Please read these steps thoroughly before proceeding.
download Malwarebytes Anti-Rootkit (MBAR) from here http://downloads.malwarebytes.org/file/mbar
and save it to your desktop.
•Be sure to print out and follow the instructions provided on that same page.
•Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.
•Doubleclick on the MBAR file you downloaded.
•Approve the UAC prompt in Vista and newer operating systems.
•Click OK on the next screen, to allow the package to extract the contents of the file to it's own folder, mbar.
•By default, this will be on your desktop, though you can choose another location if you wish. We advise using the default location for simplicity.
•mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open.
•After reading the Introduction, click 'Next' if you agree.
•On the Update Database screen, click on the 'Update' button.
•Once you see 'Success: Database was successfully updated' click on 'Next'.
•Click the 'Scan' button.
A.With some infections, you may see two messages boxes.
1.'Could not load protection driver'. Click 'OK'.
2.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
Please monitor the scan. If during the scan you see a message that says this:
"could not be remediated because backup file is not available"
Do NOT click Cleanup when it becomes available, but rather click Exit, and provide the same logs as requested below.
•If malware is found, click the 'Cleanup' button with the above mentioned exception.
Once the system restore point is created and the cleanup is scheduled, a 'Reboot required' message will appear.
Click 'Yes' and allow the computer to reboot.
Once back in Windows, run mbar.exe once again to ensure all previously detected items have been removed, and no additional threats found.
Please send all logs which were generated.