I reset my computer back to factory settings. i loaded it back with printer and scanner, then i updated it, i have Bitdefender antivirus 2014 . when the update was finished i ended up with a pop up window that i cant remove some people say its a virus. i tried Add/Remove and a root kit but to no advail. I did another back to factory settings and still their,
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by nudger-tower at 18:24:54 on 2015-11-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.16317.12018 [GMT 0:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{DB88CB23-0873-4833-B080-386C11741A66} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2015-11-21 1288472]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2015-11-21 150256]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-20 16152]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2015-11-21 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2015-11-21 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2015-11-21 76944]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-5-7 172344]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-20 161560]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2015-11-21 363344]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2015-11-21 94624]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-20 363800]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2015-11-21 67320]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2015-11-21 647752]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-20 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-20 788760]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-11-21 24152]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-20 648808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2015-11-21 263032]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2015-11-21 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2015-11-21 82824]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2015-11-21 77632]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2015-11-22 15:49:56 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-22 15:49:55 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-11-22 15:49:11 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-11-22 14:11:53 -------- d-----w- C:\ProgramData\Visan
2015-11-22 14:11:53 -------- d-----w- C:\ProgramData\HP Photo Creations
2015-11-22 14:11:53 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2015-11-22 14:11:45 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\HpUpdate
2015-11-22 14:11:44 741480 ------w- C:\Windows\System32\HPDiscoPMBC11.dll
2015-11-22 14:11:31 -------- d-----w- C:\Program Files (x86)\HP
2015-11-22 14:11:29 -------- d-----w- C:\Program Files\HP
2015-11-22 14:10:59 -------- d-----w- C:\Users\nudger-tower\AppData\Local\HP
2015-11-22 14:03:56 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll
2015-11-21 21:11:58 -------- d-----w- C:\Program Files\Common Files\AV
2015-11-21 21:08:32 647752 ----a-w- C:\Windows\System32\drivers\avckf.sys
2015-11-21 21:08:16 34384 ----a-w- C:\Windows\System32\bdsandboxuh.dll
2015-11-21 21:07:53 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2015-11-21 21:07:41 84848 ----a-w- C:\Windows\System32\bdsandboxuiskin.dll
2015-11-21 21:06:05 -------- d-----w- C:\ProgramData\BDLogging
2015-11-21 21:06:02 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2015-11-21 21:06:01 93600 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2015-11-21 21:06:01 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2015-11-21 21:06:01 511328 ----a-w- C:\Windows\capicom.dll
2015-11-21 21:05:55 263032 ----a-w- C:\Windows\System32\drivers\avchv.sys
2015-11-21 21:05:54 1288472 ----a-w- C:\Windows\System32\drivers\avc3.sys
2015-11-21 21:05:49 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\Bitdefender
2015-11-21 21:05:46 2216 ----a-w- C:\ProgramData\1448139841.5004.bin
2015-11-21 21:00:19 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\Malwarebytes
2015-11-21 20:59:38 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2015-11-21 20:59:38 -------- d-----w- C:\ProgramData\Malwarebytes
2015-11-21 20:59:35 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-11-21 20:59:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-11-21 20:49:46 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\SUPERAntiSpyware.com
2015-11-21 20:49:43 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2015-11-21 20:49:43 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2015-11-21 20:43:36 -------- d-----w- C:\Users\nudger-tower\AppData\Local\Google
2015-11-21 20:40:47 -------- d-----w- C:\Users\nudger-tower\AppData\Local\DSG_Retail_Ltd
2015-11-21 20:40:34 -------- d-----w- C:\Users\nudger-tower\AppData\Local\ATI
2015-11-21 20:40:06 2620928 ----a-w- C:\Windows\System32\wucltux.dll
.
==================== Find3M ====================
.
2015-11-21 21:20:31 558 ----a-w- C:\ProgramData\1448139841.1792.bin
2015-11-21 21:20:31 558 ----a-w- C:\ProgramData\1448139841.1404.bin
2015-11-21 21:20:31 45238 ----a-w- C:\ProgramData\1448139841.1480.bin
2015-11-21 21:20:31 3735 ----a-w- C:\ProgramData\1448139841.3688.bin
2015-11-21 21:20:31 228372 ----a-w- C:\ProgramData\1448139841.2500.bin
2015-11-21 21:20:31 1731065 ----a-w- C:\ProgramData\1448139841.4300.bin
2015-11-21 21:20:31 15990 ----a-w- C:\ProgramData\1448139841.3600.bin
2015-11-21 21:20:31 13936 ----a-w- C:\ProgramData\1448139841.4436.bin
2015-11-21 21:20:31 110270 ----a-w- C:\ProgramData\1448139841.1800.bin
2015-11-21 21:20:31 10648 ----a-w- C:\ProgramData\1448139841.2516.bin
2015-11-21 21:08:18 150256 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2015-11-21 21:08:16 452040 ----a-w- C:\Windows\System32\drivers\trufos.sys
2015-11-21 21:04:53 1451 ----a-w- C:\ProgramData\1448139841.3988.bin
.
