Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013 Ran by Administrator at 2013-09-24 09:46:27 Running from C:\!tech Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Lavasoft Ad-Aware (Enabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Lavasoft Ad-Aware (Enabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A} FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} ==================== Installed Programs ====================== ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212) Acrobat.com (x32 Version: 0.0.0) Acrobat.com (x32 Version: 1.1.377) Ad-Aware Antivirus (x32 Version: 10.5.2.4379) Adobe AIR (x32 Version: 1.0.4990) Adobe AIR (x32 Version: 1.0.8.4990) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader XI (11.0.04) (x32 Version: 11.0.04) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Bing Bar (x32 Version: 7.2.241.0) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41) Bonjour (Version: 3.0.0.10) Brother MFL-Pro Suite MFC-J615W (x32 Version: 1.0.4.0) Canon MX330 series MP Drivers CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.3426) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell Webcam Central (x32 Version: 1.40.28) Driver Detective (x32 Version: 8.1) Epson Connect (x32) Epson Customer Participation (Version: 1.0.0.0) Epson Download Navigator (x32 Version: 1.0.1) Epson Event Manager (x32 Version: 2.50.0000) Epson FAX Utility (x32 Version: 1.20.00) Epson PC-FAX Driver (x32) EPSON Scan (x32) EPSON WF-7520 Series Printer Uninstall EZ Fonts (x32 Version: 1.0.0) Google Chrome (x32 Version: 29.0.1547.76) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752) Google Update Helper (x32 Version: 1.3.21.153) IDT Audio (x32 Version: 1.0.6324.0) ITSupport247-DPMA (x32 Version: 5.2.0) iTunes (Version: 11.0.5.5) Java Auto Updater (x32 Version: 2.0.7.1) Java(TM) 6 Update 33 (x32 Version: 6.0.330) Java(TM) SE Runtime Environment 6 (x32 Version: 1.6.0.0) LogMeIn (x32 Version: 4.1.2651) LTCM Client (x32) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (x32 Version: 4.1.10329.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft XML Parser (x32 Version: 8.70.1104.04) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Norton PC Checkup (x32 Version: 2.0.17.20) Norton PC Checkup (x32 Version: 3.0.2.122.0) PaperPort Image Printer 64-bit (Version: 1.00.0000) Pervasive PSQL v10 SP2 Client (32-bit) (x32 Version: 10.20.034) Sage .Net Components (x32 Version: 2.00.0000) Sage Accpac Options Uni Workstation Install 5.5A (x32 Version: 5.05.0000) Sage Accpac Workstation Setup 5.5A (x32 Version: 5.5.000) Sage Components (x32 Version: 2.00.0000) Sage Desktop (x32 Version: 2.00.0000) ScanSoft PaperPort 11 (x32 Version: 11.2.0000) ShadowProtect Desktop (x32 Version: 4.15.9340) Skype Click to Call (x32 Version: 6.11.13348) Skype™ 6.6 (x32 Version: 6.6.106) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69) Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69) ==================== Restore Points ========================= 27-08-2013 14:29:04 Scheduled Checkpoint 03-09-2013 17:50:54 Scheduled Checkpoint 11-09-2013 11:49:39 Scheduled Checkpoint 16-09-2013 20:49:05 Installed BlackBerry Desktop Software. 23-09-2013 16:18:13 ComboFix created restore point 23-09-2013 17:54:30 OTL Restore Point - 9/23/2013 1:54:27 PM ==================== Hosts content: ========================== 2009-07-13 22:34 - 2013-09-24 09:34 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {194B530A-8BE1-4885-BC9D-537C71D3D1C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.) Task: {2720B54F-5429-47FC-A351-A6DC4415526C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-22] (Microsoft Corporation) Task: {3625E73F-2D37-4773-8E5A-A1FB40A65377} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {3DBCC7B2-701D-4FCB-B375-2BD8A6B65E96} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2012-06-18] (PC Drivers Headquarters) Task: {C2D7E71C-7A07-4A63-B238-0967F14A162C} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2012-06-18] (PC Drivers Headquarters) Task: {C82E08AF-0A67-412B-97DA-98594FC2E16E} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-03-18] (Lavasoft Limited) Task: {E061ECA6-C118-46FE-B7D8-F605D8973AD4} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - marston => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2009-08-05] (Leader Technologies Inc.) Task: {E8E599ED-E836-4269-AAF5-9D7FEA28BF4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EE7750C9-765F-43FA-B418-148AF7F3FE00} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {F7E040DF-A0DA-4DCB-88E0-06A11A50A2D3} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2012-06-18] (PC Drivers Headquarters) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-24 05:03 - 2013-06-08 10:20 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll 2012-02-22 10:42 - 2011-05-02 19:14 - 00146216 _____ (StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\sbimgmnt.dll 2013-03-18 03:25 - 2013-03-18 03:25 - 01280896 _____ (Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareShellExtension64.dll 2012-02-14 17:56 - 2012-02-14 17:56 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc 2013-01-25 16:38 - 2013-06-08 10:20 - 03311440 _____ (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.dll 2013-01-25 16:38 - 2013-06-08 10:20 - 00131912 _____ (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\rntfywnd.dll 2012-02-21 15:13 - 2011-11-17 01:38 - 01292080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2012-02-21 15:25 - 2011-07-16 00:24 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll 2012-02-21 15:25 - 2011-07-16 00:24 - 00272384 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll 2008-07-09 23:06 - 2008-07-09 23:06 - 00029984 _____ (Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\PPRecDiag.dll 2012-02-21 15:21 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\MSVCRT.dll 2008-07-09 23:08 - 2008-07-09 23:08 - 00058656 _____ (Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\XMAXUTIL.