OTL logfile created on: 4/20/2012 11:08:09 AM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Seph\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.86 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 65.91% Memory free
5.73 Gb Paging File | 4.62 Gb Available in Paging File | 80.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.33 Gb Total Space | 265.56 Gb Free Space | 93.73% Space Free | Partition Type: NTFS
Drive G: | 7.45 Gb Total Space | 0.36 Gb Free Space | 4.86% Space Free | Partition Type: FAT32
Computer Name: SEPH-PC | User Name: Seph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/20 11:07:39 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Seph\Downloads\OTL.exe
PRC - [2012/04/12 03:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/06/28 16:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/12/17 00:16:20 | 000,040,960 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
PRC - [2009/12/17 00:16:18 | 005,013,504 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
PRC - [2009/12/17 00:16:08 | 004,406,784 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
========== Modules (No Company Name) ==========
MOD - [2012/04/19 18:26:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2012/04/19 18:26:30 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2012/04/19 18:25:48 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2012/04/19 18:25:28 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2012/04/19 18:01:42 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll
MOD - [2012/04/19 17:35:31 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012/04/19 17:35:20 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll
MOD - [2012/04/12 03:37:34 | 000,444,400 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 03:37:33 | 003,915,248 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 03:36:08 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 03:36:06 | 000,220,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 03:36:05 | 001,747,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/12 02:51:55 | 008,743,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2012/01/11 00:12:12 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/04/18 02:51:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/12/17 00:16:20 | 000,040,960 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 16:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/12/22 04:19:00 | 000,065,576 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/12/17 00:16:18 | 000,017,144 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmvwl32.sys -- (BcmVWL)
DRV - [2009/12/17 00:16:04 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2009/09/17 22:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Seph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Seph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Seph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C078D59-D25D-49A4-807B-6ABDE715D38F}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/22 14:08:16 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/19 21:22:16 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Media Player Classic
[2012/04/19 21:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/04/19 21:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012/04/19 18:03:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/04/19 18:02:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/04/19 17:58:19 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Malwarebytes
[2012/04/19 17:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/19 17:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/19 17:58:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/04/19 17:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/19 17:56:40 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Macromedia
[2012/04/19 17:56:39 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Adobe
[2012/04/19 17:29:09 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/04/18 06:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/04/18 03:55:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/04/18 03:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/18 03:53:40 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Local\Google
[2012/04/18 03:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/04/18 03:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/04/18 03:53:38 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/04/18 03:53:36 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/04/18 03:53:32 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/04/18 03:53:27 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/04/18 03:53:20 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/04/18 03:50:40 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2012/04/18 03:50:39 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/04/18 03:50:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2012/04/18 03:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2012/04/18 03:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012/04/18 03:35:37 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/04/18 03:35:35 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN
[2012/04/18 03:34:16 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\System32\drivers\npf.sys
[2012/04/18 03:34:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\vs08
[2012/04/18 03:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/04/18 03:31:24 | 000,000,000 | R--D | C] -- C:\Users\Seph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/18 03:31:24 | 000,000,000 | R--D | C] -- C:\Users\Seph\Searches
