I have also just finished running FRST: here is the completion log as well as the additional log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by eman (administrator) on KAOSAR on 17-12-2014 14:38:38
Running from C:\Users\eman\Desktop
Loaded Profile: eman (Available profiles: eman)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-27] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\MountPoints2: {72d7fb20-57c3-11e4-bec1-3085a9282d5e} - "F:\LG_PC_Programs.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-505654950-3803389433-952683398-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus13.msn.comSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-505654950-3803389433-952683398-1001 -> {FB6425C0-D5B5-4907-A0FF-0A2FACCDAECA} URL =
http://search.yahoo.com/search?fr=chr-g ... =903578&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {72351B45-9636-4F99-820B-7C552D27897D}} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: No Name -> {72351B45-9636-4F99-820B-7C552D27897D}} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default
FF Homepage:
hxxp://webmail.verizon.com/signin/MyVzA ... tion=emailFF Keyword.URL:
hxxp://search.yahoo.com/search?fr=green ... =903578&p=FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\searchplugins\yahoo_ff.xml
FF Extension: Zoomify - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\tb@zoomify.com [2014-12-17]
FF Extension: Ad Limiter - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\551f2920-3c19-11e1-b86c-0800200c9a66@jetpack.xpi [2014-10-26]
FF Extension: AdBan - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\adban@ad-ban.appspot.com.xpi [2014-10-26]
FF Extension: Come back - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\come.back.block.image.from@cat-in-136.blogspot.com.xpi [2014-10-26]
FF Extension: Ad-blocker for Gmail - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\jid0-AocRXUCRsLTCYvn6bgJERnwfuqw@jetpack.xpi [2014-10-26]
FF Extension: Smart Ads Blocker - C:\Users\eman\AppData\Roaming\Mozilla\Firefox\Profiles\2xcc5fvm.default\Extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi [2014-10-26]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default ->
hxxp://www.trovi.com/?gd=&ctid=CT333039 ... 2659&SSPV=CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-29]
CHR Extension: (Google Drive) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-29]
CHR Extension: (Adblock Plus) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-17]
CHR Extension: (Google Search) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-29]
CHR Extension: (Padma) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngifghlmhidnielinpjdkkiadocdffbi [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 cozhost; /ts2=1 [X]
S2 cozwhost; C:\PROGRA~3\zoomify2\110~1.29\cozwhost.exe -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
U0 msahci; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-17 14:38 - 2014-12-17 14:39 - 00015201 _____ () C:\Users\eman\Desktop\FRST.txt
2014-12-17 14:38 - 2014-12-17 14:38 - 00000000 ____D () C:\FRST
2014-12-17 14:36 - 2014-12-17 14:36 - 00002981 _____ () C:\Users\eman\Desktop\AdwCleaner[S0].txt
2014-12-17 14:36 - 2014-12-17 14:32 - 02166272 _____ () C:\Users\eman\Desktop\AdwCleaner.exe
2014-12-17 14:36 - 2014-12-17 14:32 - 02121216 _____ (Farbar) C:\Users\eman\Desktop\FRST64.exe
2014-12-17 14:28 - 2014-12-17 14:28 - 02166272 _____ () C:\Users\eman\Downloads\adwcleaner_4.105 (1).exe
2014-12-17 14:11 - 2014-12-17 14:12 - 00000330 _____ () C:\Windows\Tasks\Tempo Runner coz64host.job
2014-12-17 14:11 - 2014-12-17 14:12 - 00000330 _____ () C:\Windows\Tasks\Tempo Runner coz32host.job
2014-12-17 14:11 - 2014-12-17 14:12 - 00000328 _____ () C:\Windows\Tasks\Tempo Runner cozahost.job
2014-12-17 13:49 - 2014-12-17 14:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-17 13:49 - 2014-12-17 14:33 - 00000000 ____D () C:\AdwCleaner
2014-12-17 13:48 - 2014-12-17 13:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\eman\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-17 13:48 - 2014-12-17 13:48 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-17 13:48 - 2014-12-17 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-17 13:48 - 2014-12-17 13:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-17 13:48 - 2014-12-17 13:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-17 13:48 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-17 13:48 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-17 13:48 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-17 13:40 - 2014-12-17 13:41 - 02166272 _____ () C:\Users\eman\Downloads\adwcleaner_4.105.exe
