Inactive Firefox Surveys popups

[Inactive] Firefox Surveys popups

I am getting surveys popups in firefox. They popup in a new FF window. It has ask to do the survey about the site I visit.(ie Ebay ,Yahoo mail, what ever I am at. (even this BBS forum). Superantispy ware found nothing, malewarebytes found nothin.I work out of Town and am only home Saturday afternoon and Sunday. Rest of the week out of town no computer so be patient with me. results on scanns are as followed. I am just an average computer user.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/26/2009 5:34:41 PM
System Uptime: 8/11/2013 1:02:59 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4N78 PRO
Processor: AMD Phenom(tm) II X3 710 Processor | AM2/AM3 | 2600/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 360.297 GiB free.
D: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP72: 7/28/2013 4:01:04 AM - Windows Update
RP73: 7/28/2013 9:39:47 AM - Windows Update
RP74: 7/28/2013 10:07:48 AM - Removed ScreenRecorder
RP75: 7/28/2013 10:15:11 AM - 7 28 2013 setup ok
RP76: 7/28/2013 10:16:20 AM - Removed Microsoft Streets & Trips 2011
RP77: 7/28/2013 10:25:45 AM - Before updates 7 28 13 #2
RP78: 7/28/2013 10:26:58 AM - Windows Update
RP79: 7/28/2013 11:36:51 AM - Installed AxCrypt 1.7.2976.0
RP80: 7/28/2013 11:51:54 AM - 7 28 13 before Klite code install #3
RP81: 7/28/2013 11:53:55 AM - Windows Update
RP82: 7/29/2013 11:06:49 AM - Windows Update
RP83: 8/1/2013 7:46:32 PM - Windows Update
RP84: 8/4/2013 11:00:05 AM - Removed Windows XP Mode
RP85: 8/4/2013 11:01:38 AM - Windows Modules Installer
RP86: 8/4/2013 11:10:46 AM - Installed Windows XP Mode
RP87: 8/4/2013 11:12:14 AM - Windows Update
RP88: 8/4/2013 1:45:03 PM - Removed Windows XP Mode
RP89: 8/4/2013 1:46:27 PM - Windows Modules Installer
RP90: 8/4/2013 2:03:29 PM - Installed Windows XP Mode
RP91: 8/4/2013 2:09:31 PM - Windows Update
RP92: 8/4/2013 8:39:39 PM - Windows Update
RP93: 8/4/2013 9:36:02 PM - 8-4-13 935 pm
RP94: 8/4/2013 9:40:57 PM - Windows Modules Installer
RP95: 8/4/2013 10:00:19 PM - Windows Modules Installer
RP96: 8/8/2013 5:06:58 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.12
AxCrypt 1.7.2976.0
Bonjour
CCleaner
CDBurnerXP
Cisco Connect
ConvertHelper 2.2
Cool & Quiet
D3DX10
Dropbox
DVD-Cloner V8.00 Build 1003
Free Opener
Freecorder 7 Applications (7.0.0.48)
Freecorder extension
Freecorder extension for Chrome
Freecorder extension for Firefox
Freecorder extension x64
FreeRIP v3.61
Google Chrome
Google Update Helper
Handy Address Book
HL-2270DW
iTunes
K-Lite Codec Pack (64-bit) v4.1.0
K-Lite Codec Pack 7.0.0 (Standard)
LAME v3.98.3 for Audacity
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access database engine 2010 (English)
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Word 2000 SR-1
Mozilla Firefox 22.0 (x86 en-US)
MSVCRT
Multimedia Card Reader
Next Video Converter 3.61
Nuance PDF Reader
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Drivers
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Opera 12.16
Pale Moon 20.2.1-x64 (x64 en-US)
PDFCreator
pdfforge Images2PDF 0.9.2.546
Revo Uninstaller 1.90
ROBLOX Player
Seagate*DiscWizard
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SUPERAntiSpyware
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
VLC media player 1.1.4
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series x64 Edition
Windows XP Mode
WinZip
.
==== Event Viewer Messages From Past Week ========
.
8/6/2013 11:14:10 AM, Error: Schannel [36887] - The following fatal alert was received: 47.
8/5/2013 8:52:58 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/5/2013 8:52:58 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
8/5/2013 1:14:07 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
8/4/2013 1:48:32 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: vpcnfltr
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16496
Run by mitchell at 2:03:38 on 2013-08-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3839.2804 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\JohnMitchell Installed Programs\CDBurnerXP\NMSAccessU.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\mitchell\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Pale Moon\palemoon.exe
C:\Program Files\Pale Moon\plugin-container.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Freecorder extension: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files (x86)\Freecorder extension\ScriptHost.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
StartupFolder: C:\Users\mitchell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mitchell\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{B37AD9BE-64F0-4763-B2DC-F0DE94A7116C} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 relog_ap
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Freecorder extension x64: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension x64\ScriptHost.dll
x64-Run: [Seagate Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe "
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\Bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-88f213c9d8fd49a1\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\addon@freecorder.com\plugins\npFreeCoder.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-07-28 09:47; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-07-28 09:48; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-07-28 09:48; artur.dubovoy@gmail.com; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-07-28 09:52; {03B08592-E5B4-45ff-A0BE-C1D975458688}; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - ExtSQL: 2013-07-28 10:12; addon@freecorder.com; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\addon@freecorder.com
FF - ExtSQL: 2013-08-02 01:20; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\xkavqixz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-8-17 245760]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-4 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-4 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-1 1255736]
.
=============== Created Last 30 ================
.
2013-08-11 00:55:19 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9491355E-FB60-49E2-B115-4764FF3266BE}\mpengine.dll
2013-08-09 23:38:08 9460976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-05 01:09:11 -------- d-----w- C:\Users\mitchell\dwhelper
2013-08-05 00:48:48 -------- d-----w- C:\Windows\System32\MRT
2013-08-05 00:39:28 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-08-05 00:39:28 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-08-05 00:39:24 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-08-05 00:39:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-08-05 00:39:23 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-08-05 00:39:23 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-08-05 00:39:23 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2013-08-05 00:39:21 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-08-05 00:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-08-04 18:20:01 -------- d-----w- C:\Users\mitchell\AppData\Roaming\Moonchild Productions
