Results 1 to 1 of 1

Thread: search gol and FVL download are taking over my browsers, Delta Toolbar

  1. #1
    Junior Member
    Join Date
    Sep 2013
    Posts
    1

    Default search gol and FVL download are taking over my browsers, Delta Toolbar

    Hi,

    I apologize in advance if I don't provide the right information. I'm a little overwhelmed. I downloaded mozilla last night and I think I brought in some adware with it. Search gol keeps turning itself into my homepage and when I use other websites I get floating ads for FVL downloads and refrigerator information. I used spybot search & destroy and it has found and fixed several toolbars. The one that keeps showing up in the spybot scan is Delta Toolbar and spybot appears to fix the problem but every time I scan, it finds Delta Toolbar again.

    Thank you for your help.

    AprilC

    Here are the analysis messages:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16421
    Run by Halhanningham at 10:14:42 on 2013-09-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3982.1984 [GMT -7:00]
    .
    AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Users\Halhanningham\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
    C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Windows\SysWOW64\irstrtsv.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
    C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Windows\AsScrPro.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files\Elantech\ETDGesture.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Windows\system32\igfxpers.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    C:\Program Files (x86)\Fitbit\fitbit.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.com/
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    mWinlogon: Userinit = userinit.exe
    BHO: LyriXeeker-1: {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.dll
    BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Halhanningham\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
    TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 10.4.252.252 205.153.159.252
    TCP: Interfaces\{A9AAF4C4-CAF7-4A3A-A13D-5757DAB20855} : DHCPNameServer = 10.4.252.252 205.153.159.252
    TCP: Interfaces\{A9AAF4C4-CAF7-4A3A-A13D-5757DAB20855}\14072796C63702E4564777F627B6 : DHCPNameServer = 192.168.0.1
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = hxxp://asus.msn.com
    x64-BHO: LyriXeeker-1: {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho64.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
    x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysWOW64\DptfPolicyLpmServiceHelper.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Halhanningham\AppData\Roaming\Mozilla\Firefox\Profiles\dudjhdl1.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=609AC485082AD321&affID=119351&tsp=5015
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
    FF - ExtSQL: 2013-09-24 08:04; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn
    FF - ExtSQL: 2013-09-24 08:57; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 assd;assd;C:\Windows\System32\drivers\assd.sys [2013-9-23 27056]
    R0 excsd;ExpressCache Storage Filter Driver;C:\Windows\System32\drivers\excsd.sys [2013-9-23 95024]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-14 19224]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1500010.003\SymDS64.sys [2013-9-23 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1500010.003\SymEFA64.sys [2013-9-23 1147480]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [2013-9-3 1525336]
    R1 ccSet_NAV;NAV Settings Manager;C:\Windows\System32\drivers\NAVx64\1500010.003\ccSetx64.sys [2013-9-23 150104]
    R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DE05000.043\ccSetx64.sys [2013-9-23 150104]
    R1 excfs;ExpressCache File System Filter Driver;C:\Windows\System32\drivers\excfs.sys [2013-9-23 23344]
    R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130923.001\IDSviA64.sys [2013-9-23 520280]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1500010.003\Ironx64.sys [2013-9-23 264280]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1500010.003\symnets.sys [2013-9-23 590424]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-4-13 277120]
    R2 BitGuard;BitGuard;C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-9-23 2845152]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-3-27 1014096]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-3-27 1104208]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Halhanningham\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-9-23 107520]
    R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application;C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [2012-6-14 18944]
    R2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application;C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [2012-6-14 19968]
    R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-30 79664]
    R2 Fitbit;Fitbit Data Uploader;C:\Program Files (x86)\Fitbit\fitbit.exe [2013-9-24 773152]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-9-23 128280]
    R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2013-9-23 193536]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-9-23 161560]
