20:11 - 000006817 _____ C:\Users\Rockets\Desktop\Addition10162022809PM.txt
2022-10-16 20:00 - 2022-10-24 22:40 - 000000000 ____D C:\Users\Rockets\Desktop\FRST-OlderVersion
2022-10-16 18:31 - 2022-10-16 18:31 - 000009290 _____ C:\Users\Rockets\Desktop\CHKDSKResults.txt
2022-10-15 23:38 - 2022-10-15 23:38 - 000017679 _____ C:\Users\Rockets\Desktop\WithEdge.txt
2022-10-15 23:33 - 2022-10-15 23:38 - 000017430 _____ C:\Users\Rockets\Desktop\svchost.exe.txt
2022-10-15 23:19 - 2022-10-15 23:19 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rockets\Desktop\procexp.exe
2022-10-15 22:22 - 2022-10-15 22:22 - 003622480 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\LatencyMon.exe
2022-10-15 22:22 - 2022-10-15 22:22 - 003040528 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\WhySoSlowSetup.exe
2022-10-15 22:20 - 2022-10-15 22:20 - 003124592 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Downloads\sanitySetup (1).exe
2022-10-15 22:20 - 2022-10-15 22:20 - 003124592 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\sanitySetup.exe
2022-10-15 21:59 - 2022-10-15 22:16 - 000000000 ____D C:\Users\Rockets\Desktop\mbar
2022-10-15 21:58 - 2022-10-15 21:58 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Rockets\Downloads\mbar-1.10.3.1001.exe
2022-10-15 21:39 - 2022-10-19 02:36 - 000011401 _____ C:\Users\Rockets\Desktop\Addition.txt
2022-10-15 21:26 - 2022-10-24 22:42 - 000012744 _____ C:\Users\Rockets\Desktop\FRST.txt
2022-10-15 21:22 - 2022-10-24 22:40 - 002373632 _____ (Farbar) C:\Users\Rockets\Desktop\FRST64.exe
2022-10-15 21:10 - 2022-10-18 11:28 - 000000000 ___RD C:\Users\Rockets\OneDrive
2022-10-15 21:02 - 2022-10-18 11:25 - 000000000 ___RD C:\Users\Rockets\3D Objects
2022-10-15 20:23 - 2022-08-18 10:47 - 001188672 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-10-15 20:22 - 2022-10-15 20:22 - 000000000 ____D C:\Users\doher\Downloads\Install_Win10_10060_08222022
2022-10-15 20:21 - 2022-10-15 20:21 - 004975146 _____ C:\Users\doher\Downloads\Install_Win10_10060_08222022.zip
2022-10-15 00:09 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiMon
2022-10-14 23:44 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2022-10-14 22:52 - 2022-10-14 22:52 - 000001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2022-10-14 21:50 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2022-10-14 20:50 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2022-10-14 19:34 - 2022-10-14 19:34 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-10-14 19:15 - 2022-10-15 23:44 - 000011666 _____ C:\junk.txt
2022-10-13 00:41 - 2022-10-13 00:41 - 000000000 _____ C:\Users\doher\whoami
2022-10-12 02:43 - 2022-09-23 04:48 - 006126344 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2022-10-12 02:43 - 2022-09-23 04:48 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000066976 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKIS.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000036744 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKISInterface.dll
2022-10-12 02:43 - 2022-09-13 06:30 - 000077720 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSM.sys
2022-10-12 02:43 - 2022-09-13 06:30 - 000036768 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSMInterface.dll
2022-10-12 00:37 - 2022-10-12 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-10-12 00:36 - 2022-09-23 14:59 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2022-10-12 00:35 - 2022-10-24 21:27 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-10-11 05:52 - 2022-10-11 05:52 - 000000000 ____D C:\Users\Public\Desktop\CC Support
2022-10-10 02:28 - 2022-10-10 02:28 - 000000000 ___HD C:\$Windows.~WS
2022-10-09 19:29 - 2022-10-09 19:29 - 001666080 _____ (O&O Software GmbH) C:\Users\doher\Downloads\OOSU10.exe
2022-10-08 23:54 - 2022-10-08 23:54 - 000000112 ___SH C:\bootTel.dat
2022-10-08 03:32 - 2022-10-21 16:55 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-05 17:31 - 2022-10-24 22:41 - 000000000 ____D C:\FRST
2022-10-03 04:54 - 2022-10-03 04:55 - 000000000 ____D C:\Users\doher\AppData\LocalLow\IObit
2022-09-22 20:23 - 2022-09-22 20:23 - 000000000 ____D C:\ATTO
2022-09-22 20:22 - 2022-09-22 20:22 - 003993048 _____ (ATTO Technology, Inc.) C:\Users\doher\Downloads\win_app_benchmark_4000f2.exe
2022-09-22 02:50 - 2022-09-22 02:50 - 000000000 ____D C:\Users\doher\.wdc
2022-09-22 02:32 - 2022-09-22 02:32 - 003637651 _____ C:\Users\doher\Downloads\c01868653.pdf
2022-09-21 00:02 - 2022-09-21 00:02 - 000001024 ____H C:\SYSTAG.BIN
2022-09-20 23:05 - 2022-09-22 23:31 - 000001024 ____H C:\AMTAG.BIN
2022-09-19 10:44 - 2022-09-19 21:53 - 000000000 ____D C:\Users\doher\Downloads\aida64business675_portable
2022-09-19 10:44 - 2022-09-19 10:44 - 049661152 _____ C:\Users\doher\Downloads\aida64business675_portable.zip
2022-09-19 03:15 - 2022-09-19 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2022-09-18 17:49 - 2022-10-03 08:37 - 000000000 ___HD C:\OneDriveTemp
2022-09-18 17:48 - 2022-10-23 18:15 - 000000000 ___RD C:\Users\doher\OneDrive
2022-09-18 17:44 - 2022-10-18 17:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-18 17:44 - 2022-10-18 17:30 - 000000000 ___RD C:\Users\doher\3D Objects
2022-09-18 07:41 - 2022-09-18 07:41 - 000000000 _SHDL C:\Documents and Settings
2022-09-18 07:40 - 2022-09-18 07:40 - 000000000 ____D C:\WINDOWS\CSC
2022-09-18 07:31 - 2022-10-21 16:55 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-18 07:26 - 2022-10-24 22:36 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-16 17:10 - 2018-06-15 20:47 - 000821288 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2022-09-16 17:10 - 2018-06-15 20:47 - 000281640 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2022-09-16 17:10 - 2018-06-15 20:46 - 000758824 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2022-09-16 17:10 - 2016-03-31 02:24 - 000430256 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000267440 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31-1.dll
2022-09-16 17:10 - 2016-03-31 02:24 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2022-09-16 17:10 - 2016-03-31 02:24 - 000052400 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2022-09-07 13:14 - 2022-09-07 13:14 - 000238512 _____ (O&O Software GmbH) C:\WINDOWS\system32\oodbs.exe
2022-09-07 13:14 - 2022-09-07 13:14 - 000020912 _____ (O&O Software GmbH) C:\WINDOWS\system32\oodbsrs.dll
 