2014-12-17 13:36 - 2014-12-17 13:36 - 00001233 _____ () C:\Users\eman\Desktop\checkup.txt
2014-12-17 13:34 - 2014-12-17 13:34 - 00852505 _____ () C:\Users\eman\Downloads\SecurityCheck.exe
2014-12-17 13:01 - 2014-12-17 13:02 - 00348192 _____ (Installer Technology Co) C:\Users\eman\Downloads\SoftwareUpdater.exe
2014-12-17 03:06 - 2014-12-17 03:06 - 00000000 ___RD () C:\Users\eman\Documents\Notes
2014-12-16 18:09 - 2014-12-16 18:12 - 00000000 ____D () C:\Users\eman\Desktop\BIO 310
2014-12-16 18:05 - 2014-12-16 18:08 - 00006293 _____ () C:\Users\eman\Documents\Eman-Mp3List2.m3u8
2014-12-16 17:16 - 2014-12-16 18:08 - 00000000 ____D () C:\Users\eman\Desktop\mp3
2014-12-16 12:34 - 2014-12-16 12:34 - 00058115 _____ () C:\Users\eman\Documents\Eman-Mp3List.m3u8
2014-12-14 19:15 - 2014-12-14 19:41 - 00000000 ____D () C:\Users\eman\Desktop\SOC 105
2014-12-14 18:31 - 2014-12-14 19:14 - 00000000 ____D () C:\Users\eman\Desktop\BIO 201
2014-12-14 18:19 - 2014-12-14 18:29 - 00000000 ____D () C:\Users\eman\Desktop\AMS 102
2014-12-14 17:57 - 2014-12-14 18:10 - 00000000 ____D () C:\Users\eman\Desktop\AFS 337
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-17 14:38 - 2012-11-11 12:13 - 01058851 _____ () C:\Windows\WindowsUpdate.log
2014-12-17 14:38 - 2012-07-26 02:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 14:36 - 2012-07-26 02:21 - 00043672 _____ () C:\Windows\setupact.log
2014-12-17 14:35 - 2013-06-28 18:06 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-17 14:34 - 2012-08-01 20:20 - 00049472 _____ () C:\Windows\PFRO.log
2014-12-17 14:34 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 14:03 - 2013-06-28 18:06 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-17 14:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2014-12-17 13:16 - 2013-06-22 19:03 - 00000024 _____ () C:\Users\eman\random.dat
2014-12-17 13:04 - 2013-06-22 19:03 - 00000043 _____ () C:\Users\eman\jagex_cl_runescape_LIVE.dat
2014-12-17 04:50 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\rescache
2014-12-17 04:40 - 2012-11-11 12:22 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-505654950-3803389433-952683398-1001
2014-12-17 03:31 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-17 03:22 - 2014-09-13 12:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-17 03:22 - 2012-07-26 03:12 - 00000000 ___RD () C:\Windows\ToastData
2014-12-17 02:28 - 2014-05-27 11:06 - 00000000 ____D () C:\Users\eman\AppData\Roaming\uTorrent
2014-12-17 00:22 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-16 18:10 - 2014-09-13 09:30 - 00000000 ____D () C:\Users\eman\AppData\Local\Viber
2014-12-16 17:33 - 2014-09-13 09:31 - 00000000 ____D () C:\Users\eman\AppData\Roaming\ViberPC
2014-12-14 11:05 - 2013-06-28 18:06 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-29 12:49 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\NDF
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\Users\eman\jagex_cl_runescape_LIVE.dat
C:\Users\eman\jagex_cl_runescape_LIVE1.dat
C:\Users\eman\random.dat
Some content of TEMP:
====================
C:\Users\eman\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\eman\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\eman\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\eman\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\eman\AppData\Local\Temp\nse5E44.exe
C:\Users\eman\AppData\Local\Temp\nsg7115.exe
C:\Users\eman\AppData\Local\Temp\nsh59CE.exe
C:\Users\eman\AppData\Local\Temp\nso77EC.exe
C:\Users\eman\AppData\Local\Temp\nsv5549.exe
C:\Users\eman\AppData\Local\Temp\Quarantine.exe
C:\Users\eman\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\eman\AppData\Local\Temp\sqlite3.dll
C:\Users\eman\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\eman\AppData\Local\Temp\System.Data.SQLite896a9e0e-7fc5-452a-83c4-14b1930b6d0a.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-17 02:37
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by eman at 2014-12-17 14:40:15
Running from C:\Users\eman\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memorex 6136 U Scanner Driver (HKLM-x32\...\Memorex 6136 U Scanner Driver) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27024 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Viber (HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-505654950-3803389433-952683398-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-505654950-3803389433-952683398-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-505654950-3803389433-952683398-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-505654950-3803389433-952683398-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
25-11-2014 19:26:15 Scheduled Checkpoint
17-12-2014 02:32:10 Scheduled Checkpoint
17-12-2014 03:19:58 Restore Operation
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C079093-4F70-4ABB-B71A-3DC2FBE853A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
Task: {1D20F584-DCC0-4B43-8616-0C1C537B1940} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
Task: {2B97A964-D62F-4EDB-870D-18C652A79A4C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS)
Task: {5A24AF64-B7B6-4A28-98C0-0BC2AAEB2BA5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {85725B2B-AEC4-4181-B053-589151327CE4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {9289FE18-DECF-4CD9-ABC0-682A89172E8D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E170711B-0F67-4FFB-8AC8-DC5E7CC97920} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E7E597EB-90D7-4A52-A060-8595865CF303} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {F9E66830-9838-471F-9AF4-64037A0F7D51} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Tempo Runner coz32host.job => C:\ProgramData\zoomify2\1.1.0.29\coz32host.exe
Task: C:\Windows\Tasks\Tempo Runner coz64host.job => C:\ProgramData\zoomify2\1.1.0.29\coz64host.exe
Task: C:\Windows\Tasks\Tempo Runner cozahost.job => C:\ProgramData\zoomify2\1.1.0.29\cozahost.exe
==================== Loaded Modules (whitelisted) =============
2012-08-04 12:34 - 2012-08-04 12:34 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-09-16 12:50 - 2014-09-16 12:50 - 08896160 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-16 12:50 - 2014-09-16 12:50 - 08896160 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-09-07 07:58 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk"
HKLM\...\StartupApproved\Run: => "ACMON"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\StartupApproved\Run: => "Search Protection"
HKU\S-1-5-21-505654950-3803389433-952683398-1001\...\StartupApproved\Run: => "Skype"
========================= Accounts: ==========================
Administrator (S-1-5-21-505654950-3803389433-952683398-500 - Administrator - Disabled)
eman (S-1-5-21-505654950-3803389433-952683398-1001 - Administrator - Enabled) => C:\Users\eman
Guest (S-1-5-21-505654950-3803389433-952683398-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2014 02:12:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cozhost.exe, version: 1.1.0.29, time stamp: 0x5486c2ba
Faulting module name: ntdll.dll, version: 6.2.9200.17046, time stamp: 0x53b485c4
Exception code: 0xc0000374
Fault offset: 0x000daa14
Faulting process id: 0x668
Faulting application start time: 0xcozhost.exe0
Faulting application path: cozhost.exe1
Faulting module path: cozhost.exe2
Report Id: cozhost.exe3
Faulting package full name: cozhost.exe4
Faulting package-relative application ID: cozhost.exe5
Error: (12/17/2014 02:08:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc0000005
Fault offset: 0x0000850a
Faulting process id: 0x40
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 02:06:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc0000005
Fault offset: 0x0000850a
Faulting process id: 0x1078
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 02:06:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc000041d
Fault offset: 0x0000850a
Faulting process id: 0x15d0
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 02:06:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc0000005
Fault offset: 0x0000850a
Faulting process id: 0x15d0
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 02:06:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc000041d
Fault offset: 0x0000850a
Faulting process id: 0x1010
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 02:06:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.2.9200.16384, time stamp: 0x5010888a
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc0000005
Fault offset: 0x0000850a
Faulting process id: 0x1010
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/17/2014 01:52:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: crashreporter.exe, version: 30.0.0.5269, time stamp: 0x539120cd
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc000041d
Fault offset: 0x0000850a
Faulting process id: 0x10e8
Faulting application start time: 0xcrashreporter.exe0
Faulting application path: crashreporter.exe1
Faulting module path: crashreporter.exe2
Report Id: crashreporter.exe3