[2012/04/18 03:31:24 | 000,000,000 | R--D | C] -- C:\Users\Seph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/18 03:31:24 | 000,000,000 | -H-D | C] -- C:\Users\Seph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/04/18 03:31:06 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Identities
[2012/04/18 03:31:01 | 000,000,000 | R--D | C] -- C:\Users\Seph\Contacts
[2012/04/18 03:30:45 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Local\VirtualStore
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\AppData\Local\Temporary Internet Files
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Templates
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Start Menu
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\SendTo
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Recent
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\PrintHood
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\NetHood
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Documents\My Videos
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Documents\My Pictures
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Documents\My Music
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\My Documents
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Local Settings
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\AppData\Local\History
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Cookies
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\Application Data
[2012/04/18 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Seph\AppData\Local\Application Data
[2012/04/18 03:30:34 | 000,000,000 | --SD | C] -- C:\Users\Seph\AppData\Roaming\Microsoft
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Videos
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Saved Games
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Pictures
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Music
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Links
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Favorites
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Downloads
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Documents
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\Desktop
[2012/04/18 03:30:34 | 000,000,000 | R--D | C] -- C:\Users\Seph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/04/18 03:30:34 | 000,000,000 | -H-D | C] -- C:\Users\Seph\AppData
[2012/04/18 03:30:34 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Local\Temp
[2012/04/18 03:30:34 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Local\Microsoft
[2012/04/18 03:30:34 | 000,000,000 | ---D | C] -- C:\Users\Seph\AppData\Roaming\Media Center Programs
[2012/04/18 03:01:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/04/18 02:56:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/04/18 02:51:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/04/18 01:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/04/11 21:21:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/03/26 19:46:00 | 000,000,000 | ---D | C] -- C:\codec-info
========== Files - Modified Within 30 Days ==========
[2012/04/20 11:04:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/20 11:02:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/20 02:02:57 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/19 21:38:08 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/19 21:38:08 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/19 21:37:40 | 000,389,830 | ---- | M] () -- C:\Users\Seph\Desktop\Untitled.png
[2012/04/19 18:52:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/19 18:52:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/19 18:45:43 | 000,266,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/04/19 18:45:12 | 2306,228,224 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/19 17:58:10 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/18 03:55:20 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/18 03:55:20 | 000,002,191 | ---- | M] () -- C:\Users\Seph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/18 03:53:39 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/18 03:53:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/04/18 03:35:12 | 000,919,754 | ---- | M] () -- C:\Windows\System32\oem1.inf
[2012/04/18 03:14:57 | 000,001,419 | ---- | M] () -- C:\Users\Seph\Desktop\Internet Explorer.lnk
[2012/04/18 03:11:01 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/04/18 03:05:54 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/04/18 03:03:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/18 01:24:42 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2012/04/04 18:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012/04/19 21:37:40 | 000,389,830 | ---- | C] () -- C:\Users\Seph\Desktop\Untitled.png
[2012/04/19 21:04:18 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/04/19 17:58:10 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/19 17:33:43 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/04/19 17:33:10 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/04/19 17:28:05 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/04/19 17:27:45 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/04/19 17:27:07 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/04/18 03:55:20 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/18 03:55:20 | 000,002,191 | ---- | C] () -- C:\Users\Seph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/18 03:53:54 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/18 03:53:50 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/18 03:53:39 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/18 03:35:24 | 000,919,754 | ---- | C] () -- C:\Windows\System32\oem1.inf