    R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [2013-9-23 262288]
    R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [2013-9-23 129424]
    R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-23 1901752]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-9-23 363800]
    R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
    R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2013-9-23 17152]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
    R3 AsusVBus;AsusVBus;C:\Windows\System32\drivers\AsusVBus.sys [2012-4-11 35968]
    R3 AsusVTouch;AsusVTouch;C:\Windows\System32\drivers\AsusVTouch.sys [2012-4-11 16512]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-3-27 1304912]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
    R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
    R3 DptfDevDram;DptfDevDram;C:\Windows\System32\drivers\DptfDevDram.sys [2012-6-14 107288]
    R3 DptfDevFan;DptfDevFan;C:\Windows\System32\drivers\DptfDevFan.sys [2012-6-14 42776]
    R3 DptfDevGen;DptfDevGen;C:\Windows\System32\drivers\DptfDevGen.sys [2012-6-14 64792]
    R3 DptfDevPch;DptfDevPch;C:\Windows\System32\drivers\DptfDevPch.sys [2012-6-14 96024]
    R3 DptfDevProc;DptfDevProc;C:\Windows\System32\drivers\DptfDevProc.sys [2012-6-14 220952]
    R3 DptfManager;DptfManager;C:\Windows\System32\drivers\DptfManager.sys [2012-6-14 357656]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-9-23 140376]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-6-14 200488]
    R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-14 331264]
    R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2013-9-23 26504]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-14 356632]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-14 789272]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-2-28 25496]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2013-9-23 311400]
    S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-9-16 573952]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-2-18 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-2-28 34232]
    S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2013-9-24 26856]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-09-24 16:06:08 -------- d-----w- C:\ProgramData\Fitbit
    2013-09-24 16:06:00 31976 ----a-w- C:\Windows\System32\drivers\SiLib.sys
    2013-09-24 16:06:00 26856 ----a-w- C:\Windows\System32\drivers\SiUSBXp.sys
    2013-09-24 16:06:00 -------- d-----w- C:\Program Files (x86)\Fitbit
    2013-09-24 07:30:48 -------- d-----w- C:\Users\Halhanningham\AppData\Local\CrashDumps
    2013-09-24 07:28:12 -------- d-----w- C:\Windows\SysWow64\searchplugins
    2013-09-24 07:28:12 -------- d-----w- C:\Windows\SysWow64\Extensions
    2013-09-24 07:10:28 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-09-24 07:10:28 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2013-09-24 06:37:25 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2013-09-24 06:33:18 150104 ----a-r- C:\Windows\System32\drivers\NSTx64\7DE05000.043\ccSetx64.sys
    2013-09-24 06:33:11 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DE05000.043
    2013-09-24 06:33:11 -------- d-----w- C:\Windows\System32\drivers\NSTx64
    2013-09-24 06:33:09 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe
    2013-09-24 06:32:57 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-09-24 06:32:57 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2013-09-24 06:32:45 854616 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\srtsp64.sys
    2013-09-24 06:32:45 590424 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\symnets.sys
    2013-09-24 06:32:45 493656 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\SymDS64.sys
    2013-09-24 06:32:45 36952 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\srtspx64.sys
    2013-09-24 06:32:45 264280 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\Ironx64.sys
    2013-09-24 06:32:45 23568 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\SymELAM.sys
    2013-09-24 06:32:45 150104 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\ccSetx64.sys
    2013-09-24 06:32:45 1147480 ----a-r- C:\Windows\System32\drivers\NAVx64\1500010.003\SymEFA64.sys
    2013-09-24 06:31:41 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1500010.003
    2013-09-24 06:31:41 -------- d-----w- C:\Windows\System32\drivers\NAVx64
    2013-09-24 06:31:36 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus
    2013-09-24 06:31:35 -------- d-----w- C:\ProgramData\Norton
    2013-09-24 06:27:20 -------- d-----w- C:\ProgramData\NortonInstaller
    2013-09-24 06:27:20 -------- d-----w- C:\Program Files (x86)\NortonInstaller
    2013-09-24 05:59:22 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Google
    2013-09-24 05:40:42 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Adobe
    2013-09-24 05:40:19 -------- d-----w- C:\Users\Halhanningham\AppData\Roaming\UpdaterEX
    2013-09-24 05:39:58 -------- d-----w- C:\ProgramData\BitGuard
    2013-09-24 05:39:35 -------- d-----w- C:\ProgramData\DSearchLink
    2013-09-24 05:39:11 -------- d-----w- C:\Users\Halhanningham\AppData\Roaming\Systweak
    2013-09-24 05:39:08 20312 ----a-w- C:\Windows\System32\roboot64.exe