Faulting package full name: crashreporter.exe4
Faulting package-relative application ID: crashreporter.exe5
Error: (12/17/2014 01:52:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: crashreporter.exe, version: 30.0.0.5269, time stamp: 0x539120cd
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc0000005
Fault offset: 0x0000850a
Faulting process id: 0x10e8
Faulting application start time: 0xcrashreporter.exe0
Faulting application path: crashreporter.exe1
Faulting module path: crashreporter.exe2
Report Id: crashreporter.exe3
Faulting package full name: crashreporter.exe4
Faulting package-relative application ID: crashreporter.exe5
Error: (12/17/2014 01:52:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
Faulting module name: zoomifyl32.dll, version: 1.1.0.29, time stamp: 0x530dff94
Exception code: 0xc000041d
Fault offset: 0x0000850a
Faulting process id: 0x31c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
System errors:
=============
Error: (12/17/2014 02:36:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058
Error: (12/17/2014 02:34:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cozwhost service failed to start due to the following error:
%%2
Error: (12/17/2014 02:34:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cozhost service failed to start due to the following error:
%%87
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (12/17/2014 02:33:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/17/2014 02:33:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Microsoft Office Sessions:
=========================
Error: (12/17/2014 02:12:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cozhost.exe1.1.0.295486c2bantdll.dll6.2.9200.1704653b485c4c0000374000daa1466801d01a2d3f0ffad9C:\PROGRA~3\zoomify2\110~1.29\cozhost.exeC:\Windows\SYSTEM32\ntdll.dllacc47b28-8620-11e4-bec6-3085a9282d5e
Error: (12/17/2014 02:08:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c00000050000850a4001d01a2cd1e7ce28C:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dll1038de88-8620-11e4-bec5-3085a9282d5e
Error: (12/17/2014 02:06:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c00000050000850a107801d01a2c99a6eb1aC:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlld758de19-861f-11e4-bec5-3085a9282d5e
Error: (12/17/2014 02:06:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c000041d0000850a15d001d01a2c96e89a8bC:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlld594079e-861f-11e4-bec5-3085a9282d5e
Error: (12/17/2014 02:06:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c00000050000850a15d001d01a2c96e89a8bC:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlld49788d8-861f-11e4-bec5-3085a9282d5e
Error: (12/17/2014 02:06:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c000041d0000850a101001d01a2c941edd98C:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlld3e7d5c3-861f-11e4-bec5-3085a9282d5e
Error: (12/17/2014 02:06:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888azoomifyl32.dll1.1.0.29530dff94c00000050000850a101001d01a2c941edd98C:\Windows\SysWOW64\DllHost.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlld1dff173-861f-11e4-bec5-3085a9282d5e
Error: (12/17/2014 01:52:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: crashreporter.exe30.0.0.5269539120cdzoomifyl32.dll1.1.0.29530dff94c000041d0000850a10e801d01a2aa5248940C:\Program Files (x86)\Mozilla Firefox\crashreporter.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlle4483e69-861d-11e4-bec5-3085a9282d5e
Error: (12/17/2014 01:52:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: crashreporter.exe30.0.0.5269539120cdzoomifyl32.dll1.1.0.29530dff94c00000050000850a10e801d01a2aa5248940C:\Program Files (x86)\Mozilla Firefox\crashreporter.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlle2df633c-861d-11e4-bec5-3085a9282d5e
Error: (12/17/2014 01:52:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe39.0.2171.95548243f3zoomifyl32.dll1.1.0.29530dff94c000041d0000850a31c01d01a2a9b8fe981C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\ProgramData\zoomify2\1.1.0.29\zoomifyl32.dlldd76947b-861d-11e4-bec5-3085a9282d5e
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 35%
Total physical RAM: 3981.68 MB
Available physical RAM: 2587.26 MB
Total Pagefile: 4685.68 MB
Available Pagefile: 3299.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:127.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.45 GB) (Free:258.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CC1AD6D4)
Partition: GPT Partition Type.
==================== End Of Log ============================