[2012/04/18 03:34:16 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012/04/18 03:34:12 | 000,000,457 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2012/04/18 03:31:27 | 000,001,419 | ---- | C] () -- C:\Users\Seph\Desktop\Internet Explorer.lnk
[2012/04/18 03:30:34 | 000,000,290 | ---- | C] () -- C:\Users\Seph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/04/18 03:30:34 | 000,000,272 | ---- | C] () -- C:\Users\Seph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/04/18 03:11:01 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/04/18 03:05:33 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/04/18 03:05:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/04/18 03:03:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/18 01:24:42 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2012/01/11 01:17:08 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2012/01/11 01:17:04 | 000,105,608 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2012/01/11 01:17:02 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2012/01/11 00:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2012/01/11 00:14:34 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/01/11 00:12:34 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/01/11 00:12:12 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
========== LOP Check ==========
[2009/07/14 00:53:46 | 000,002,878 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
MBR:Alureon-K [Rtk} [Solved]
Started by
CPXtoday
, Apr 20 2012 09:18 AM
-
This topic is locked
#1
Posted 20 April 2012 - 09:18 AM
CPXtoday
-
- Member
-
- 4 posts
New Member
#2
Posted 20 April 2012 - 11:20 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi there lets see what area Avast is finding
Download aswMBR.exe ( 4.1mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Download aswMBR.exe ( 4.1mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
#3
Posted 20 April 2012 - 11:40 AM
CPXtoday
- Topic Starter
-
- Member
-
- 4 posts
New Member
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-20 13:34:48
-----------------------------
13:34:48.163 OS Version: Windows 6.1.7601 Service Pack 1
13:34:48.163 Number of processors: 2 586 0x2505
13:34:48.178 ComputerName: SEPH-PC UserName: Seph
13:34:51.528 Initialize success
13:34:52.667 AVAST engine defs: 12042000
13:34:55.225 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:34:55.225 Disk 0 Vendor: WDC_WD3200BPVT-75ZEST0 01.01A01 Size: 305245MB BusType: 11
13:34:55.257 Disk 0 MBR read successfully
13:34:55.257 Disk 0 MBR scan
13:34:55.272 Disk 0 Windows 7 default MBR code
13:34:55.272 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
13:34:55.319 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 208845
13:34:55.350 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290142 MB offset 30928845
13:34:55.381 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 0 MB offset 625140400
13:34:55.397 Disk 0 Partition 4 **INFECTED** MBR:Alureon-K [Rtk]
13:34:55.413 Disk 0 scanning sectors +625142432
13:34:56.239 Disk 0 scanning C:\Windows\system32\drivers
13:35:28.383 Service scanning
13:35:49.014 Modules scanning
13:35:55.114 Disk 0 trace - called modules:
13:35:55.129 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
13:35:55.145 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ced648]
13:35:55.145 3 CLASSPNP.SYS[8ab8d59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85beb030]
13:35:56.315 AVAST engine scan C:\Windows
13:35:58.733 AVAST engine scan C:\Windows\system32
13:37:55.827 AVAST engine scan C:\Windows\system32\drivers
13:38:09.211 AVAST engine scan C:\Users\Seph
13:38:26.528 AVAST engine scan C:\ProgramData
13:38:31.941 Scan finished successfully
13:40:04.106 Disk 0 MBR has been saved successfully to "C:\Users\Seph\Downloads\MBR.dat"
13:40:04.121 The log file has been saved successfully to "C:\Users\Seph\Downloads\aswMBR.txt"
Run date: 2012-04-20 13:34:48
-----------------------------
13:34:48.163 OS Version: Windows 6.1.7601 Service Pack 1
13:34:48.163 Number of processors: 2 586 0x2505
13:34:48.178 ComputerName: SEPH-PC UserName: Seph
13:34:51.528 Initialize success
13:34:52.667 AVAST engine defs: 12042000
13:34:55.225 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:34:55.225 Disk 0 Vendor: WDC_WD3200BPVT-75ZEST0 01.01A01 Size: 305245MB BusType: 11
13:34:55.257 Disk 0 MBR read successfully
13:34:55.257 Disk 0 MBR scan
13:34:55.272 Disk 0 Windows 7 default MBR code
13:34:55.272 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
13:34:55.319 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 208845
13:34:55.350 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290142 MB offset 30928845
13:34:55.381 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 0 MB offset 625140400
13:34:55.397 Disk 0 Partition 4 **INFECTED** MBR:Alureon-K [Rtk]
13:34:55.413 Disk 0 scanning sectors +625142432
13:34:56.239 Disk 0 scanning C:\Windows\system32\drivers
13:35:28.383 Service scanning
13:35:49.014 Modules scanning
13:35:55.114 Disk 0 trace - called modules:
13:35:55.129 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
13:35:55.145 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ced648]
13:35:55.145 3 CLASSPNP.SYS[8ab8d59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85beb030]
13:35:56.315 AVAST engine scan C:\Windows
13:35:58.733 AVAST engine scan C:\Windows\system32
13:37:55.827 AVAST engine scan C:\Windows\system32\drivers
13:38:09.211 AVAST engine scan C:\Users\Seph
13:38:26.528 AVAST engine scan C:\ProgramData
13:38:31.941 Scan finished successfully
13:40:04.106 Disk 0 MBR has been saved successfully to "C:\Users\Seph\Downloads\MBR.dat"
13:40:04.121 The log file has been saved successfully to "C:\Users\Seph\Downloads\aswMBR.txt"
#4
Posted 20 April 2012 - 12:25 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Could you do the following