============= FINISH: 18:25:10.88 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by nudger-tower at 18:24:54 on 2015-11-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.16317.12018 [GMT 0:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Keyboard Indicator\KeyboardIndicatorEx.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{DB88CB23-0873-4833-B080-386C11741A66} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2015-11-21 1288472]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2015-11-21 150256]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-20 16152]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2015-11-21 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2015-11-21 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2015-11-21 76944]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-5-7 172344]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-20 161560]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2015-11-21 363344]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2015-11-21 94624]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-20 363800]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2015-11-21 67320]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2015-11-21 647752]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-20 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-20 788760]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-11-21 24152]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-20 648808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2015-11-21 263032]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2015-11-21 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2015-11-21 82824]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2015-11-21 77632]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2015-11-22 15:49:56 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-22 15:49:55 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-11-22 15:49:11 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-11-22 14:11:53 -------- d-----w- C:\ProgramData\Visan
2015-11-22 14:11:53 -------- d-----w- C:\ProgramData\HP Photo Creations
2015-11-22 14:11:53 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2015-11-22 14:11:45 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\HpUpdate
2015-11-22 14:11:44 741480 ------w- C:\Windows\System32\HPDiscoPMBC11.dll
2015-11-22 14:11:31 -------- d-----w- C:\Program Files (x86)\HP
2015-11-22 14:11:29 -------- d-----w- C:\Program Files\HP
2015-11-22 14:10:59 -------- d-----w- C:\Users\nudger-tower\AppData\Local\HP
2015-11-22 14:03:56 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll
2015-11-21 21:11:58 -------- d-----w- C:\Program Files\Common Files\AV
2015-11-21 21:08:32 647752 ----a-w- C:\Windows\System32\drivers\avckf.sys
2015-11-21 21:08:16 34384 ----a-w- C:\Windows\System32\bdsandboxuh.dll
2015-11-21 21:07:53 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2015-11-21 21:07:41 84848 ----a-w- C:\Windows\System32\bdsandboxuiskin.dll
2015-11-21 21:06:05 -------- d-----w- C:\ProgramData\BDLogging
2015-11-21 21:06:02 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2015-11-21 21:06:01 93600 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2015-11-21 21:06:01 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2015-11-21 21:06:01 511328 ----a-w- C:\Windows\capicom.dll
2015-11-21 21:05:55 263032 ----a-w- C:\Windows\System32\drivers\avchv.sys
2015-11-21 21:05:54 1288472 ----a-w- C:\Windows\System32\drivers\avc3.sys
2015-11-21 21:05:49 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\Bitdefender
2015-11-21 21:05:46 2216 ----a-w- C:\ProgramData\1448139841.5004.bin
2015-11-21 21:00:19 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\Malwarebytes
2015-11-21 20:59:38 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2015-11-21 20:59:38 -------- d-----w- C:\ProgramData\Malwarebytes
2015-11-21 20:59:35 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-11-21 20:59:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-11-21 20:49:46 -------- d-----w- C:\Users\nudger-tower\AppData\Roaming\SUPERAntiSpyware.com
2015-11-21 20:49:43 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2015-11-21 20:49:43 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2015-11-21 20:43:36 -------- d-----w- C:\Users\nudger-tower\AppData\Local\Google
2015-11-21 20:40:47 -------- d-----w- C:\Users\nudger-tower\AppData\Local\DSG_Retail_Ltd
2015-11-21 20:40:34 -------- d-----w- C:\Users\nudger-tower\AppData\Local\ATI
2015-11-21 20:40:06 2620928 ----a-w- C:\Windows\System32\wucltux.dll
.
==================== Find3M ====================
.
2015-11-21 21:20:31 558 ----a-w- C:\ProgramData\1448139841.1792.bin
2015-11-21 21:20:31 558 ----a-w- C:\ProgramData\1448139841.1404.bin
2015-11-21 21:20:31 45238 ----a-w- C:\ProgramData\1448139841.1480.bin
2015-11-21 21:20:31 3735 ----a-w- C:\ProgramData\1448139841.3688.bin
2015-11-21 21:20:31 228372 ----a-w- C:\ProgramData\1448139841.2500.bin
2015-11-21 21:20:31 1731065 ----a-w- C:\ProgramData\1448139841.4300.bin
2015-11-21 21:20:31 15990 ----a-w- C:\ProgramData\1448139841.3600.bin
2015-11-21 21:20:31 13936 ----a-w- C:\ProgramData\1448139841.4436.bin
2015-11-21 21:20:31 110270 ----a-w- C:\ProgramData\1448139841.1800.bin
2015-11-21 21:20:31 10648 ----a-w- C:\ProgramData\1448139841.2516.bin
2015-11-21 21:08:18 150256 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2015-11-21 21:08:16 452040 ----a-w- C:\Windows\System32\drivers\trufos.sys
2015-11-21 21:04:53 1451 ----a-w- C:\ProgramData\1448139841.3988.bin
.
============= FINISH: 18:25:10.88 ===============