Rootkit(s) detected!!! FRST log now attached.

[REDACTED]

Hello to you all,
I'm trying to work out if I do actually have a Rootkit on my computer, or if Avast is giving me a false/positive.

Since Avast Anti-virus (free) has shown up these results below, I have run a scan with the following, but non of them detected any Rootkits:-

(1) Malwarebytes (free)
(2) SuperAntiSpyware (free)
(3) McAfee RootkitRemover (free)
(4) I un-installing Avast A/V and ran built in Windows Defender

My Desktop pc is running O/S W10 with the Anniversary update.

My apologies if this is posted in the wrong section, Admin please feel free to move if required.


Threats




Warnings



Any advice or helpful information would be very much appreciated

[Pondus]

Follow instructions   https://forum.avast.com/index.php?topic=194892.0

[REDACTED]

Pondus,
Thank you for that link, I'll try that and get back to you,

[REDACTED]

Update,

Nothing showed up from the Malwarebytes scan as suggested, I did make sure the Rootkit scan option was turned on.



I have now attached the FRST log.

Avast anti-virus scan still shows Rootkit(s) found, plus many more warnings.

I'm thinking a fresh install of W10 may be the best option here, although it would be good to know what caused this.
Certain programs on my pc won't open now, for example, Photoshop and Secunia PSI.

I'd appreciate anyone having a look at the FRST log, but please don't waste too much of your time on it.

[REDACTED]

Any suggestions anyone?

Thanks in advance,

[dbrisendine]

From looking at the logs and what files/settings/tasks that are left over on the system, I would say that there has been some damage done by frequently installing / uninstalling / System Restore related to trying the different AVs.  From what I see, you have had

McAfee
COMODO
AVG
Avast
Malwarebytes
WinPatrol

of which the first three could have left traces that would interfere with later installed AV scanners (and possible changed the system settings to produce zero byte files and unreadable file attributes).  I can remove the errors / left over files with the malware fighting tools but my personal opinion (for what it is worth) is that the system will not be 100% even than.  Your best bet would be a fresh install of Windows (fresh as in a reformat of the drive and then installing).

If you are still worried about a rootkit being present (before redoing Windows that is) then you could also scan with TDSSkiller by Kaspersky Labs ( see here ).  I can provide help and directions on TDDSkiller if you need it.

I will leave the ball in your court (so to speak); let me know if you want to try the malware tools scripts to remove / repair or if you are going to do a fresh install.  Thanks.

[REDACTED]

Many thanks dbrisendine for taking a look at the logs. That was all I was after really, someone taking a look who knows more about these things than I do.

It seems we both agree on a fresh/clean install would be the best way forward.

Do I need to wipe the H/Drive as well as formatting it before reinstalling Windows10?

Taking note of your advice I will run a scan with TDSSkiller by Kaspersky Labs first, thanks for the link.
I will run TDSSkiller as described in this video link below, unless of course you recommend otherwise?
https://www.youtube.com/watch?v=lqS77A1TNPQ

Thank you once again.

[dbrisendine]

The video on TDSSkiller is fine; you should have no problem using the defaults on that utility.  Also, formatting should be fine unless TDSSkiller finds anything and then you may want to wipe and format before installing Win10.

Good luck and ask for help here if you need any.   

[REDACTED]

Thank you for your quick reply dbrisendine, I'll give it a go with TDSSkiller and let you know how I get on.

Thanks for the good luck, I might need it 

[REDACTED]

Update

I've now scanned the h/drive with TDSSkiller, it didn't find anything.
I also tried scanning with "Detect TDLFS file system" and "Verify file digital signatures"  added from the "Additional Option" panel, each scan came back with zero threats:-





Many thanks for trying to help dbrisendine