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll 2009-07-13 19:25 - 2009-07-13 21:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll 2009-07-13 19:11 - 2009-07-13 21:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00663040 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll 2012-07-13 14:49 - 2012-06-02 00:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll 2009-07-13 19:12 - 2009-07-13 21:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll 2012-07-13 14:45 - 2012-06-09 00:41 - 12873728 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll 2005-09-07 12:03 - 2005-09-07 12:03 - 00036864 _____ (Black Ice Software, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\blicectr.dll 2009-07-13 19:28 - 2009-07-13 21:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll 2008-07-09 23:10 - 2008-07-09 23:10 - 02966816 _____ (Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\MaxRes.dll 2008-07-09 23:10 - 2008-07-09 23:10 - 00124192 _____ (Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\BindRes.dll 2012-02-21 15:21 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll 2012-02-21 15:21 - 2011-08-27 00:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll 2009-07-13 19:44 - 2009-07-13 21:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL 2009-07-13 20:03 - 2009-07-13 21:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINMM.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\setupapi.dll 2012-02-21 16:06 - 2011-05-24 06:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll 2012-02-21 16:06 - 2011-05-24 06:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll 2012-07-04 07:56 - 2012-03-01 01:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll 2012-07-04 07:49 - 2012-04-24 00:36 - 01158656 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll 2009-07-13 19:51 - 2009-07-13 21:14 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vidcap.ax 2010-11-20 23:24 - 2010-11-20 23:24 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kswdmcap.ax 2012-02-21 15:47 - 2011-03-11 01:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC42.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBC32.dll 2009-07-13 20:11 - 2009-07-13 21:09 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcint.dll 2012-02-21 16:16 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll 2010-11-20 23:25 - 2010-11-20 23:25 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2012-02-21 15:49 - 2011-06-16 00:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XmlLite.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2012-07-13 15:20 - 2012-06-02 04:25 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll 2009-07-13 19:15 - 2009-07-13 21:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\Normaliz.dll 2012-07-13 15:20 - 2012-06-02 04:19 - 01793024 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll 2012-07-13 15:20 - 2012-06-02 04:26 - 01103872 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll 2013-09-20 11:42 - 2013-09-20 11:42 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx 2010-11-20 23:23 - 2010-11-20 23:23 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll 2009-07-13 19:12 - 2009-07-13 21:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll 2009-07-13 19:15 - 2009-07-13 21:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL 2012-07-13 14:49 - 2012-06-02 00:40 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-01-18 17:10 - 2013-01-18 17:10 - 00270336 _____ (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 00291328 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll 2010-10-12 09:58 - 2010-10-12 09:58 - 00136704 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll 2010-10-12 09:54 - 2010-10-12 09:54 - 00055808 _____ (SEIKO EPSON CORP.) C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll 2009-07-13 20:14 - 2009-07-13 21:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll 2010-11-19 11:06 - 2010-11-19 11:06 - 00112640 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll 2005-01-13 10:47 - 2005-01-13 10:47 - 00049152 _____ (SEIKO EPSON CORP.) C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00081920 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00241664 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00135168 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDRVUTL.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00262144 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FULEPP.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00022016 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00303104 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUSVCCLT.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00085504 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\EbpD4Fax.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00335872 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUPRBDEV.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00786432 _____ (SEIKO EPSON) C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENCM.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00299008 _____ (SEIKO EPSON) C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENUTIL.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00278528 _____ (SEIKO EPSON) C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENNW.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00065536 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDEVCOM.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00229376 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUSNMPUT.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00065536 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUUSBHLP.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00077824 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00385024 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXLDB.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00278528 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCFG.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00430080 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCSR.DLL 2012-12-09 08:04 - 2011-03-09 00:00 - 00421888 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUIMGCDC.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00212992 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUADRFIL.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00077824 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUSTMMSG.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00249856 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUVERDLG.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00090112 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll 2012-12-09 08:04 - 2011-03-09 00:00 - 00536576 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXTIF.dll 2012-12-09 08:04 - 2011-03-08 11:00 - 00106496 _____ (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll 2009-07-13 19:33 - 2009-07-13 21:17 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 01589248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2009-07-13 17:04 - 2009-07-13 21:15 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT40.DLL 2009-07-13 17:04 - 2009-07-13 21:15 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2013-05-15 11:17 - 2013-05-15 11:17 - 00318888 _____ (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-03-18 03:26 - 2013-03-18 03:26 - 00953704 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files (x86)\Ad-Aware Antivirus\htmlayout.