I have a thinkpad which had malware that I am assuming was cleaned.
The PC has Avast Internet Security, and SuperAntispyware (both paid) running when windows starts.
It also has MalwareBytes Antimalware (paid) running daily scans but not real time.
All of these are now clean.
I have not run another root kit detector, altho MBAM's was enabled.
I downloaded from this site AdwCleaner and it found and cleaned things.
I downloaded from this site Junkware Removal Tool (JRT) and it did not find anything but crashed in the middle.
It just stopped, no error message, no log, no .txt file. The final message in the cmd window was "Checking registry" which had been there for 2-5 minutes. Watching in process explorer, it was forking reg.exe and GREP.DAT processes repeatedly. And a pair of those was the last thing it forked.
I suspect this PC has damage from malware.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
This meant that, eg, the %AppData% environment variable had no value and programs were creating %AppData% folders in their current working directories all over the file system.
I fixed that, and things improved.
But there might still be other damage.
But the only symptom now is JRT cashing.
Thanks for your attention!
EDIT: Oh yeah, one more thing:
The username contains the '&' (ampersand) character, say, "alice&bob". So in cmd echo %userprofile% eg results in two commands, delimited by the ampersand, and the error "bob is not recognized as a internal or external command..."
Edited by MM_john, 13 October 2015 - 01:45 AM.