Additional scan result of Farbar Recovery Scan Tool (x64) Version:01-05-2016
Ran by AE Office (2016-05-02 01:12:38)
Running from C:\Users\AE Office\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-22 08:44:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-712566120-1319213845-3578928782-500 - Administrator - Disabled)
AE Office (S-1-5-21-712566120-1319213845-3578928782-1001 - Administrator - Enabled) => C:\Users\AE Office
DefaultAccount (S-1-5-21-712566120-1319213845-3578928782-503 - Limited - Disabled)
Guest (S-1-5-21-712566120-1319213845-3578928782-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.19.34 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
D-Tools SI 2016 (HKLM-x32\...\{378A2CA1-E113-4715-A0E9-D927F63F6AEF}) (Version: 6.6.1723.0 - D-Tools, Inc.)
D-Tools SI 2016 Server (HKLM-x32\...\{EE66531C-0EB6-40F6-82EB-1C3405A1A97E}) (Version: 6.6.1723.0 - D-Tools, Inc.)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
GDR 3128 for SQL Server 2012 (KB2793634) (HKLM-x32\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
Integration Designer (HKLM-x32\...\{AB21B9A7-6AF7-4E3F-BF1B-792A40B313CB}) (Version: 9.71.0000 - Remote Technologies Inc.)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1120 - Rivet Networks)
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{FEC535DD-0EB2-4709-87BD-1708C6364EB6}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.2.0 - Reason Software Company Inc.)
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Windows Driver Package - Remote Technologies Inc. (WinUSB) Control Device (05/26/2012 2.0.0.202) (HKLM\...\9C77513A57291F0E6C36607E517383AF8317B9FF) (Version: 05/26/2012 2.0.0.202 - Remote Technologies Inc.)
Windows Driver Package - RTI ZB-Pro Driver Package (04/10/2012 2.08.24) (HKLM\...\BECDF025CBE7908A2B6A488537CE7A31D1D5E13B) (Version: 04/10/2012 2.08.24 - RTI)
Windows Driver Package - RTI ZB-Pro Driver Package (04/10/2012 2.08.24) (HKLM\...\E33851197B121AEAEDB1FDD072C90C458CF2E26C) (Version: 04/10/2012 2.08.24 - RTI)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-712566120-1319213845-3578928782-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\AE Office\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07E2B3F8-5BB9-4B2C-8331-D20CC0C6042D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {0C85D1E6-6347-47BE-BDA9-0BD08D7D2B14} - System32\Tasks\{914A509A-83D4-44EC-A51A-CE000A227FF8} => pcalua.exe -a C:\PROGRA~1\DIFX\2DDF8C298514F650\dpinst64.exe -c /u C:\WINDOWS\System32\DriverStore\FileRepository\zbpro_b.inf_amd64_d99eab6b9e64ea4f\zbpro_b.inf
Task: {253F1536-CF20-49B9-A3A9-9F26763825C5} - System32\Tasks\ReasonSecurityScheduledScan => C:\Program Files\Reason\Security\rsUI.exe [2016-04-13] (Reason Software Company Inc.)
Task: {26D219FC-4453-42E5-9861-8D042232CB81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-04-21] (Microsoft Corporation)
Task: {2AAD1231-DA52-4F5F-96BC-3D6447683FFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-03] (Microsoft Corporation)
Task: {2E43E9EB-C7D8-4653-93AC-2948DB768151} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe
Task: {3E262795-99C1-4520-87B5-58654B5C4095} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {549D9E73-61AA-4C77-A4DC-B5054C009CA4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-27] (Dropbox, Inc.)
Task: {6C7CC1AA-E7D2-45BA-BDFE-8805F48FDEE9} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
Task: {6F33F85B-3740-4247-92EA-C8DB2BBEEBAB} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
Task: {8261BA93-3AC2-4003-B989-498BE1B6246E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {8EE6C9D1-3A2D-4BF4-AAC6-64CEAF7E129E} - System32\Tasks\ReasonSecurityStart => C:\Program Files\Reason\Security\rsUI.exe [2016-04-13] (Reason Software Company Inc.)
Task: {8F47AF58-3A7C-4EB5-AB15-E0F20FBE719E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-04-21] (Microsoft Corporation)
Task: {9E6D891E-1765-4B2B-86AB-94134C3460E3} - System32\Tasks\Process Explorer-DESKTOP-5CPLEM7-AE Office => C:\USERS\AE OFFICE\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE [2016-04-29] (Sysinternals - www.sysinternals.com)
Task: {A8B71890-D3A8-4BA6-A283-9CBC9FB6E546} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-27] (Dropbox, Inc.)
Task: {C7752DC6-148D-4AB0-93E1-D84AEB7AA014} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 00:17 - 2015-10-30 00:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-22 20:11 - 2016-04-03 04:34 - 00172224 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-04-12 19:31 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 19:31 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-22 20:13 - 2016-04-03 04:34 - 08919232 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2016-02-13 05:54 - 2016-02-13 05:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-12 19:30 - 2016-04-01 20:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-12 19:31 - 2016-04-01 20:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-12 19:31 - 2016-04-01 19:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-12 19:31 - 2016-04-01 19:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-12 19:31 - 2016-04-01 20:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 04:04 - 2016-04-29 00:37 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
There are 4 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-712566120-1319213845-3578928782-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.29.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\Run: => "NahimicMSIUILauncher"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-712566120-1319213845-3578928782-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-712566120-1319213845-3578928782-1001\...\StartupApproved\Run: => "Lync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [MDNS-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [CoreNet-Teredo-In] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [CoreNet-DHCPV6-In] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [CoreNet-DHCP-In] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [Microsoft-Windows-WLANSvc-ASP-CP-In] => (Block) %systemroot%\system32\svchost.exe
FirewallRules: [WFDPRINT-SCAN-In-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [WFDPRINT-SPOOL-In-Active] => (Block) %SystemRoot%\system32\spoolsv.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Block) %SystemRoot%\system32\dashost.exe
FirewallRules: [PlayTo-QWave-In-TCP-PlayToScope] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [PlayTo-QWave-In-UDP-PlayToScope] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [PlayTo-SSDP-Discovery-PlayToScope] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Block) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active] => (Block) %systemroot%\system32\svchost.exe
FirewallRules: [RemoteAssistance-SSDPSrv-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [RemoteAssistance-In-TCP-EdgeScope-Active] => (Block) %SystemRoot%\system32\msra.exe
FirewallRules: [RemoteAssistance-DCOM-In-TCP-NoScope-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [RemoteAssistance-RAServer-In-TCP-NoScope-Active] => (Block) %SystemRoot%\system32\raserver.exe
FirewallRules: [WirelessDisplay-In-TCP] => (Block) %systemroot%\system32\WUDFHost.exe
FirewallRules: [NETDIS-FDRESPUB-WSD-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [NETDIS-LLMNR-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Block) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-FDPHOST-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [NETDIS-SSDPSrv-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [AllJoyn-Router-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [AllJoyn-Router-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Block) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [DeliveryOptimization-UDP-In] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [DeliveryOptimization-TCP-In] => (Block) %SystemRoot%\system32\svchost.exe
==================== Restore Points =========================
11-04-2016 17:52:19 Nahimic for MSI
13-04-2016 21:03:49 JRT Pre-Junkware Removal
14-04-2016 02:35:39 JRT Pre-Junkware Removal
14-04-2016 02:36:30 JRT Pre-Junkware Removal
15-04-2016 02:17:57 JRT Pre-Junkware Removal
21-04-2016 22:02:03 JRT Pre-Junkware Removal
29-04-2016 22:10:52 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2016 01:04:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.10586.20, time stamp: 0x56542a5e
Faulting module name: IEFRAME.dll, version: 11.0.10586.212, time stamp: 0x56fa1519
Exception code: 0xc0000005
Fault offset: 0x000000000054f35e
Faulting process id: 0xa84
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
Error: (05/02/2016 12:52:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe:App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/02/2016 12:10:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5CPLEM7)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy:App.AppXe35aa078nkgkdbkbrk5tjm2xds5rwz5q.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (05/02/2016 01:08:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The cphs service terminated with the following error:
%%2147942659
Error: (05/02/2016 01:07:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/02/2016 01:07:53 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (05/02/2016 01:07:52 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (05/02/2016 01:07:45 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/02/2016 01:07:35 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/02/2016 01:07:29 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/02/2016 01:07:28 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (05/02/2016 01:04:19 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (05/02/2016 01:04:19 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-5CPLEM7)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
==================== Memory info ===========================
Processor: Intel® Core i5-6600 CPU @ 3.30GHz
Percentage of memory in use: 10%
Total physical RAM: 16273.08 MB
Available physical RAM: 14639.81 MB
Total Virtual: 18705.08 MB
Available Virtual: 17143.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.4 GB) (Free:169.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 38298846)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Could not read MBR for disk 1.
==================== End of Addition.txt ============================