Hi,
OTL looks clean. This shall just clean some junk from your computer…
Re-run OTL.exe.
[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:OTL
@Alternate Data Stream - 206 bytes -> C:\ProgramData\TEMP:A3E39C6A
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:CF75D88F
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:813B8EB6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:57DC3B52
:FILES
C:\Program Files\*.tmp
:COMMANDS
[EMPTYTEMP]
[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
If the log doesn’t appear, it can be found here:
c:_OTL\MovedFiles\mmddyyyy_hhmmss.log
===================================
Next …
We need to check system on kernel space as well …
Please download GMER, the RootKit Detector tool from the link below and save it to your Desktop:
Gmer download link
Note: file will be random named
Double-clicking to run GMER.
[*]Wait for initial scan to finish - if there is any query, click No;
[*]Click [ Scan ] button and wait until the full scan is complete;
[*]Click [ Save … ]- save the report to the Desktop (named ARK );
[*]Then click the >>> button and select Autostart card;
[*]Click [ Scan ] button;
[*] After quick scan, click Copy button;
[*]Open notepad and Paste text. Save report to the Desktop (named autostart )
Attach here both Gmer logreports. (ARK.txt and autostart.txt)