urtreasured

ran malwarebytes one more time, here is the log: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.01.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18928 Owner :: GMB [administrator] Protection: Enabled 12/2/2013 9:47:59 AM mbam-log-2013-12-02 (09-47-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 214537 Time elapsed: 16 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious

The program which my computer wants me to run is: MS Windows maliicious software removal tool. This is the program in which I thought was bad. Is it?

OK, I deleted all selected and here is the new log: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.01.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18928 Owner :: GMB [administrator] Protection: Disabled 12/2/2013 9:03:32 AM mbam-log-2013-12-02 (09-03-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 214434 Time elapsed: 8 minute(s), 38 second(s) Memory Processes Detected: 1 C:\Program

Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.01.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18928 Owner :: GMB [administrator] Protection: Disabled 12/2/2013 9:03:32 AM MBAM-log-2013-12-02 (09-12-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 214434 Time elapsed: 8 minute(s), 38 second(s) Memory Processes Detected: 1 C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.W

although the log says MS security E. was active, I did deactivate them b4 running combofix.

combofix log 2 ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-BigFix - c:\program files\Bigfix\bigfix.exe MSConfigStartUp-DivX Free Codec - c:\program files\DivX Free Codec\Divx Free Update.exe MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe HKLM_ActiveSetup-ccc-core-static - msiexec . . . ************************************************************************** . catchme 0.3.13

combofix log 1 omboFix 13-11-23.02 - Owner 12/02/2013 8:36.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1917.922 [GMT -7:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Outdated* {D68D

starting combofix

yes I removed them, this morning. When I ran RK this morning I did not see the same results as yesterday. I do not have trained eye to even begin to think I know something, but it struck me as odd.

Just sent you the RK report. ? will wait to hear from you. the following programs were installed when I ran that7zip program yesterday: driver genius genieo speedupmypc slow-pcfixer winferno- registry power cleaner Yahoo explorer bar, set it to default

RogueKiller V8.7.9 [Nov 25 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 12/02/2013 07:53:58 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files /

will send list in separate post when rogue killer is complete, may be in the a.m.

rougue killer in process

While waiting for a reply, I tried it again and it loaded 2 more pay programs. will follow your next instructions.

so far that program has installed two other programs that want money to clear errors?

Farbar Recovery Scan in process

didn't think so.

Quick question, although I think I know the answer, does this infect any of the Apple products?

ok where do we start and do you want ot pick this up in the a.m. I have the next week off from work so i have time, have some appointments but we can work around them I think.

Well i have a few questions. First I do not do any banking or purchasing on this computer. What about all of my ms documents i.e. word, excell, pdfs? Then comes i do not even think I know or could find the original install cd's alot of the programs were already installed on the computer when i bought it. any thoughts?

RK Report RogueKiller V8.7.9 [Nov 25 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 12/01/2013 13:35:18 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [ZeroAccess][sERVICE] ???etadpug -- "C:\Program Files\Google\Desktop\Install\{e0d7cc16-5e05-1245-8340-5d9ba132bca1}\ \...\???ﯹ๛\{e0d7cc16-5e0

Attach log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/26/2007 6:29:25 AM System Uptime: 12/1/2013 9:03:02 AM (3 hours ago) . Motherboard: Gateway | | Processor: AMD Turion 64 X2 Mobile Technology TL-52 | Socket M2/S1G1 | 1600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 139 GiB total, 52.288 GiB free. D: is FIXED (NTFS) - 10 GiB

DDS log DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18928 Run by Owner at 12:35:01 on 2013-12-01 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1917.598 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-

security check results Results of screen317's Security Check version 0.99.77 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 8 Out of date! Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spy Sweeper Malwarebytes Anti-Malware version 1.75.0.1300 Java SE Runtime Environment 6 Java version out of Date! Adobe Reader 8 Adobe Reader out of Date! Google Chrome 31.0.16

Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.01.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18928 Owner :: GMB [administrator] Protection: Enabled 12/1/2013 10:57:29 AM MBAM-log-2013-12-01 (11-13-56).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 218342 Time elapsed: 13 minute(s), 47 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No ma