Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Daemon tools possible virus?


  • Please log in to reply
9 replies to this topic

#1 jar28056

jar28056

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 10 May 2015 - 04:19 AM

I downloaded Daemon tools tonight as per usual as I had just bought a new laptop. After I had downloaded the program my laptop began to feel clunky and has ads popping up everywhere and also is opening up random tabs to a different search engine. I have windows defender and I believe whatever that is causing this turned it off as I had to go in manually and turn it back on. Would appreciate some help, thanks!



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:34 AM

Posted 10 May 2015 - 04:20 AM

Hi there,

Let's take a look.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#3 jar28056

jar28056
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 10 May 2015 - 05:04 AM


 

MiniToolBox by Farbar  Version: 14-04-2015
Ran by anthony (administrator) on 10-05-2015 at 05:48:58
Running from "C:\Users\anthony\Downloads"
Microsoft Windows 8  (X64)
Model: HP Pavilion g7 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Anthonys
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-68-9D-28-BF-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : A1-Line.COM
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 28-92-4A-57-A3-9A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 20-68-9D-28-BF-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3d3b:bceb:edb2:407a%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.17(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, May 10, 2015 5:41:16 AM
   Lease Expires . . . . . . . . . . : Monday, May 11, 2015 5:41:18 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 203450525
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-CA-2C-29-28-92-4A-57-A3-9A
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:806::100e
 74.125.225.3
 74.125.225.7
 74.125.225.1
 74.125.225.4
 74.125.225.0
 74.125.225.8
 74.125.225.9
 74.125.225.5
 74.125.225.6
 74.125.225.14
 74.125.225.2
 
 
Pinging google.com [74.125.225.14] with 32 bytes of data:
Reply from 74.125.225.14: bytes=32 time=13ms TTL=56
Reply from 74.125.225.14: bytes=32 time=13ms TTL=56
 
Ping statistics for 74.125.225.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 13ms, Average = 13ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=62ms TTL=50
Reply from 206.190.36.45: bytes=32 time=61ms TTL=50
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 61ms, Maximum = 62ms, Average = 61ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...12 68 9d 28 bf 92 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...28 92 4a 57 a3 9a ......Realtek PCIe FE Family Controller
 12...20 68 9d 28 bf 92 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.17     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.17    281
     192.168.1.17  255.255.255.255         On-link      192.168.1.17    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.17    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.17    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.17    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::3d3b:bceb:edb2:407a/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/10/2015 05:44:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: iiwjljrnpc64.exe, version: 0.0.0.0, time stamp: 0x551bf9ee
Faulting module name: ntdll.dll, version: 6.2.9200.17313, time stamp: 0x5507a832
Exception code: 0xc0000005
Fault offset: 0x000000000009a3bb
Faulting process id: 0x47c
Faulting application start time: 0xiiwjljrnpc64.exe0
Faulting application path: iiwjljrnpc64.exe1
Faulting module path: iiwjljrnpc64.exe2
Report Id: iiwjljrnpc64.exe3
Faulting package full name: iiwjljrnpc64.exe4
Faulting package-relative application ID: iiwjljrnpc64.exe5
 
Error: (05/10/2015 05:02:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: iiwjljrnpc64.exe, version: 0.0.0.0, time stamp: 0x551bf9ee
Faulting module name: ntdll.dll, version: 6.2.9200.16384, time stamp: 0x5010acd2
Exception code: 0xc0000005
Fault offset: 0x0000000000005579
Faulting process id: 0xccc
Faulting application start time: 0xiiwjljrnpc64.exe0
Faulting application path: iiwjljrnpc64.exe1
Faulting module path: iiwjljrnpc64.exe2
Report Id: iiwjljrnpc64.exe3
Faulting package full name: iiwjljrnpc64.exe4
Faulting package-relative application ID: iiwjljrnpc64.exe5
 
Error: (05/10/2015 04:42:45 AM) (Source: Microsoft Security Client Setup) (User: ANTHONYS)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (05/09/2015 10:17:43 PM) (Source: Application Hang) (User: )
Description: The program SndVol.exe version 6.2.9200.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: aec
 
Start Time: 01d08ac7715ba11b
 
Termination Time: 7
 
Application Path: C:\WINDOWS\System32\SndVol.exe
 
Report Id: b62d68d6-f6ba-11e4-be7b-28924a57a39a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/09/2015 09:07:50 PM) (Source: Microsoft Security Client Setup) (User: ANTHONYS)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/08/2015 09:45:03 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 2.70.82.9 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f68
 
Start Time: 01d088fe13d2eb2a
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Steam\Steam.exe
 
Report Id: 01ba7fa8-f5ed-11e4-be7b-28924a57a39a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/08/2015 07:43:05 PM) (Source: MsiInstaller) (User: ANTHONYS)
Description: Product: NVIDIA PhysX -- Installation terminated
 
 
System errors:
=============
Error: (05/10/2015 05:45:05 AM) (Source: Service Control Manager) (User: )
Description: The CoupoonService64 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/10/2015 05:06:12 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\WINDOWS\AppCompat\Programs\Amcache.hve
 
Error: (05/10/2015 05:04:18 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE
 
Error: (05/10/2015 05:05:04 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:59:54 AM on ‎5/‎10/‎2015 was unexpected.
 
