Here's something I learned from experience on the wife's machine two weeks ago.
Control Panel->Administrative Tools->Services. Look for descriptions containing the three letters "FTP". If it's there, and Status=Started and Startup Type=Automatic, you are possibly being used as warez FTP server. When getting hit hard by either an upload or download, this can really slooowww down your system. The description may also provide details of which FTP program it is (so you know whether it's the OS, one that you installed, or one you've never heard of before...search Google if you're not sure)
If so, right-click this service and choose Properties, then click Stop. Change Startup Type to either manual or disabled. Note the path of the executable: if it has a non-distinct EXE filename (like "zz.exe") or otherwise is different than it should be, then yeah, you're definitely a warez server. Go to the "Log On" tab, then click the radio button "This account:" and enter some username. Then give it a strong password (minimum eight characters, at least one capitol letter, one number and one symbol in addition to lower case letters). You can then delete "zz.exe" or whatever from your system32 folder.
Then go hunting on your hard drive, digging down thru all your folders (yes, this will take awhile). You might find gigabytes of apps, games, movies or MP3 files, maybe even pr0n...what you do with them is none of my business 😉 In the top-level folder, there should be an INI file. Right-click and open it in NotePad, then change the privileges for each hacker to "NO" and change all of their passwords (just in case there's a back door somewhere). They like to brag, so there may be empty folders that have names like "Hacked by CWC" or whatever.