    2013-09-24 05:39:07 -------- d-----w- C:\Program Files (x86)\LyriXeeker-1
    2013-09-24 05:39:02 -------- d-----w- C:\Program Files (x86)\DefaultTab
    2013-09-24 05:38:51 -------- d-----w- C:\Users\Halhanningham\AppData\Roaming\DefaultTab
    2013-09-24 05:27:17 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Mozilla
    2013-09-24 05:08:04 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
    2013-09-24 05:08:03 -------- d-----r- C:\Users\Halhanningham\SkyDrive
    2013-09-24 05:07:30 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
    2013-09-24 04:51:09 -------- d-----w- C:\Users\Halhanningham\AppData\Roaming\ASUS WebStorage
    2013-09-24 04:50:43 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Microsoft Games
    2013-09-24 04:45:03 -------- d--h--w- C:\ProgramData\Common Files
    2013-09-24 04:42:55 564432 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
    2013-09-24 04:37:27 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
    2013-09-24 04:28:32 -------- d-----w- C:\Program Files\Microsoft Office 15
    2013-09-24 04:20:37 -------- d-----w- C:\ProgramData\ASUS
    2013-09-24 03:52:12 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Diagnostics
    2013-09-24 02:04:58 77919 ----a-w- C:\Program Files\Windows Sidebar\Gadgets\myBitCast.Gadget\uninst.exe
    2013-09-24 01:49:31 -------- d-----w- C:\Program Files\Intel Corporation
    2013-09-24 01:49:31 -------- d-----w- C:\Program Files\Common Files\Intel Corporation
    2013-09-24 01:46:13 23344 ----a-w- C:\Windows\System32\drivers\excfs.sys
    2013-09-24 01:46:12 95024 ----a-w- C:\Windows\System32\drivers\excsd.sys
    2013-09-24 01:46:11 -------- d-----w- C:\ProgramData\Diskeeper Corporation
    2013-09-24 01:46:11 -------- d-----w- C:\Program Files\Diskeeper Corporation
    2013-09-24 01:46:11 -------- d-----w- C:\Program Files\Common Files\Diskeeper Corporation
    2013-09-24 01:46:03 27056 ----a-w- C:\Windows\System32\drivers\assd.sys
    2013-09-24 01:46:02 -------- d-----w- C:\Program Files (x86)\Common Files\ASUS
    2013-09-24 01:45:27 80512 ----a-w- C:\Windows\AsusScr_UX32VD Uninstaller.exe
    2013-09-24 01:45:25 159862016 ------w- C:\Windows\System32\AsusScr_UX32VD.scr
    2013-09-24 01:45:24 3058304 ----a-w- C:\Windows\AsScrPro.exe
    2013-09-24 01:45:04 -------- d-----w- C:\ProgramData\USBChargerPlus
    2013-09-24 01:43:26 162456 ----a-w- C:\Windows\SysWow64\ACEngSvr.exe
    2013-09-24 01:43:08 224384 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOnTM.gadget\InstantOnCOM.dll
    2013-09-24 01:42:58 17152 ----a-w- C:\Windows\System32\drivers\AiCharger.sys
    2013-09-24 01:40:24 196224 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
    2013-09-24 01:40:21 -------- d-----w- C:\ProgramData\P4G
    2013-09-24 01:40:21 -------- d-----w- C:\Program Files\ASUS
    2013-09-24 01:40:10 193536 ----a-w- C:\Windows\SysWow64\irstrtsv.exe
    2013-09-24 01:40:06 26504 ----a-w- C:\Windows\System32\drivers\irstrtdv.sys
    2013-09-24 01:37:39 -------- d-----w- C:\Program Files (x86)\Intel Corporation
    2013-09-24 01:35:25 -------- d-----w- C:\Program Files (x86)\ASIX Electronics Corporation
    2013-09-24 01:35:17 -------- d-----w- C:\Program Files\Elantech
    2013-09-24 01:34:12 -------- d--h--w- C:\Windows\System32\WLANProfiles
    2013-09-24 01:33:56 -------- d-----w- C:\ProgramData\Roaming
    2013-09-24 01:32:50 -------- d-----w- C:\Program Files (x86)\Cisco
    2013-09-24 01:32:46 -------- d-----w- C:\ProgramData\Intel.sav
    2013-09-24 01:32:37 -------- d-----w- C:\Windows\SysWow64\sda
    2013-09-24 01:32:33 311400 ----a-w- C:\Windows\System32\drivers\rtsuvstor.sys
    2013-09-24 01:32:33 17512 ------w- C:\Windows\System32\drivers\diskperf64.sys
    2013-09-24 01:32:32 9888360 ----a-w- C:\Windows\SysWow64\RtsUVStoricon.dll
    2013-09-24 01:32:01 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
    2013-09-24 01:31:32 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
    2013-09-24 01:31:31 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
    2013-09-24 01:31:13 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
    2013-09-24 01:31:00 -------- d-----w- C:\Windows\SysWow64\RTCOM
    2013-09-24 01:31:00 -------- d-----w- C:\Program Files\Realtek
    2013-09-24 01:28:36 -------- d-----w- C:\Program Files\Common Files\Intel
    2013-09-24 01:28:35 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
    2013-09-24 01:24:20 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
    2013-09-24 01:24:09 -------- d-----w- C:\Intel
    2013-09-24 01:22:01 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2013-09-24 01:21:26 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2013-09-24 01:21:00 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2013-09-24 01:21:00 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2013-09-24 01:17:10 -------- d-----w- C:\eSupport
    2013-09-24 01:11:30 -------- d-----w- C:\Users\Halhanningham\AppData\Local\Power2Go
    2013-09-24 01:11:29 387 ----a-w- C:\Users\Halhanningham\AppData\Roaming\sp_data.sys
    2013-09-24 01:10:14 -------- d-----w- C:\Users\Halhanningham\AppData\Local\VirtualStore
    .
    ==================== Find3M ====================
    .
    .
    ============= FINISH: 10:15:29.12 ===============


