As I said, rootkit scans can produce false positives - Always ask for help in interpreting the logs before acting on them.
We'll run a couple of scans to be doubly sure, but everything looks okay.
We need to run an OTL Fix
- Double-click OTL.exe to start the program.
- Click select all in the code box below then Copy and Paste the code into the textbox.
- Code: Select all
:commands [EMPTYTEMP] [CREATERESTOREPOINT]
- Then click the Run Fix button at the top.
- Click .
- OTL may ask to reboot the machine. Please allow it to do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Malwarebytes' Anti-Malware (MBAM)
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup-version.number.exe and follow the prompts to install the program.
- At the end, Uncheck Enable the free trial Malwarebytes' Anti-Malware PRO
(You can activate this when we've finished, if you wish)
- Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Select the Settings tab, then the Scanner Settings tab
- For Action for Potentially Unwanted Programs (PUP), choose Show in results list and check for removal
- Select to the Scanner tab, select Perform Quick scan, then click on Scan
- When done, you will be prompted. Click OK. If Items are found, then click on Show Results
- Check all items then click on Remove Selected
- After it has removed the items, Notepad will open. Please post this log in your next reply.
The log can also be found here:
- C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
- Or via the Logs tab when the application is started.
Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
Download aswMBR and save it to your Desktop.
- Right click aswMBR.exe & choose "Run as Administrator" to run it.
- Click Yes to the prompt to download Avast! virus definitions.
(Please be patient whilst the virus definitions download)
- With the AVscan set to Quick Scan, click the Scan button.
(Please be patient whilst your computer is scanned.)
- When the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
- Click OK
- Two files will be created, aswMBR.txt & a file named MBR.dat
- Save MBR.dat to to a form of removable media. (CD, DVD, USB flash drive etc) - This is a backup of your MBR. Do not delete this file.
- NOTE: Do not click to fix anything at this stage!
- Click EXIT.
- Copy & Paste the contents of aswMBR.txt into your next reply.