System Security Warning

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions. Since you already ran ComboFix (even though out of order) you can skip running it, but you need to do the rest of the instructions.

READ & RUN ME FIRST. Malware Removal Guide

 

You need to attach the Malwarebytes log too! Also try attach the C:\MGlogs.zip file again. If still having a problem, try a different browser. Spyware Doctor is not finding valid problems. Cookies are not problems and nircmd is a valid program used by many tools including ComboFix. Not sure what Trojan.Generic is supposed to be. That is insufficient info to go on. Is your copy of Spyware Doctor a paid version? Or the free version that does not fix anything? If free, uninstall it as it is a waste of resources.

 

Based on your logs it appears that the scanners have removed your malware problems.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


Are you still having malware problems?

 

I'm sorry, but none of the above are malware problems. You need to post these in the Software or Hardware Forums (whichever seems more appropriate).


If you are not having any other malware problems, it is time to do our final steps:

2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\cf" /u
     • Notes: The space between the cf" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\cf folder from combofix.
3. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
6. If you are running Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
7. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

Yes they are part of ComboFix and are legit. Spyware Doctor is incorrect.

Spyware Doctor may or may not have removed the files on the fly or ComboFix may have still remove them. I would not worry about it as it does not hurt if they are left behind and if they were left behind, a full scan by Spyware Doctor may again falsely say they are problems.

 

Many scanners have false positive issues. Sometimes it is a matter of how you interprete the results of the scans. Sometimes they are not telling you that a progam or a setting is malware. They may just be telling you that it is a potentially unwanted or undesirable program or setting and that you need to check if you are the one who installed the program or made the setting. This happpens due to the nature of what certain programs can be used for. For example programs like WinVNC can often be flagged as a potential problem but it is not malware. You just have to know whether a user knowingly installed the program and uses it or was it installed by someone else with malicious intent.

 

Yes sometimes the tools do decide automatically for you too and they are not always correct.


You're welcome. Surf Safely.