    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-09-24 10:24:00
    -----------------------------
    10:24:00.295 OS Version: Windows x64 6.1.7601 Service Pack 1
    10:24:00.295 Number of processors: 4 586 0x3A09
    10:24:00.296 ComputerName: ELEVATE UserName:
    10:24:00.526 Initialze error 1
    10:24:32.341 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
    10:24:32.346 Disk 0 Vendor: Hitachi_ GG2O Size: 476940MB BusType: 3
    10:24:32.352 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
    10:24:32.357 Disk 1 Vendor: SanDisk_ 11.5 Size: 22902MB BusType: 3
    10:24:32.399 Disk 0 MBR read successfully
    10:24:32.402 Disk 0 MBR scan
    10:24:32.405 Disk 0 unknown MBR code
    10:24:32.407 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
    10:24:32.409 Disk 0 scanning C:\Windows\system32\drivers
    10:24:32.412 Service scanning
    10:24:32.950 Modules scanning
    10:24:32.959 Disk 0 trace - called modules:
    10:24:32.971 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
    10:24:32.982 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80074b6060]
    10:24:32.996 3 CLASSPNP.SYS[fffff88001e5143f] -> nt!IofCallDriver -> [0xfffffa80040986f0]
    10:24:33.005 5 ACPI.sys[fffff88000f3f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8006257050]
    10:24:33.012 Scan finished successfully
    10:25:04.780 Disk 0 MBR has been saved successfully to "C:\Users\Halhanningham\Desktop\MBR.dat"
    10:25:04.784 The log file has been saved successfully to "C:\Users\Halhanningham\Desktop\aswMBR.txt"
    Attached Files Attached Files

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •