Doubleclick makes UAC ask if the program is to run, but it does not remove the uninstall.exe.
If you received a UAC prompt asking if you would like to continue running the program, and pressed the Continue button, then it should have uninstalled and you should have seen a dialog box stating that "ComboFix has been uninstalled
". After that, you can remove the uninstall.exe program from your computer (Desktop) by right-clicking on it and choosing delete.
If it did not uninstall properly, do this:
by OldTimer and save to your Desktop.
-- Any leftover folders/files related to ComboFix which OTC did not remove can be deleted manually (right-click on it and choose delete).
- Double click on the OTC icon on your desktop.
Vista/Windows 7 users right-click and select Run As Administrator.
If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
- Click on the green CleanUp! button.
- Click Yes when prompted to Begin cleanup process.
- When it has finished, OTC will ask you to restart the computer.
Also worryingly AVG produces a trojan warning
You can ignore that. Combofix is not malware. However, certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as a "Risk Tool
", "Hacking Tool
", "Potentially Unwanted Program
", or even "Malware
" (virus/trojan) when that is not the case
. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed
, what behavior it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.
Such programs have legitimate uses in contexts where a Malware Removal Expert asked you to use the tool or when an authorized user/administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malware or a bad program.
It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis
engine which provides the ability to detect possible new variants of malware
. Anti-virus scanners cannot distinguish
between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove
them. In these cases the detection is a "false positive