Error: (05/10/2015 05:02:38 AM) (Source: Service Control Manager) (User: )
Description: The CoupoonService64 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/07/2015 03:42:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:27:55 AM on ‎5/‎7/‎2015 was unexpected.
 
Error: (05/06/2015 05:00:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0920: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 8 and Windows Server 2012 x64 (KB2979577).
 
Error: (05/06/2015 05:00:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0920: Security Update for Windows 8 for x64-based Systems (KB2993958).
 
Error: (05/06/2015 05:00:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0920: Security Update for Windows 8 for x64-based Systems (KB2757638).
 
Error: (05/06/2015 05:00:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0920: Security Update for Windows 8 for x64-based Systems (KB3031432).
 
 
Microsoft Office Sessions:
=========================
Error: (05/10/2015 05:44:58 AM) (Source: Application Error)(User: )
Description: iiwjljrnpc64.exe0.0.0.0551bf9eentdll.dll6.2.9200.173135507a832c0000005000000000009a3bb47c01d08b057b3ae5afC:\Program Files (x86)\coupoon\iiwjljrnpc64.exeC:\WINDOWS\SYSTEM32\ntdll.dll3818ea5e-f6f9-11e4-be7d-28924a57a39a
 
Error: (05/10/2015 05:02:08 AM) (Source: Application Error)(User: )
Description: iiwjljrnpc64.exe0.0.0.0551bf9eentdll.dll6.2.9200.163845010acd2c00000050000000000005579ccc01d08afff17c990fC:\Program Files (x86)\coupoon\iiwjljrnpc64.exeC:\WINDOWS\SYSTEM32\ntdll.dll3c14628d-f6f3-11e4-be7b-28924a57a39a
 
Error: (05/10/2015 04:42:45 AM) (Source: Microsoft Security Client Setup)(User: ANTHONYS)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (05/09/2015 10:17:43 PM) (Source: Application Hang)(User: )
Description: SndVol.exe6.2.9200.16384aec01d08ac7715ba11b7C:\WINDOWS\System32\SndVol.exeb62d68d6-f6ba-11e4-be7b-28924a57a39a
 
Error: (05/09/2015 09:07:50 PM) (Source: Microsoft Security Client Setup)(User: ANTHONYS)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (05/09/2015 03:04:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/08/2015 09:45:03 PM) (Source: Application Hang)(User: )
Description: Steam.exe2.70.82.9f6801d088fe13d2eb2a4294967295C:\Program Files (x86)\Steam\Steam.exe01ba7fa8-f5ed-11e4-be7b-28924a57a39a
 
Error: (05/08/2015 07:43:05 PM) (Source: MsiInstaller)(User: ANTHONYS)
Description: Product: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-10 05:48:40.860
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-10 05:47:42.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-10 05:47:34.378
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-10 05:46:12.210
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-09 12:13:08.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-09 02:12:14.259
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-09 02:11:48.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-09 01:22:13.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-08 21:44:26.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-08 19:35:35.048
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.20808 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
AnySend (HKLM-x32\...\ASPackage) (Version: 1.0.0.0 - CMI Limited)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Consumer Input (remove only) (HKLM-x32\...\Consumer Input Installer) (Version:  - Compete Inc.)
Consumer Input Update Helper (x32 Version: 1.3.25.309 - Compete Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Coupoon version 1.0 (HKLM-x32\...\{49F8B4F8-0CD4-4BE4-A9E8-B13A071F7C90}_is1) (Version: 1.0 - Coupoon)
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.5.2171.95 - The Crossbrowse Authors)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FlashBeat (HKLM-x32\...\FlashBeat) (Version:  - )
GamesDesktop 025.540 (HKLM-x32\...\gmsd_us_540_is1) (Version:  - GAMESDESKTOP)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{F244D07D-1876-4CDD-914D-214E15A8D327}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.45.15 - Oracle Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Medal of Honor™ Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Navigate Underscore (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - Navigate Underscore)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
Optimise Broadband (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Optimise Broadband)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Daybreak Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.23.10.51 - Client Connect LTD)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\Steam App 355840) (Version:  - Vostok Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A8C313A7-206B-442D-AADD-29818CF60981}) (Version: 6.1.4.0 - Husdawg, LLC)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 40%
Total physical RAM: 5602.26 MB
Available physical RAM: 3330.08 MB
Total Pagefile: 6498.26 MB
Available Pagefile: 3832.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.75 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:439.25 GB) (Free:263.65 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:25.31 GB) (Free:3.01 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ANTHONYS
 
Administrator            anthony                  Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
02-05-2015 17:39:39 Windows Update
03-05-2015 19:04:17 Installed System Requirements Lab Detection
05-05-2015 22:47:15 Installed DirectX
07-05-2015 00:37:50 Installed DirectX
08-05-2015 02:16:02 Installed Microsoft Visual C++ 2005 Redistributable
09-05-2015 18:05:34 Installed DirectX
 
**** End of log ****
 
 
 Results of screen317's Security Check version 1.001  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 45  
 Mozilla Firefox (37.0.2) 
 Google Chrome (42.0.2311.135) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MsMpEng.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:34 AM

Posted 10 May 2015 - 05:19 AM

Hi there,

I see that you attempted to install Microsoft Security Essentials - you can't, because Windows Defender in Windows 8 is essentially a built-in version of MSE.

DaemonTools is notorious for bundling crapware, so I recommend you to choose an alternative if you can.

Please uninstall the following software from Programs and Features:

Consumer Input (remove only) (HKLM-x32\...\Consumer Input Installer) (Version: - Compete Inc.)
Coupoon version 1.0 (HKLM-x32\...\{49F8B4F8-0CD4-4BE4-A9E8-B13A071F7C90}_is1) (Version: 1.0 - Coupoon)
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.5.2171.95 - The Crossbrowse Authors)
FlashBeat (HKLM-x32\...\FlashBeat) (Version: - )
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.23.10.51 - Client Connect LTD)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.)

If you need information on how to do this or run into trouble, let me know.

Do you recognize these software?

Navigate Underscore (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - Navigate Underscore)
Optimise Broadband (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Optimise Broadband)


After you are finished with uninstalling the software, please run this.

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#5 jar28056

jar28056
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 10 May 2015 - 05:33 AM

# AdwCleaner v4.203 - Logfile created 10/05/2015 at 06:30:34
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [Server]
# Operating system : Windows 8  (x64)
# Username : anthony - ANTHONYS
# Running from : C:\Users\anthony\Desktop\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****

Service Found : netfilter64
Service Found : CoupoonService64

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\anthony\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
File Found : C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\em15q93i.default\searchplugins\trovi.xml
File Found : C:\Users\anthony\AppData\Roaming\Mozilla\Firefox\Profiles\em15q93i.default\searchplugins\yahoo_ff.xml
File Found : C:\Users\anthony\Desktop\Continue Live Installation.lnk
File Found : C:\WINDOWS\System32\drivers\netfilter64.sys
Folder Found : C:\Program Files (x86)\coupoon
Folder Found : C:\Program Files (x86)\Coupoon
Folder Found : C:\Program Files (x86)\gmsd_us_540
Folder Found : C:\Program Files\coupoon
Folder Found : C:\Program Files\Coupoon
Folder Found : C:\ProgramData\FlashBeat
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Found : C:\Users\anthony\AppData\Local\gmsd_us_540
Folder Found : C:\Users\anthony\AppData\Local\SmartWeb

***** [ Scheduled tasks ] *****

Task Found : SmartWeb Upgrade Trigger Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Conduit_Search_Protect
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\Conduit_Search_Protect
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\TutoTag
Key Found : HKLM\SOFTWARE\CompeteInc
Key Found : HKLM\SOFTWARE\Coupoon
Key Found : HKLM\SOFTWARE\coupoon
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\FlashBeat
Key Found : HKLM\SOFTWARE\GAMESDESKTOP
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_us_540_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : [x64] HKLM\SOFTWARE\coupoon
Key Found : [x64] HKLM\SOFTWARE\Coupoon
Key Found : [x64] HKLM\SOFTWARE\FlashBeat
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_us_540]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17267

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=55&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC-B16BE089251A&D=051015&SSPV=

-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[em15q93i.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=55&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC[...]

-\\ Google Chrome v42.0.2311.135

[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=58&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC-B16BE089251A&D=051015&q={searchTerms}&SSPV=
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=55&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC-B16BE089251A&D=051015&SSPV=
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=55&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC-B16BE089251A&D=051015&SSPV=
[C:\Users\anthony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Default_Search_Provider_Data] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321542&octid=EB_ORIGINAL_CTID&ISID=MEA1410E2-1BE9-4EED-A3E7-F80FE0BB4C15&SearchSource=58&CUI=&UM=8&UP=SP4726C557-C9E4-4EFF-B0EC-B16BE089251A&D=051015&q={searchTerms}&SSPV=

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [6502 bytes] - [10/05/2015 06:30:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6561 bytes] ##########
 

 

I Have not heard of either of those two files/programs that you quoted above?



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:34 AM

Posted 10 May 2015 - 07:03 AM

Hi there,

Have you uninstalled all of the software I asked, and also the other two (since you did not recognize them)?

Alex

#7 jar28056

jar28056
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 10 May 2015 - 12:34 PM

I did not get the other two, should I delete them and re=run Adwcleaner?



#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:34 AM

Posted 10 May 2015 - 12:36 PM

Hi there,

Just uninstalling them is fine.

After that please re-run AdwCleaner and choose Cleaning for all detected objects.

Regards,
Alex

#9 jar28056

jar28056
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 10 May 2015 - 12:52 PM

Alright, I am done with that and it seems to be okay. I greatly appreciate the help!



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:34 AM

Posted 10 May 2015 - 12:58 PM

Please post the cleaning log from AdwCleaner so I can see what's removed.

Afterwards please run this.

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users