STEP 1
Run OTS
- Under the Paste Fix Here box on the right, paste in the following
[Files/Folders - Modified Within 30 Days] NY -> win32k.sys -> C:\Windows\win32k.sys [Custom Items] :clearrestorepoints :end [Empty Temp Folders] [Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- This will create a log in C:\_OTS\MovedFiles\<date>_<time>.txt where date and time are those of when the fix was run. Open it from there if it does not appear automatically on reboot. Please copy and paste the contents of that file here.
STEP 2
Note: I give you the instructions for downloading MalwareBytes and running it below, but if you already have it installed there is no need to reinstall it. Just update it by clicking on the update tab and then on the button. After updating, you can start at step 3.
Please download Malwarebytes' Anti-Malware from Here.
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan. Scan all of your harddrives.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
STEP 3
Run OTS again and click on the Quick Scan button at the top. Copy and Paste the results of this scan in your next reply.