If you paid for it then leave it, as I said they used to be a rogue program but have apparently cleaned there act up, the problem they had was reporting lots of false positives
C:\Program Files\Doras Carnival Adventure\
bfgt_silent_en.exe
C:\Documents and Settings\Crista\My Documents\My Downloads\
use me hootie.mp3
These two files have infections and should be deleted
Move ComboFix to the desktop, then we'll do the next bit.
EDIT|||||||||||||||||||||||||||||||||||||||||||||||
Once you have moved ComboFix to the desktop, and only after you have done this you can move onto these instructions,
Disable your resident AV and disconnect from the internet,
COMBOFIX-Script
- Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
Code:
File::c:\program files\mcafee.com\vso\mcmnhdlr.exe
Folder::
c:\program files\mcafee.com
C:\Documents and Settings\All Users\Application Data\McAfee
C:\Documents and Settings\Administrator\Application Data\Viewpoint
- Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
- ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
- When finished, it shall produce a log for you. Attach the log in your next reply along with a fresh HijackThis log.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Please download
ATF cleaner
Make sure that
all browser windows are closed.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
- Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
- Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click
Exit on the Main menu to close the program.
Manually clear cache
- Open an Explorer folder window (for example, double-click My Computer).
- From the Explorer menu select Tools | Folder Options | View. Make sure that you have checked the box next to "Show hidden files and folders" and uncheck "Hide protected operating system files".
- Start Internet Explorer and click Tools | Internet Options | General tab | Settings | View Files.
- IE should have opened up a folder window, typically viewing a folder with the name of C:\Windows\Temporary Internet Files. Put your cursor in the Address area of the folder window and add the name \content.ie5 to the name, so in our example the Address bar would now read c:\Windows\Temporary Internet Files\content.ie5.
- You should see a series of four or more folders with random eight-character names like ADOZMZS1. Delete each of these randomly named folders. You may get an error that some files are in use, this is normal if you are currently at a web site since those files are in the cache. Hold down the Shift key when deleting the files so they do not go to the Recycle Bin.
- If desired, reset the folder options you changed in step 1.
We are so nearly done.
Also to help us understand the infection that you had if you have the time would you reply to this thread?
https://www.techspot.com/vb/topic102515.html
Thank you.