==================== Three months (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-24 22:41 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-24 22:40 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-24 22:38 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-24 22:14 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-24 21:46 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-24 21:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-24 21:40 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-24 21:40 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-23 17:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-23 17:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-23 17:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-10-23 16:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-10-23 16:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-21 19:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-20 23:31 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-20 14:09 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2022-10-19 03:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-10-18 17:47 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-18 17:33 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-18 17:30 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-18 15:10 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-18 15:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-18 15:05 - 2019-12-07 05:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-18 15:05 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-18 15:02 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-10-18 15:02 - 2019-12-07 05:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-10-18 15:02 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-18 15:02 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-18 14:38 - 2019-12-07 05:52 - 000000000 ____D C:\WINDOWS\OCR
2022-10-18 14:34 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-18 14:34 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-18 11:27 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-18 11:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-18 11:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
 
==================== Files in the root of some directories ========
 
2022-10-22 23:10 - 2022-10-22 23:24 - 000001293 _____ () C:\Users\Rockets\AppData\Local\Temp1.html
2022-10-22 23:20 - 2022-10-22 23:33 - 000007438 _____ () C:\Users\Rockets\AppData\Local\Temp38.html
 
==================== SigCheckExt =========================
 
2022-10-17 23:24 - 2022-10-17 23:24 - 000521728 _____ (UserBenchmark) C:\Users\doher\Downloads\UserBenchmarkInstaller (1).exe
2022-10-15 21:22 - 2022-10-24 22:40 - 002373632 _____ (Farbar) C:\Users\Rockets\Desktop\FRST64.exe
2022-10-22 08:39 - 2022-10-22 08:39 - 000684032 _____ (Speed Guide Inc.) C:\Users\Rockets\Desktop\TCPOptimizer.exe
2022-10-18 03:03 - 2022-10-18 03:04 - 153684128 _____ (Advanced Micro Devices, Inc.) C:\Users\Rockets\Downloads\13-1-legacy_vista_win7_win8_64_dd_ccc.exe
2022-10-18 22:07 - 2022-10-18 22:07 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64 (1).exe
2022-10-18 08:59 - 2022-10-18 08:59 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64.exe
2022-10-20 22:18 - 2022-10-20 22:18 - 002373632 _____ (Farbar) C:\Users\Rockets\Downloads\FRSTEnglish.exe
2022-10-19 02:34 - 2022-10-19 02:34 - 006131940 _____ (Manuel Gil) C:\Users\Rockets\Downloads\wureset11009_setup_winx64.exe
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
flightsigning           Yes
default                 {current}
resumeobject            {65bc1d90-4f18-11ed-ad56-00269e74038b}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 10
displaybootmenu         Yes
 
Windows Boot Loader
-------------------
identifier              {572bcd60-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path                    \windows\system32\boot\winload.exe
description             Microsoft Windows PE 2.0 
osdevice                ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot              \windows
detecthal               Yes
winpe                   Yes
ems                     Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 10
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {e6dacd5a-361f-11ed-8fe9-b363a77d0db1}
displaymessageoverride  Recovery
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {65bc1d90-4f18-11ed-ad56-00269e74038b}
nx                      OptIn
bootmenupolicy          Standard
 
Windows Boot Loader
-------------------
identifier              {e6dacd5a-361f-11ed-8fe9-b363a77d0db1}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{e6dacd5b-361f-11ed-8fe9-b363a77d0db1}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  PushButtonReset
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{e6dacd5b-361f-11ed-8fe9-b363a77d0db1}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {65bc1d90-4f18-11ed-ad56-00269e74038b}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {e6dacd5a-361f-11ed-8fe9-b363a77d0db1}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 No
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk Options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi
 
Device options
--------------
identifier              {e6dacd5b-361f-11ed-8fe9-b363a77d0db1}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
==================== End of FRST.txt ========================

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP