[*] Double click MCShield-Setup to install the application.
[*] Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
[*] Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.
Start → All Programs → MCShield → Logs
Attach here → AllScans.txt
Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.
[*]Please double-click TFC.exe to run it. (Note: If you are running on Vista and above, right-click on the file and choose Run As Administrator).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
[]Download AdwCleaner (by Xplode) on your desktop.
[*]Launch it, click on [Search] and wait for the scan.
[]When the scan ends, notepad with the report will appears.
[*] Click on the [Delete] Wait for the programme completes his work. The program will close all active programs. Click OK to confirm that.
On the next two windows that open ( Informations and Restart required ) click OK
[*] The computer will restart and open a notepad ( C:\AdwCleaner[S1].txt ) with the report.
[*] Save the notepad report on the Desktop
[*] Please attach here C:\AdwCleaner[S1].txt
Note: The report will also be stored on C:\AdwCleaner[S1].txt
Re-run OTL and click on CleanUp! button.
You will be asked to reboot the machine to finish the cleanup process, choose Yes.
After the reboot all the tools we used should be gone. Note: Some more recently created tools may not yet be removed by OTL. Feel free to manually delete any tools it leaves behind.
I also recommendet to run some leght registry cleaner ( as CCleaner for example if you will ).
Pondus reply#1 The Avast scan revealed the virus to be in the D recovery partition. I can’t access this and I also don’t know how to upload this file to the website you requested.
Here is the adw Cleaner log:
AdwCleaner v2.105 - Logfile created 01/13/2013 at 18:27:32
Updated 08/01/2013 by Xplode
Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
User : Don dec15 - DON-PC
Boot Mode : Normal
Running from : C:\Users\Don dec15\Downloads\adwcleaner.exe
Pondus reply 1: Thanks for the quick response. I’ve tried twice to reply to your replies, working for over an hour each time and then having my responses disappear in the wind (obviously I’m very frustrated).
My ‘Avast free’ virsu scan showed the Win32\Malware-gen to be in the d drive ( my system restore files). I can’t access the colourcpl.exe file in this location, but I did a ‘Virus Total’ scan of this colorcpl.exe from C drive location and the result was: no virus. Can I safely assume that the file in the D drive is also virus free?
Response is that detection should not occur anymore. ;D
Detections is AV heuristics related. And as i wrote above, your system is clean, there is no malware, so just reset your system restore ( turn of and than turn on ) system restore tool will delete old restore points ( ald old created “image” files), and after that AV should no longer display any future warnings.
This problem has been solved. According to the response from Magna86 I presume I had a false positive detection. Thanks to Magna86, Pondus, and Polonus for your interest and help. Don.