OTL and Extras.
Got 'em
Extras too?
Yup…
The log now looks good we appear to have cleared it all with FRST
The only area that may still have a residue is the desktop.ini within the dotnet assemblies. But if MSE does not detect it then it was probably not changed
How is the computer behaving now ?
fine, but I noticed that a new directory was created in C: with some numbers and letters, which goes back to the C: drive. It was created as a tool or file was being replaced I’m guessing.
Yes combofix creates a folder there for all its bits and bobs
If you are happy I will remove my tools and tidy up
I don’t think it’s a combofix folder. Hmm. I wonder if it’s the recovery partition or something that’s missing.
Windows also put updates in a similar folder for storage whilst updating
Could you take a quick screenshot of the contents ?
like if you go to C:\ and see the contents, instead of a folder icon it’s a PC icon, and clicking on that just goes back to C:\ with contents. According to FRST, there was a recovery partition.
it looks like a mirror of the C: drive, but in the location bar it has: Computer → OS (C:) → 32788R22FWJFW
Ah right - that is an anomoly with CF sometimes… A worse case is where it names it combofix ;D
OK lets tidy up now and see if any problems remain
Subject to no further problems 
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean 
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands [resethosts] [emptytemp] [Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
Remove ComboFix
[*]Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
[*]In the Run box, type in ComboFix /Uninstall (Notice the space between the “x” and “/”) then click OK
http://i1224.photobucket.com/albums/ee362/Essexboy3/Misc%20screen%20shots/CF_Uninstall-1.jpg
[]Follow the prompts on the screen
[]A message should appear confirming that ComboFix was uninstalled
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Go to control panel
[*]Select folder options (Appearance > Folder options in category view)
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.
http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.
Upgrading Java:
[] Go to this site and click Do I have Java
[] It will check your current version and then offer to update to the latest version
SPRING CLEAN
To manually create a new Restore Point
[*]Go to Control Panel and select System
[*]Select System
[*]On the left select System Protection and accept the warning if you get one
[*]Select System Protection Tab
[*]Select Create at the bottom
[*]Type in a name i.e. Clean
[*]Select Create
Now we can purge the infected ones
[*]GoStart > All programs > Accessories > system tools
[*]Right click Disc cleanup and select run as administrator
[*]Select Your main drive and accept the warning if you get one
[*]For a few moments the system will make some calculations
[*]Select the More Options tab
[*]In the System Restore and Shadow Backups select Clean up
[*]Select Delete on the pop up
[]Select OK
[]Select Delete
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe 
what program would remove a recovery partition?
at bootup, OTL wants to run, Run or cancel?
Allow it to run as it is completing emptying all temporary folders
Do you not want to keep the recovery partition ?
no, the recovery partition appears to be missing. :-\
Is it visible in disc management ?
As to date we have not been near the recovery partition. The recovery console would have installed itself to a 100MB seperate partition
Here is my disc management
yeah, it appears there. it’s quite possible that it never appeared in “Computer”, since I was moving between 2 computers that aren’t mine.
Any further anomolies ?
nope. fixed. thank you.
OK no problem, I would recommend that if you are doing repairs you burn the recovery consoles for Vista and 7 to CD’s and always have a spare USB to hand
Still it was an experience trying to work around it ;D