bloodlineblade

Hi Kevin, Thanks for all your help so far. The Sophos scan came up with zero detections.

Here you go Fixlog.txt

Ok, here are the logs Malware.zip

Hi Kevin, Because of the possibility of some personal information being included in the logs, I will PM you a ZIP of the logs you requested. Is this ok?

I turned on my laptop and immediately got two exploit blocks. Log 1: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/16/16 Protection Event Time: 10:30 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.4.1269 Components Version: 1.0.39 Update Package Version: 1.0.765 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Windows\system32\cmd.exe C:\Windows\system32\cmd.exe \c reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\State \v ImageState | find \i IMAGE_STATE_COMPLETE URL: (end) Log 2: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/16/16 Protection Event Time: 10:30 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.4.1269 Components Version: 1.0.39 Update Package Version: 1.0.765 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Windows\system32\cmd.exe C:\Windows\system32\cmd.exe \c reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\State \v ImageState | find \i IMAGE_STATE_COMPLETE URL: (end) Any insight is appreciated, thank you