2013-08-04 18:20:01 -------- d-----w- C:\Users\mitchell\AppData\Local\Moonchild Productions
2013-08-04 18:19:13 -------- d-----w- C:\Program Files\Pale Moon
2013-08-04 18:10:56 3584 ----a-w- C:\Windows\System32\drivers\nb-NO\vpchbus.sys.mui
2013-08-04 18:09:59 562176 ----a-w- C:\Windows\System32\VMCPropertyHandler.dll
2013-08-04 18:09:59 360832 ----a-w- C:\Windows\System32\drivers\vpcvmm.sys
2013-08-04 18:09:59 15872 ----a-w- C:\Windows\System32\vpchbuspipe.dll
2013-08-04 18:09:53 1369600 ----a-w- C:\Windows\System32\VPCSettings.exe
2013-08-04 18:09:43 4514816 ----a-w- C:\Windows\System32\vpc.exe
2013-08-04 18:09:42 1210368 ----a-w- C:\Windows\System32\VMWindow.exe
2013-08-04 18:09:41 936448 ----a-w- C:\Windows\System32\vmsal.exe
2013-08-04 18:03:53 -------- d-----w- C:\Program Files\Windows XP Mode
2013-08-03 22:05:03 -------- d-----w- C:\Users\mitchell\AppData\Roaming\SUPERAntiSpyware.com
2013-08-03 22:04:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-08-03 22:04:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-07-29 15:02:06 -------- d-----w- C:\Program Files\Free Opener
2013-07-29 15:01:06 -------- d-----w- C:\ProgramData\APN
2013-07-29 14:03:47 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-07-29 14:03:47 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-07-28 22:55:24 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-28 22:55:24 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-28 20:00:54 -------- d-----w- C:\Users\mitchell\AppData\Local\Programs
2013-07-28 16:29:23 -------- d--h--w- C:\Program Files\Jsys
2013-07-28 16:28:44 -------- d--h--w- C:\Program Files (x86)\Jsys
2013-07-28 15:52:36 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2013-07-28 15:52:30 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
2013-07-28 15:52:30 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2013-07-28 15:52:29 237568 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2013-07-28 15:52:28 810496 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2013-07-28 15:52:28 183808 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2013-07-28 15:52:27 80896 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2013-07-28 15:52:21 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2013-07-28 15:37:16 -------- d-----w- C:\Program Files\Axantum
2013-07-28 15:37:12 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-28 15:37:12 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-28 15:02:23 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-07-28 15:02:23 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-07-28 15:02:23 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-07-28 15:02:23 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-07-28 14:50:45 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-07-28 14:50:06 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-07-28 14:50:06 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-07-28 14:49:43 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-07-28 14:49:32 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-07-28 14:39:00 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-07-28 14:39:00 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-07-28 14:39:00 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-07-28 14:39:00 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-07-28 14:38:02 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-07-28 14:38:02 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-07-28 14:38:01 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-07-28 14:38:01 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-07-28 14:38:01 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-07-28 14:38:00 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-07-28 14:38:00 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-07-28 14:13:08 -------- d-----w- C:\Program Files\Freecorder extension x64
2013-07-28 14:12:58 -------- d-----w- C:\Program Files (x86)\Freecorder extension
2013-07-28 13:40:48 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23F1A005-1897-45A2-BFA2-31CEB0885557}\gapaengine.dll
2013-07-28 13:35:04 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-07-28 13:35:04 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-07-28 13:35:04 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-07-28 13:34:51 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-07-28 13:34:51 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-07-28 13:34:51 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-07-28 13:34:51 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-07-28 13:34:34 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-28 13:34:33 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-07-28 13:34:26 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-28 13:34:26 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-28 13:33:57 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-07-28 13:33:54 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-07-28 13:33:54 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-07-28 13:33:54 111448 ----a-w- C:\Windows\System32\consent.exe
2013-07-28 13:33:46 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-07-28 13:33:46 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-07-28 13:33:45 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-07-28 13:30:14 -------- d-----w- C:\Users\mitchell\AppData\Roaming\pdfforge
2013-07-28 13:30:14 -------- d-----w- C:\Program Files\pdfforge
2013-07-28 07:59:54 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-07-28 07:58:55 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-07-28 07:57:52 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-28 07:40:45 263576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-07-28 07:38:35 -------- d-----w- C:\Users\mitchell\AppData\Local\Opera
2013-07-28 07:37:43 -------- d-----w- C:\Program Files\CCleaner
.
==================== Find3M ====================
.
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 2:04:31.80 ===============

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.10.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
mitchell :: MITCHELL-PC [administrator]

8/10/2013 5:30:44 PM
mbam-log-2013-08-10 (17-30-44).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 432095
Time elapsed: 1 hour(s), 5 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : mitchell [Admin rights]
Mode : Scan -- Date : 08/18/2013 12:19:47
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST350041 8AS SCSI Disk Device +++++
--- User ---
[MBR] d6af86a6877323e2f52a1b87786344df
[BSP] 8e63f2a7a3c3c1f2e92c799dcb08d684 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_08182013_121947.txt >>

 

Solved Could not find a malware are virus so I reformatted my hard drive 3 timed and restored from a pervious image, no more popup now