Not sure if this is windows problem or malware but the system lags. Disk usage is often at or near 100% not always the same program at the top of the list but they are regular system files. I also have a windows update that never completes.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2017
Ran by brilh (administrator) on WHEEZY-BREEZY (26-02-2017 15:27:05)
Running from C:\Users\brilh\Desktop
Loaded Profiles: brilh (Available Profiles: brilh)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [653352 2017-02-16] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [862248 2017-02-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-10-24] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4b9986b0-856e-428d-843c-0a99acb8811b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-16] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-14] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-16] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: tvwpm36g.default
FF ProfilePath: C:\Users\brilh\AppData\Roaming\Mozilla\Firefox\Profiles\tvwpm36g.default [2017-02-26]
FF Homepage: Mozilla\Firefox\Profiles\tvwpm36g.default -> hxxp://ccsd.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-19] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-14] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default [2017-02-26]
CHR Extension: (Google Slides) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-09]
CHR Extension: (Google Docs) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-09]
CHR Extension: (Google Drive) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-09]
CHR Extension: (YouTube) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-09]
CHR Extension: (Google Sheets) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-09]
CHR Extension: (Google Docs Offline) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-04]
CHR Extension: (Running Fox) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcogoppjgcggbmflbmiihnbbdcbnbkjp [2016-10-26]
CHR Extension: (Gmail) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\brilh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-12-14] (Intel Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [14776 2015-11-18] (ASUS)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [613352 2016-02-17] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2015-10-01] (Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-12] ()
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-02-17] (Intel Corporation)
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-18] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [94712 2016-04-01] (ASUS Corporation)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-29] (ASIX Electronics Corp.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [57304 2015-10-01] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2015-10-01] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2015-10-01] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [File not signed]
R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [47928 2015-09-29] (Intel)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation)
R3 ISH; C:\Windows\System32\drivers\ISH.sys [134968 2015-10-08] (Intel)
R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [71480 2015-10-08] (Intel)
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-29] (Intel Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7135504 2016-02-27] (Intel Corporation)
R3 PtpFilterDriver; C:\Windows\System32\drivers\PtpFilterDriver.sys [53736 2016-11-07] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 15:27 - 2017-02-26 15:27 - 00020360 _____ C:\Users\brilh\Desktop\FRST.txt
2017-02-26 15:26 - 2017-02-26 15:27 - 00000000 ____D C:\FRST
2017-02-26 15:18 - 2017-02-26 15:26 - 02423296 _____ (Farbar) C:\Users\brilh\Desktop\FRST64.exe
2017-02-26 15:15 - 2017-02-26 15:15 - 00002011 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-26 15:15 - 2017-02-26 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-02-26 15:10 - 2017-02-26 15:10 - 00000000 ___HD C:\OneDriveTemp
2017-02-26 15:03 - 2017-02-26 15:03 - 00004608 ___RH C:\farstone_pe.letter
2017-02-19 14:38 - 2017-02-19 14:38 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2017-02-19 14:38 - 2017-02-19 14:38 - 00000000 ____D C:\Windows\system32\BestPractices
2017-02-19 12:46 - 2017-02-19 14:31 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-02-04 23:38 - 2017-02-04 23:45 - 3741494573 _____ C:\Users\brilh\Downloads\2011-03-01-joseph-smith-the-prophet-of-the-restoration-1080p-eng.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 15:26 - 2016-09-08 18:58 - 00000000 ____D C:\Users\brilh\AppData\Local\ASUS GIFTBOX
2017-02-26 15:25 - 2016-09-08 18:58 - 00000206 _____ C:\Users\brilh\AppData\Roaming\sp_data.sys
2017-02-26 15:25 - 2016-03-31 20:17 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2017-02-26 15:23 - 2016-12-10 13:31 - 00000000 ____D C:\Users\brilh\AppData\LocalLow\Mozilla
2017-02-26 15:22 - 2016-03-31 20:17 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2017-02-26 15:13 - 2016-10-26 09:27 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-02-26 15:10 - 2016-10-26 08:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-26 15:10 - 2016-09-08 19:02 - 00000000 ___RD C:\Users\brilh\OneDrive
2017-02-26 15:06 - 2016-10-10 14:23 - 00000000 ___RD C:\Users\brilh\iCloudDrive
2017-02-26 15:04 - 2016-09-08 18:58 - 00000000 __SHD C:\Users\brilh\IntelGraphicsProfiles
2017-02-26 15:04 - 2016-09-08 18:55 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-26 15:04 - 2016-03-31 20:17 - 00000944 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-26 15:02 - 2016-12-10 13:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-26 15:02 - 2016-10-26 08:56 - 00000000 ____D C:\Program Files\TrueKey
2017-02-26 15:02 - 2016-09-09 16:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-26 15:02 - 2016-03-31 19:59 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-26 15:01 - 2015-10-29 22:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-02-26 15:00 - 2016-09-26 15:00 - 00000943 _____ C:\Windows\Tasks\EPSON XP-830 Series Update {017BBBE3-34D1-4C29-A686-9A99BD456715}.job
2017-02-26 14:58 - 2016-03-31 20:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-26 14:57 - 2016-12-15 18:43 - 00000000 ____D C:\Users\brilh\AppData\Local\ElevatedDiagnostics
2017-02-26 14:51 - 2015-10-29 23:11 - 00000000 ____D C:\Windows\CbsTemp
2017-02-26 14:45 - 2015-10-29 23:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 14:45 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\AppReadiness
2017-02-26 14:44 - 2016-09-08 18:58 - 00000000 ____D C:\Users\brilh\AppData\Local\Packages
2017-02-26 14:37 - 2016-03-31 20:17 - 00000948 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-02-19 15:04 - 2016-09-26 15:00 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-02-19 15:00 - 2016-09-26 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-02-19 14:59 - 2016-03-31 20:05 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-19 14:59 - 2015-10-29 23:21 - 00000000 ____D C:\Windows\INF
2017-02-19 14:48 - 2016-05-28 10:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-19 14:44 - 2016-03-31 19:56 - 00346336 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-19 14:39 - 2015-10-29 23:24 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-02-19 14:39 - 2015-10-29 23:24 - 00000000 ___SD C:\Windows\system32\F12
2017-02-19 14:39 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\oobe
2017-02-19 14:39 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\migwiz
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\PrintDialog
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\DevicesFlow
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\Provisioning
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-19 14:38 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-02-19 14:31 - 2016-05-28 11:04 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-02-19 12:47 - 2016-09-09 16:21 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-19 10:10 - 2017-01-16 14:10 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-19 10:10 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
==================== Files in the root of some directories =======
2016-09-08 18:58 - 2017-02-26 15:25 - 0000206 _____ () C:\Users\brilh\AppData\Roaming\sp_data.sys
2016-05-28 10:50 - 2016-05-28 10:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2015-08-02 15:58 - 2015-08-02 15:58 - 0118784 _____ () C:\Users\brilh\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-10 13:51
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2017
Ran by brilh (26-02-2017 15:28:47)
Running from C:\Users\brilh\Desktop
Windows 10 Home Version 1511 (X64) (2016-09-09 02:55:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1653167707-1689203770-351288938-500 - Administrator - Disabled)
brilh (S-1-5-21-1653167707-1689203770-351288938-1001 - Administrator - Enabled) => C:\Users\brilh
DefaultAccount (S-1-5-21-1653167707-1689203770-351288938-503 - Limited - Disabled)
Guest (S-1-5-21-1653167707-1689203770-351288938-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{7BCB15FE-CC5D-4C6D-B1C6-B0AF74EE09E0}) (Version: 20.6.20117.44471 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.6.20117.44471 - Alcor Micro Corp.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.14 - ASUS)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.3.8 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.15.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.159 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM-x32\...\{1021AA9F-6A0A-4128-B89B-1A05A8DD1770}) (Version: 1.00.0009 - Seiko Epson Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.00.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-830 Series Printer Uninstall (HKLM\...\EPSON XP-830 Series) (Version: - Seiko Epson Corporation)
Epson XP-830 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-830 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{0CB4EF8E-EE5B-49F6-8376-A702C222D6DA}) (Version: 3.1.3.0 - SEIKO EPSON Corporation)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
FirstClass Client (HKLM-x32\...\{0038724E-8537-443D-A9BF-BFC35B7660B9}) (Version: 16.013 - OpenText)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Chipset Device Software (x32 Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{ceca3c09-cc87-478c-b746-354048b4de4b}) (Version: 3.0.12.3053 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
ISS_Drivers_x64 (Version: 3.0.12.3053 - Intel Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7779 - Realtek Semiconductor Corp.)
The Weather Channel (HKU\S-1-5-21-1653167707-1689203770-351288938-1001\...\The Weather Channel) (Version: - The Weather Channel, LLC weather.com®)
TotalRecovery Pro (HKLM-x32\...\TotalRecovery) (Version: 10.0.11.2 - FarStone Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (03/18/2016 11.0.0.9) (HKLM\...\689E9F7827C3AF1059D6C80D6C7F4EF89E2D7E72) (Version: 03/18/2016 11.0.0.9 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0722299F-98D4-497E-AB9C-A22F64F5B593} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-19] (Adobe Systems Incorporated)
Task: {1467FC7B-4E76-4ACF-98CD-730E989B2BF5} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {15083A71-CBF5-4A68-8C13-E155C4149091} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {1B535D50-0958-4045-AE5E-23D59D37454C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {20C1D40F-C2A0-4851-BFD3-022389165A13} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {2A0A26B6-26B2-42DF-844D-6CBB89F17FBB} - System32\Tasks\WRUStartup => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [2016-01-27] ()
Task: {2ACB098F-E170-4EE3-9D6B-05A1FDCA5F5C} - System32\Tasks\WRU => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [2016-01-27] ()
Task: {375121A6-E89A-40D2-A80C-26B4ACF91422} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {3962849F-A4B9-47E2-B944-3FB611B6CCC9} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {4E9AA461-2953-41AF-9F0D-06FAB28A13D5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {5213B378-161D-4EB8-90CF-3141608A70BD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {5790D537-8563-4BD1-9BB6-7C48CCE37F32} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {5DD2BF2E-DA23-4686-86AD-1E33A083EC15} - System32\Tasks\EPSON XP-830 Series Update {017BBBE3-34D1-4C29-A686-9A99BD456715} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6620CE17-773C-4476-9FA0-AC2169E0A197} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {683853BF-4F97-454F-89E7-2B866D551954} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2016-12-08] (ASUSTek Computer Inc)
Task: {6A81C1B7-44C1-4E26-8A1E-25F85507A157} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7A63B230-03C7-40A5-A7BC-9A9F105903A1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-24] (Realtek Semiconductor)
Task: {7C170E52-7231-41FD-862F-E1C66F09EA06} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {86C25D1C-3C69-46F3-A373-68427770A352} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {8E9DC989-A198-471C-AE40-A6C639C44264} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {947399AF-0605-448B-9734-2DBCFD02A809} - System32\Tasks\CheckFlipService => C:\Program Files\ASUS\ASUS FlipLock\CheckFlipService.exe [2015-11-18] ()
Task: {A1495DCF-43BD-44C6-9530-31B153BEC9A0} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {A77938CB-978F-4084-A365-09153A6B92A1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {AE2855DE-3393-4F5E-AE41-5E6A4F6AA07E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {AF6F5843-44ED-491D-B71D-656A6BDE19E9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-24] (Realtek Semiconductor)
Task: {B04E3210-F92E-49DB-AC9D-05932F65FA1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {BA3A0207-956C-4C83-8BEE-EC0449602D3A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2016-03-07] (ASUSTek Computer INC.)
Task: {C5986D57-A5D5-43E9-8E8D-08C6A494CC57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-09] (Google Inc.)
