Ok here is my Malwarebytes and Rogue killer results Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2014.06.21.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16921 Kyle :: KYLE-PC [limited] Protection: Enabled 6/22/2014 12:19:00 PM mbam-log-2014-06-22 (12-19-00).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 289538 Time elapsed: 9 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) User : Kyle [Admin rights] Mode : Scan -- Date : 06/22/2014 12:55:28 ¤¤¤ Bad processes : 1 ¤¤¤ [suspicious.Path] aim.exe -- C:\Users\Kyle\AppData\Local\AOL\AIM\aim.exe[7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 6 ¤¤¤ [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3065669881-1852518512-931670863-1000\Software\Microsoft\Windows\CurrentVersion\Run | AIM for Windows : "C:\Users\Kyle\AppData\Local\AOL\AIM\aim.exe" -> FOUND [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3065669881-1852518512-931670863-1000\Software\Microsoft\Windows\CurrentVersion\Run | AIM for Windows : "C:\Users\Kyle\AppData\Local\AOL\AIM\aim.exe" -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤ [suspicious.Path] \\{CBFBD86B-EDA4-49C2-B8A9-8F3A2D32F1BD} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Kyle\Desktop\frd.exe -d C:\Users\Kyle\Desktop) -> FOUND ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 10 ¤¤¤ [EAT:Addr] (iexplore.exe) gdiplus.dll - DirectInput8Create : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ecc8e [EAT:Addr] (iexplore.exe) gdiplus.dll - DllCanUnloadNow : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ec945 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllGetClassObject : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ec8d3 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllRegisterServer : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717f9f76 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllUnregisterServer : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717f9f98 [EAT:Addr] (iexplore.exe) gdiplus.dll - DirectInput8Create : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ecc8e [EAT:Addr] (iexplore.exe) gdiplus.dll - DllCanUnloadNow : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ec945 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllGetClassObject : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717ec8d3 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllRegisterServer : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717f9f76 [EAT:Addr] (iexplore.exe) gdiplus.dll - DllUnregisterServer : C:\Windows\SysWOW64\DINPUT8.dll @ 0x717f9f98 ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD6400AAKS-22A7B0 ATA Device +++++ --- User --- [MBR] bfa0f367947824ac2ff5b63155841be7 [bSP] a4dfaec4a2bc17de1120522682bb739f : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20467712 | Size: 300374 MB 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 635633664 | Size: 300111 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Seagate Expansion Desk USB Device +++++ Error reading User MBR! ([57] The parameter is incorrect. ) Error reading LL1 MBR! ([79] The semaphore timeout period has expired. ) Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: Seagate Expansion Desk USB Device +++++ --- User --- [MBR] a96474639bdb6630e2b1a5ae08e6e592 [bSP] 6dfd13ec719f2c19d68dc891f5fecdfb : Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907728 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: Seagate Expansion Desk USB Device +++++ Error reading User MBR! ([57] The parameter is incorrect. ) Error reading LL1 MBR! ([79] The semaphore timeout period has expired. ) Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Seagate Expansion Desk USB Device +++++ --- User --- [MBR] 0265147efff2d8c4f2a1e255bdf32e47 [bSP] 3c8253e1791b6246dba66bb232b29820 : Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907726 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive5: Seagate Expansion Desk USB Device +++++ --- User --- [MBR] 33702e07880bc349b188e1433ebdb54e [bSP] 555afaf0aee8f9507f1636ff94875143 : Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907728 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. )