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll 2012-09-20 05:38 - 2012-09-20 05:38 - 00056712 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvcPS.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2013-03-18 03:25 - 2013-03-18 03:25 - 00465248 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\cart\CartSdk.dll 2012-07-04 07:56 - 2012-03-01 01:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:618D0840 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZappr => "imagepath"=""C:\PROGRA~2\SAAZOD\zRealTime\SAAZappr.exe" SAAZappr" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZappr => "ObjectName"="LocalSystem" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZappr => "Start"="2" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZappr => "type"="110" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZapsc => "imagepath"=""C:\PROGRA~2\SAAZOD\zRealTime\SAAZapsc.exe" SAAZapsc" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZapsc => "ObjectName"="LocalSystem" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZapsc => "Start"="2" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAAZapsc => "type"="110" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Mass Storage Controller Description: Mass Storage Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 09:16:02.222]: [00000588]: Initialize TwdsMain Class failed! Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 09:16:02.221]: [00000588]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 09:16:02.154]: [00000588]: Initialize TwdsMain Class failed! Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 09:16:02.148]: [00000588]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:59:51 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 08:59:51.448]: [00004112]: Initialize TwdsMain Class failed! Error: (09/24/2013 08:59:51 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 08:59:51.448]: [00004112]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:59:50 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 08:59:50.573]: [00004112]: Initialize TwdsMain Class failed! Error: (09/24/2013 08:59:50 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 08:59:50.573]: [00004112]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:58:58 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2013 08:30:33 AM) (Source: Brother BrLog) (User: ) Description: TWN BrtTWN: [2013/09/24 08:30:33.722]: [00001144]: Initialize TwdsMain Class failed! System errors: ============= Error: (09/24/2013 09:16:11 AM) (Source: UmrdpService) (User: ) Description: Driver PrintBoss 50 required for printer PrintBoss 50 is unknown. Contact the administrator to install the driver before you log in again. Error: (09/24/2013 09:11:22 AM) (Source: UmrdpService) (User: ) Description: Driver PrintBoss 50 required for printer PrintBoss 50 is unknown. Contact the administrator to install the driver before you log in again. Error: (09/24/2013 08:30:25 AM) (Source: Microsoft-Windows-GroupPolicy) (User: HUNTERFOODSVI) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/24/2013 07:39:28 AM) (Source: TermService) (User: ) Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. . Error: (09/24/2013 07:36:53 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY) Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller). Error: (09/24/2013 07:36:47 AM) (Source: NETLOGON) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain HUNTERFOODSVI due to the following: %%1311 This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Error: (09/23/2013 02:32:37 PM) (Source: UmrdpService) (User: ) Description: Driver PrintBoss 50 required for printer PrintBoss 50 is unknown. Contact the administrator to install the driver before you log in again. Error: (09/23/2013 02:19:14 PM) (Source: Service Control Manager) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/23/2013 02:18:44 PM) (Source: Application Popup) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (09/23/2013 02:18:44 PM) (Source: Application Popup) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Microsoft Office Sessions: ========================= Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 09:16:02.222]: [00000588]: Initialize TwdsMain Class failed! Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 09:16:02.221]: [00000588]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 09:16:02.154]: [00000588]: Initialize TwdsMain Class failed! Error: (09/24/2013 09:16:02 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 09:16:02.148]: [00000588]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:59:51 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 08:59:51.448]: [00004112]: Initialize TwdsMain Class failed! Error: (09/24/2013 08:59:51 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 08:59:51.448]: [00004112]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:59:50 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 08:59:50.573]: [00004112]: Initialize TwdsMain Class failed! Error: (09/24/2013 08:59:50 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 08:59:50.573]: [00004112]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (09/24/2013 08:58:58 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2013 08:30:33 AM) (Source: Brother BrLog)(User: ) Description: TWNBrtTWN: [2013/09/24 08:30:33.722]: [00001144]: Initialize TwdsMain Class failed! CodeIntegrity Errors: =================================== Date: 2013-09-24 09:42:24.391 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 09:36:07.192 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 09:11:21.634 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-23 14:48:12.581 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-23 14:42:31.795 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-23 14:33:40.759 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-23 14:24:26.530 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2013-09-23 14:18:44.789 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-23 14:18:44.774 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-23 14:18:44.759 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 3992.93 MB Available physical RAM: 2501.34 MB Total Pagefile: 7984.06 MB Available Pagefile: 6304.32 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:239.93 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E098EE6A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End Of Log ============================