Task: {E608BA94-1217-4075-A1DA-FEC325DAA163} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-02-23] (ASUS)
Task: {E9FEA1CA-0BEA-481B-8727-1D4B7E0E4E22} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {EC62F157-537D-4476-BE94-A06EABA1E1EC} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-04-04] ()
Task: {FA27EACC-052A-4966-8FD1-A15B4A34C2C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-09] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-830 Series Update {017BBBE3-34D1-4C29-A686-9A99BD456715}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE :/EXE:{017BBBE3-34D1-4C29-A686-9A99BD456715} /F:Update WORKGROUP\BREEZYS-TAB$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-29 23:17 - 2015-10-29 23:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-29 23:18 - 2015-10-29 23:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2014-08-12 22:30 - 2014-08-12 22:30 - 00073032 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00071024 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
2017-01-17 19:27 - 2016-10-25 01:42 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-01-17 19:27 - 2016-10-25 01:42 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-17 14:42 - 2016-05-17 14:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-02-17 18:02 - 2016-02-17 18:02 - 00394216 _____ () C:\Windows\system32\igfxTray.exe
2016-03-31 20:05 - 2015-12-06 20:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-09-10 06:05 - 2016-06-30 19:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-01-17 19:27 - 2016-10-24 20:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-17 19:27 - 2016-10-24 20:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-17 19:27 - 2016-10-24 20:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-17 19:27 - 2016-10-24 20:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00088576 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\zlibwapi.dll
2015-08-17 23:18 - 2015-08-17 23:18 - 00332800 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBCmdDsp.dll
2015-08-17 20:30 - 2015-08-17 20:30 - 00085504 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpBk.dll
2015-08-17 20:28 - 2015-08-17 20:28 - 00323584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpRt.dll
2015-08-17 20:26 - 2015-08-17 20:26 - 00223232 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskClone.dll
2014-11-24 19:22 - 2014-11-24 19:22 - 00089088 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EfbCheckImg.dll
2014-09-21 18:40 - 2014-09-21 18:40 - 00194560 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EFBSearchTool.dll
2015-07-26 21:50 - 2015-07-26 21:50 - 00224256 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskMgr.dll
2014-09-21 18:40 - 2014-09-21 18:40 - 00022528 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBEventMgr.dll
2015-08-17 21:23 - 2015-08-17 21:23 - 00114176 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EasyFuncs.dll
2014-05-20 19:04 - 2014-05-20 19:04 - 00018432 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSToken.dll
2015-08-17 23:17 - 2015-08-17 23:17 - 00104448 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\BootConfig.dll
2014-03-13 23:04 - 2014-03-13 23:04 - 00012288 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSFat32.dll
2014-03-13 23:04 - 2014-03-13 23:04 - 00201216 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NtfsLib.dll
2014-03-13 23:04 - 2014-03-13 23:04 - 00013312 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VssNew.dll
2014-09-21 18:41 - 2014-09-21 18:41 - 00239104 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\diskpart.dll
2014-11-04 16:44 - 2014-11-04 16:44 - 00017408 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VDiskConvert.dll
2014-09-03 18:41 - 2014-09-03 18:41 - 00037888 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\RapidClone.dll
2014-08-19 17:23 - 2014-08-19 17:23 - 00075264 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskInterface.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00194048 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NetTool.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00157552 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FtpPipeModule.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00091584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\TransferManager.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00062832 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\CommonFun.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00054712 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FTPFunModule.dll
2014-03-25 01:14 - 2014-03-25 01:14 - 00617952 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\XpIcfOpt.dll
2016-02-23 17:56 - 2016-02-23 17:56 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-02-23 17:56 - 2016-02-23 17:56 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-02-23 17:56 - 2016-02-23 17:56 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-12-08 06:22 - 2016-12-08 06:22 - 01937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-16 05:14 - 2015-10-16 05:14 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-08 06:22 - 2016-12-08 06:22 - 02177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2016-12-08 06:22 - 2016-12-08 06:22 - 00079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2016-12-08 06:22 - 2016-12-08 06:22 - 03561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll
2016-12-08 06:19 - 2016-12-08 06:22 - 00289792 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-native-utils\anu.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-29 23:24 - 2017-02-26 15:15 - 00000857 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1653167707-1689203770-351288938-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\brilh\OneDrive\Pictures\adam\halloween 2016\IMG_1019.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0AB285CC-EE95-405B-A7DE-861B186EB5C7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0319ADC4-73B3-44B9-90E8-C6BEDBB8AF38}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A31264F3-ED62-4EE7-BC10-49549ABB05D8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{E9B18F5C-C6FE-4BEF-BFF3-45D911D7CFBF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{2552EECE-A01D-47BE-986D-EC4266F2C330}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{7808AD19-6B5A-45DD-AAA3-B64FF17C0FAB}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
FirewallRules: [{6D974594-4C18-41B3-A7A2-A21EEFE4CC95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A74FB363-40B5-4DB7-B2D8-6B60CFF7A409}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5AF42EB-81B1-4A9B-9521-6BC1A9FCA32D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82DCCAD4-12BE-4C42-B947-9364EBB7FC33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D9D98ED-97DE-4837-B6B6-1B8606CCA686}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10767E9B-793D-41E2-946D-447A8884B2A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{073BAAA8-EA53-47DD-9178-48514DB31F70}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{4A179843-924B-4C7D-B6D8-CAE6255FF2AF}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{19D77E0F-4A0E-47D2-A22C-88AF9BDC6262}] => (Allow) C:\Users\brilh\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1E337926-8F41-4544-9F71-BB2F14CCF995}] => (Allow) C:\Users\brilh\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{93AB316D-D6EA-4FCF-B676-56C57795F8DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{88B1F0F0-F834-4F1A-A3B1-74907B334CD8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E79A9B39-40AB-4370-9A40-B2318CF94F39}] => (Allow) LPort=810
FirewallRules: [{C527238C-4664-4764-A63F-CACCCB450558}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
09-01-2017 17:04:21 Installed Epson Printer Connection Checker
19-02-2017 12:29:31 Windows Update
19-02-2017 15:02:16 Installed FAX Utility
26-02-2017 14:56:42 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/26/2017 02:56:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (02/19/2017 03:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7125
Error: (02/19/2017 03:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7125
Error: (02/19/2017 03:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/19/2017 03:15:59 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel® Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
Error: (02/19/2017 03:02:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (02/19/2017 12:59:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10797
Error: (02/19/2017 12:59:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10797
Error: (02/19/2017 12:59:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/19/2017 12:59:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9141
System errors:
=============
Error: (02/26/2017 03:18:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.
Error: (02/26/2017 03:16:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
Error: (02/26/2017 03:15:52 PM) (Source: DCOM) (EventID: 10016) (User: WHEEZY-BREEZY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user WHEEZY-BREEZY\brilh SID (S-1-5-21-1653167707-1689203770-351288938-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2017 03:12:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
Error: (02/26/2017 03:10:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (02/26/2017 03:07:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® SGX AESM service hung on starting.
Error: (02/26/2017 03:03:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKey service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/26/2017 03:03:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TrueKey service to connect.
Error: (02/26/2017 03:03:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKeyScheduler service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/26/2017 03:03:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TrueKeyScheduler service to connect.
CodeIntegrity:
===================================
Date: 2017-02-19 14:46:21.389
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-16 12:49:51.283
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 12:14:45.412
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-10 14:09:36.458
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-10 12:59:10.308
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-11 17:58:54.902
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-07 17:25:53.698
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 11:00:39.916
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-23 18:29:58.371
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-23 17:00:59.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 6009.81 MB
Available physical RAM: 3505.97 MB
Total Virtual: 6969.81 MB
Available Virtual: 4568.68 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:786.91 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8EB684E2)
Partition: GPT.
==================== End of Addition.txt ============================