Apologies that this may be a post that gets oft repeated, from my searches based on the issues I was facing I couldn't find any discussion more recent that 2013(or that I hadn't unsuccessfully tried the suggestions for)
After making some poor choices in trying out some free amateur RPGs found online I suspect that I've picked up a rootkit-type virus on my machine(an HP laptop running Windows 10).
The first indications were weird, momentary changes to the system tray and open/close windows occuring; no evidence of adware though and I haven't been able to check whether there is malicious network activity(wireshark shows no interfaces?).
Subsequently Malwarebytes and Avast kept capturing the same problems on a somewhat regular basis(consistently a PUP in prefs.js in some subfolder within the mozilla folder and occasionally a couple other PUPs). An Avast scan(rootkit, iirc) turned up Win10.exe as a possible problem(Win64:evo-gen) and allegedly dealt with the issue, though that doesn't seem to be the case.
Due to this I ran a MalwareBytes antirootkit scan and a couple Windows Defender offline scans. The MB scan reported no issues in the log, WDoffline also reported no issues, but for some reason the logs are not available within the WD settings/history. Meanwhile the Mozilla PUP continues to appear on new scans. I also tried running GMER scans twice, though both resulted in BSOD, the first time with error code: "DRIVER_IRQL_NOT_LESS_OR_EQUAL", the second I stepped away when the restart occured but suspect the same.
I'm currently running an Avast start-up scan once again to see if the same issue pops up. Any help you can provide is greatly appreciated as this has me quite vexxed(I'm no pro, but can usually troubleshoot this type of stuff pretty easily).
Honestly, the effort required to de-rootkit seems far greater than simply doing a clean install. Overall this isn't too much of a burden as the computer is essentially new and doesn't have much on it that isn't backed up elsewhere(the drive itself in total is not backed up elsewhere), but there are a few important work files I need that have been modified since the trouble started. As an alternative to fixing the rootkit is there a secure way to salvage my important files so that I can return them to a clean installation?
Any assistance is much appreciated!
Edited by Al1000, 21 January 2018 - 11:00 AM.
moved from Win 10 Support