Go Start > Run and type in the following command :
diskmgmt.msc
This will open the disc management console
Locate the partition that is about 1 MB
(If you are not sure which one it is then take a screenshot of the disc managemnt console and post it here)
Right click the partition and select delete
Then re-run aswMBR and post the new log
Go Start > Run and type in the following command :
diskmgmt.msc
This will open the disc management console
Locate the partition that is about 1 MB
(If you are not sure which one it is then take a screenshot of the disc managemnt console and post it here)
Right click the partition and select delete
Then re-run aswMBR and post the new log
#5
Posted 20 April 2012 - 01:47 PM
CPXtoday
- Topic Starter
-
- Member
-
- 4 posts
New Member
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-20 15:38:50
-----------------------------
15:38:50.028 OS Version: Windows 6.1.7601 Service Pack 1
15:38:50.028 Number of processors: 2 586 0x2505
15:38:50.028 ComputerName: SEPH-PC UserName: Seph
15:38:51.167 Initialize success
15:38:51.230 AVAST engine defs: 12042000
15:38:55.644 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:38:55.660 Disk 0 Vendor: WDC_WD3200BPVT-75ZEST0 01.01A01 Size: 305245MB BusType: 11
15:38:55.707 Disk 0 MBR read successfully
15:38:55.707 Disk 0 MBR scan
15:38:55.707 Disk 0 Windows 7 default MBR code
15:38:55.707 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
15:38:55.738 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 208845
15:38:55.754 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290142 MB offset 30928845
15:38:55.769 Disk 0 scanning sectors +625140400
15:38:55.816 Disk 0 scanning C:\Windows\system32\drivers
15:39:07.500 Service scanning
15:39:22.164 Modules scanning
15:39:31.712 Disk 0 trace - called modules:
15:39:31.727 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
15:39:31.743 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ced648]
15:39:31.743 3 CLASSPNP.SYS[8ab8d59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85beb030]
15:39:32.960 AVAST engine scan C:\Windows
15:39:37.546 AVAST engine scan C:\Windows\system32
15:41:55.388 AVAST engine scan C:\Windows\system32\drivers
15:42:09.272 AVAST engine scan C:\Users\Seph
15:42:33.078 AVAST engine scan C:\ProgramData
15:42:39.723 Scan finished successfully
15:47:10.586 Disk 0 MBR has been saved successfully to "C:\Users\Seph\Downloads\MBR.dat"
15:47:10.586 The log file has been saved successfully to "C:\Users\Seph\Downloads\aswMBR2.txt"
Run date: 2012-04-20 15:38:50
-----------------------------
15:38:50.028 OS Version: Windows 6.1.7601 Service Pack 1
15:38:50.028 Number of processors: 2 586 0x2505
15:38:50.028 ComputerName: SEPH-PC UserName: Seph
15:38:51.167 Initialize success
15:38:51.230 AVAST engine defs: 12042000
15:38:55.644 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:38:55.660 Disk 0 Vendor: WDC_WD3200BPVT-75ZEST0 01.01A01 Size: 305245MB BusType: 11
15:38:55.707 Disk 0 MBR read successfully
15:38:55.707 Disk 0 MBR scan
15:38:55.707 Disk 0 Windows 7 default MBR code
15:38:55.707 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
15:38:55.738 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 208845
15:38:55.754 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290142 MB offset 30928845
15:38:55.769 Disk 0 scanning sectors +625140400
15:38:55.816 Disk 0 scanning C:\Windows\system32\drivers
15:39:07.500 Service scanning
15:39:22.164 Modules scanning
15:39:31.712 Disk 0 trace - called modules:
15:39:31.727 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
15:39:31.743 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ced648]
15:39:31.743 3 CLASSPNP.SYS[8ab8d59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85beb030]
15:39:32.960 AVAST engine scan C:\Windows
15:39:37.546 AVAST engine scan C:\Windows\system32
15:41:55.388 AVAST engine scan C:\Windows\system32\drivers
15:42:09.272 AVAST engine scan C:\Users\Seph
15:42:33.078 AVAST engine scan C:\ProgramData
15:42:39.723 Scan finished successfully
15:47:10.586 Disk 0 MBR has been saved successfully to "C:\Users\Seph\Downloads\MBR.dat"
15:47:10.586 The log file has been saved successfully to "C:\Users\Seph\Downloads\aswMBR2.txt"
#6
Posted 20 April 2012 - 02:33 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
The Avast alerts should have ceased now, are you experiencing any other problems ?
#7
Posted 20 April 2012 - 08:14 PM
CPXtoday
- Topic Starter
-
- Member
-
- 4 posts
New Member
Nope, no other problems. Thank you for the help. Really appreciate it.
#8
Posted 21 April 2012 - 04:54 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Subject to no further problems 
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
SPRING CLEAN
To manually create a new Restore Point
Now we can purge the infected ones
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands
[resethosts]
[emptytemp]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
SPRING CLEAN
To manually create a new Restore Point
- Go to Control Panel and select System
- Select System
- On the left select System Protection and accept the warning if you get one
- Select System Protection Tab
- Select Create at the bottom
- Type in a name i.e. Clean
- Select Create
Now we can purge the infected ones
- GoStart > All programs > Accessories > system tools
- Right click Disc cleanup and select run as administrator
- Select Your main drive and accept the warning if you get one
- For a few moments the system will make some calculations
- Select the More Options tab
- In the System Restore and Shadow Backups select Clean up
- Select Delete on the pop up
- Select OK
- Select Delete
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
#9
Posted 24 April 2012 - 02:05 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
