Vala

Thanks for the reply TwinHeadedEagle! Nothing unusual. I've occasionally ended up on a website which puts one of those "are you sure you want to close this page" popups, I always kill IE through Task Manager if this happens. That's the only thing I can think of, and don't consider it "unusual" really. Since RogueKiller saw it as a "potential" issue I thought it was worth asking about! Also, love the avatar.

I run Malwarebytes and RogueKiller occasionally to check out my system. RogueKiller picked up a possible PUM, Malwarebyes does not detect it. Not sure if it's an issue or not, I have had no symptoms that I noticed. I've attached my FRST logs. Here is the RogueKiller Report text: RogueKiller V10.10.9.0 (x64) [Oct 5 2015] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Tom [Administrator] Started from : C:\Users\Tom\Desktop\RogueKillerX64.exe Mode : Scan -- Date : 10/07/2015 21:17:26 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 2 ¤¤¤ [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2169158387-592479802-290800130-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2169158387-592479802-290800130-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST1000DM 005 HD103SJ SCSI Disk Device +++++ --- User --- [MBR] 7d2cce83dd184b78ac56c6931440f95a [bSP] 37931dd1dc2c64c6362cd8923421afbb : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Intel Raid 1 Volume SCSI Disk Device +++++ --- User --- [MBR] 4355c8fddee6f248341edc49006ea593 [bSP] 5b2a9398d9c11d7428fefb412ba02283 : Windows XP|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows XP Bootstrap | Windows XP Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) Addition.txt FRST.txt

Hello, I had a clean win7 home premium install as of Oct (Redid the OS after a cryptowall attack). Since then, I have had a couple malware issues. First I got poweliks. I used roguekiller as well as eset to eliminate that at the time. Today, I had a windows command center popup (did not let it do anything), then I had many processes running with strange names that were attributed to google chrome (I don't have chrome!). I ran zoek earlier, as well as roguekiller and malwarebytes. My FRST scan files are below, as well as malwarebyte results. At this point I'm suspicious of anything else that could be there. Thank you for any assistance! FRST.txt Addition.txt malwarebytes_threat_scan.txt